1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved Security Warning

Discussion in 'Virus & Other Malware Removal' started by DRGW, Sep 27, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. DRGW

    DRGW Thread Starter

    Joined:
    Apr 3, 2005
    Messages:
    279
    Hi

    I hope somebody many be able to assist?

    I've recently upgraded to Windows 10 and have been using Microsoft Edge with no issues.

    Recently the browser has turned blue and I have a message pop up stating, "This site says... WAIT! Your personal photos, Facebook and other personal information and passwords can be at risk. This require immediate action. Contact Tech Support Immediately. 020-3514-0756).

    If I click OK then the message goes but comes straight back. I can't even close Microsoft Edge without switching off my laptop.

    As a result of this I now use a different browser but would like to rectify this on Microsoft Edge.

    Has anybody else experienced this and what can I do to rectify it?

    Thanks

    Dave
     
  2. Curie

    Curie Malware Specialist

    Joined:
    Jun 18, 2015
    Messages:
    481
    Hello DRGW.

    Welcome to Tech Support Guy. I am Marie Curie and will gladly help you with any malware-related problems.

    I am currently in training at WhatTheTech and every post of mine will be approved by a teacher. This leads to some delay in the response time. I will return as soon as possible with instructions. Please familiarize yourself with the following ground rules in the meanwhile.
    • Read my instructions thoroughly, carry out each step in the given order.
    • Do not make any changes to your system, or run any tools other than those I provided. Do not delete, fix, uninstall, or install anything unless I tell you to.
    • If you are unsure about anything or if you encounter any problems, please stop and inform me about it.
    • Stick with me until I tell you that your computer is clean. Absence of symptoms does not mean that your computer is free of malware.
    • Back up important files before we start.
     
  3. Curie

    Curie Malware Specialist

    Joined:
    Jun 18, 2015
    Messages:
    481
    Please run the following diagnostic scans so I can ascertain the state of your computer.

    STEP 1
    [​IMG] Farbar Recovery Scan Tool (FRST) Scan


    • Please download Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
    • Double-Click FRST64.exe to run the programme.
    • Click Yes to the disclaimer.
    • Ensure the Addition.txt box is checked.
    • Click the Scan button and let the programme run.
    • Upon completion, click OK, then OK on the Addition.txt pop up screen.
    • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

    STEP 2

    [​IMG] aswMBR
    • Please download aswMBR and save the file to your Desktop.
    • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
    • Right-Click aswMBR.exe and select Run as administrator to run the programme.
    • Click Yes when prompted to download avast! virus definitions. Wait until AVAST engine defs: ### appears.
    • If you are prompted to enable the use of "Virtualization Technology", click Yes.
    • Click the AV Scan: drop down box and click C:\.
    • Click Scan.
    • Upon completion, you will see Scan finished successfully. Click Save log. Save the log to your Desktop.
    • Re-enable your anti-virus software.
    • Attach the log in your next reply.
    Note: Do NOT click Fix or FixMBR.
    Note: A file (MBR.dat) will be created on your Desktop. Do NOT click or delete it.

    ======================================================

    STEP 3
    [​IMG] Logs
    In your next reply please include the following logs.
    • FRST.txt
    • Addition.txt
    • aswMBR log
     
  4. DRGW

    DRGW Thread Starter

    Joined:
    Apr 3, 2005
    Messages:
    279
    I've downloaded Farbar Recovery Scan Tool (x64). However it will not allow me to save it to the Desktop. I receive a message stating, "You'll need to provide administrator permission to copy to this folder." If I click continue the same message comes up. :-(
     
  5. Curie

    Curie Malware Specialist

    Joined:
    Jun 18, 2015
    Messages:
    481
    Hi DRGW.

    You can run Farbar Recover Scan Tool from the Downloads folder instead (or wherever you saved it to after the download).
     
  6. DRGW

    DRGW Thread Starter

    Joined:
    Apr 3, 2005
    Messages:
    279
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
    Ran by Dave (administrator) on SAMSUNG_SERIES7 (30-09-2015 21:04:37)
    Running from C:\Users\Dave\Downloads
    Loaded Profiles: UpdatusUser & Dave (Available Profiles: UpdatusUser & Dave & DefaultAppPool)
    Platform: Windows 10 Home (X64) Language: English (United Kingdom)
    Internet Explorer Version 11 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgfws.exe
    (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
    (Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
    (Softland) C:\Program Files (x86)\Softland\FBackup 5\bService.exe
    (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    (Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
    (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    (Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Intel Corporation) C:\Windows\System32\igfxEM.exe
    (Intel Corporation) C:\Windows\System32\igfxHK.exe
    (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
    (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
    (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
    (Softland) C:\Program Files (x86)\Softland\FBackup 5\bTray.exe
    () C:\Program Files (x86)\EZ-RC\ez-rc-tray.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
    (Coupons.com Inc.) C:\Program Files (x86)\Coupon Printer\CouponPrinterService.exe
    (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
    (APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
    (SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
    () C:\Users\Dave\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
    (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngentask.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Farbar) C:\Users\Dave\Downloads\FRST64 (1).exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242712 2015-09-27] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040296 2015-09-22] (Realtek Semiconductor)
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
    HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-01-17] (Copyright 2013 SAMSUNG)
    HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-15] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-06-26] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
    HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
    HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
    HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3775912 2015-08-24] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-09-15] (Apple Inc.)
    HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-07-25] (Samsung Electronics Co., Ltd.)
    HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1843088 2015-08-26] (APN)
    HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
    HKLM-x32\...\Run: [MalwareProtectionLive] => C:\Users\Dave\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe [847392 2015-09-09] ()
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\...\Run: [EPSON SX510W Series (Copy 2)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\windows\TEMP\E_SBDF8.tmp" /EF "HKCU"
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\...\Run: [EPSON SX510W Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\windows\TEMP\E_S9520.tmp" /EF "HKCU"
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\...\Run: [EPSON819BE7] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\WINDOWS\TEMP\E_S1DEB.tmp" /EF "HKCU"
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1562264 2014-07-25] (Samsung)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-07-25] (Samsung)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Run: [EPSON SX510W Series (Copy 2)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFIE.EXE /FU "C:\windows\TEMP\E_SBDF8.tmp" /EF "HKCU"
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Run: [GoogleChromeAutoLaunch_C62251D359A8F5B5CC8EADB510991ABB] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-24] (Google Inc.)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403192 2015-09-11] (Garmin Ltd. or its subsidiaries)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2015-03-18] (Microsoft Corporation)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Run: [FBackup 5 Tray Agent] => C:\Program Files (x86)\Softland\FBackup 5\bTray.exe [7971352 2015-08-04] (Softland)
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\WLXPGSS.SCR [321472 2012-07-27] (Microsoft Corporation)
    HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403192 2015-09-11] (Garmin Ltd. or its subsidiaries)
    AppInit_DLLs: C:\windows\system32\nvinitx.dll => No File
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
    ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\EZ-RC System Tray.lnk [2013-09-29]
    ShortcutTarget: EZ-RC System Tray.lnk -> C:\Program Files (x86)\EZ-RC\ez-rc-tray.exe ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{5095c0c6-7164-49ca-a837-e8437d6ac45c}: [DhcpNameServer] 192.168.0.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung13.msn.com
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.search.yahoo.com/?type=926458&fr=spigot-yhp-ie
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://samsung13.msn.com
    SearchScopes: HKU\S-1-5-21-2955845399-2853126549-2735461571-1001 -> DefaultScope {AE39F5A1-045C-495F-8DE4-DBEED660BBCB} URL = hxxps://uk.search.yahoo.com/search?fr=nectar-tb-v3&type=61465&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2955845399-2853126549-2735461571-1001 -> {ACBC8424-45E2-4360-99BF-0F671AEC3B25} URL =
    SearchScopes: HKU\S-1-5-21-2955845399-2853126549-2735461571-1001 -> {AE39F5A1-045C-495F-8DE4-DBEED660BBCB} URL = hxxps://uk.search.yahoo.com/search?fr=nectar-tb-v3&type=61465&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2955845399-2853126549-2735461571-1002 -> {33514BC1-2455-4E3C-BDFF-8D46E1DB916B} URL = hxxps://uk.search.yahoo.com/search?fr=nectar-tb-v3&type=61465&p={searchTerms}
    SearchScopes: HKU\S-1-5-21-2955845399-2853126549-2735461571-1002 -> {ACBC8424-45E2-4360-99BF-0F671AEC3B25} URL =
    SearchScopes: HKU\S-1-5-21-2955845399-2853126549-2735461571-1002 -> {E55D1196-28EE-44FD-AB45-DC7AF09FF89B} URL = hxxps://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=926458&p={searchTerms}
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)

    FireFox:
    ========
    FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
    FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
    FF Plugin-x32: @Intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-26] (Adobe Systems Inc.)
    FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll [No File]

    Chrome:
    =======
    CHR HomePage: Default -> hxxps://uk.search.yahoo.com/?type=926458&fr=yo-yhp-ch
    CHR StartupUrls: Default -> "hxxps://www.facebook.com/","hxxps://twitter.com/","hxxp://forums.moneysavingexpert.com/forumdisplay.php?f=72","hxxps://navigator-lxa.mail.com/navigator/show?sid=1737e71ebed4e94da920a70e96435f643af03597e3be79c56dcb9a60b408e5e234e72d1073ee827b6ab835cee9088dbb&tz=1#home","hxxps://navigator-bs.gmx.co.uk/navigator/show?sid=515676e6468a3607beffe9b559eaf76dec5ce3d7e9e814f216c7945e23d628b6020cdaac6a69593ca7284dc72e94a6e8&tz=1#home","hxxp://100percentelvis.weebly.com/"
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll ()
    CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\ppGoogleNaClPluginChrome.dll => No File
    CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\pdf.dll => No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => No File
    CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
    CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
    CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    CHR Profile: C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Drive) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-31]
    CHR Extension: (YouTube) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-31]
    CHR Extension: (Add to Amazon Wish List) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-05-31]
    CHR Extension: (Google Search) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-31]
    CHR Extension: (Quidco Cashback Reminder) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\elfdpdgmnodokhbiabbcjabmhpdajcog [2015-09-25]
    CHR Extension: (Full Screen Weather) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2013-05-31]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
    CHR Extension: (Google Maps) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2013-05-31]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
    CHR Extension: (Nectar Toolbar) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\oapigpcefgclegodepglkbhimbpakdpf [2014-07-15]
    CHR Extension: (Sky+) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookngkjbobceimcicokadhjonlejhobj [2013-05-31]
    CHR Extension: (Gmail) - C:\Users\Dave\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-31]
    CHR HKLM\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx [2015-08-31]
    CHR HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kljghhlcggnhofdcnlkelobcehdbnfnd] - <no Path/update_url>
    CHR HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [aaaajpkhjdkhhnkmgfjodbkfpbmibkkk] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7\CRX\ToolbarCR.crx [2015-08-31]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
    R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [201616 2015-08-26] (APN LLC.)
    R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
    R2 avgfws; C:\Program Files (x86)\AVG\AVG2015\avgfws.exe [1560592 2015-08-24] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3637160 2015-08-24] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-08-24] (AVG Technologies CZ, s.r.o.)
    R2 CouponPrinterService; C:\Program Files (x86)\Coupon Printer\CouponPrinterService.exe [1414128 2015-05-18] (Coupons.com Inc.)
    R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593664 2015-06-19] (Samsung Electronics CO., LTD.)
    R2 ETDService; C:\Program Files\Elantech\ETDService.exe [131288 2015-09-27] (ELAN Microelectronics Corp.)
    R2 FBackup5Srv; C:\Program Files (x86)\Softland\FBackup 5\bService.exe [4678680 2015-08-04] (Softland)
    R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-05-06] (Freemake) [File not signed]
    S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [762272 2015-09-11] (Garmin Ltd. or its subsidiaries)
    R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328624 2015-08-02] (Intel Corporation)
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
    R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
    R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
    R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-01-17] (Copyright 2013 SAMSUNG)
    R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3025248 2015-07-07] (Samsung Electronics CO., LTD.)
    S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-02] (Microsoft Corporation)
    R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-02] (Microsoft Corporation)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
    R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [77760 2015-07-09] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313264 2015-08-19] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [297904 2015-08-19] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [250800 2015-08-04] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
    R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [304560 2015-08-04] (AVG Technologies CZ, s.r.o.)
    R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-10] (Microsoft Corporation)
    R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
    R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
    R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [32328 2015-09-27] (ELAN Microelectronic Corp.)
    R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
    R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
    R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
    R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek )
    S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2013-01-28] (Windows (R) 2003 DDK 3790 provider)
    R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [214016 2015-07-10] (Microsoft Corporation)
    S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
    R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows (R) Win 7 DDK provider)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
    R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
    R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
    R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows (R) Win 7 DDK provider)
    S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-30 21:04 - 2015-09-30 21:05 - 00030002 _____ C:\Users\Dave\Downloads\FRST.txt
    2015-09-30 21:04 - 2015-09-30 21:04 - 00000000 ____D C:\FRST
    2015-09-30 21:03 - 2015-09-30 21:04 - 02192384 _____ (Farbar) C:\Users\Dave\Downloads\FRST64 (1).exe
    2015-09-30 20:50 - 2015-09-30 20:50 - 00016148 _____ C:\WINDOWS\system32\SAMSUNG_SERIES7_Dave_HistoryPrediction.bin
    2015-09-28 22:44 - 2015-09-28 22:45 - 02192384 _____ (Farbar) C:\Users\Dave\Downloads\FRST64.exe
    2015-09-27 16:48 - 2015-09-27 16:49 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
    2015-09-27 16:48 - 2015-09-27 16:48 - 01731808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
    2015-09-27 16:48 - 2015-09-27 16:48 - 00062680 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller15005.dll
    2015-09-27 16:48 - 2015-09-27 16:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETD_01009.Wdf
    2015-09-22 16:16 - 2015-09-22 16:16 - 72130584 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
    2015-09-22 16:16 - 2015-09-22 16:16 - 07181616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 07106408 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 03310776 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 03269440 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 02937064 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 02869360 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
    2015-09-22 16:16 - 2015-09-22 16:16 - 02721512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
    2015-09-22 16:16 - 2015-09-22 16:16 - 02649032 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 02060400 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 01991784 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 01804936 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 01767144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 01613720 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 01532392 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 01351176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00982248 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00759208 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00744056 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00724752 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00694032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00693032 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00661384 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00633872 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00589640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00547344 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00518984 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00461968 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00458016 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00453848 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00399464 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00357016 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00342280 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00340648 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00334808 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00333288 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00285440 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00266488 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00266416 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00263944 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00242768 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00232712 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00225504 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00221648 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00187280 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00177992 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00163472 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00145704 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00132544 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00130032 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00122240 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00100544 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00099496 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00097912 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00095688 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
    2015-09-22 16:16 - 2015-09-22 16:16 - 00094664 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
    2015-09-21 17:41 - 2015-09-21 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
    2015-09-21 17:41 - 2015-09-21 17:41 - 00000000 ____D C:\Program Files\iTunes
    2015-09-21 17:41 - 2015-09-21 17:41 - 00000000 ____D C:\Program Files\iPod
    2015-09-21 17:41 - 2015-09-21 17:41 - 00000000 ____D C:\Program Files (x86)\iTunes
    2015-09-21 17:38 - 2015-09-21 17:38 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
    2015-09-21 17:38 - 2015-09-21 17:38 - 00000000 ____D C:\Program Files\Bonjour
    2015-09-21 17:38 - 2015-09-21 17:38 - 00000000 ____D C:\Program Files (x86)\Bonjour
    2015-09-21 17:38 - 2015-09-21 17:38 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
    2015-09-15 20:02 - 2015-09-21 12:23 - 00000000 ____D C:\Users\Dave\AppData\Local\Windows Live
    2015-09-15 19:32 - 2015-09-24 18:19 - 00000000 ____D C:\Users\Dave\AppData\Local\MalwareProtectionLive
    2015-09-15 19:32 - 2015-09-15 19:32 - 00001345 _____ C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk
    2015-09-15 17:10 - 2015-09-15 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
    2015-09-09 21:09 - 2015-09-02 02:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2015-09-09 21:09 - 2015-09-02 01:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2015-09-09 21:09 - 2015-09-02 01:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2015-09-09 21:09 - 2015-08-27 07:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2015-09-09 21:09 - 2015-08-27 07:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2015-09-09 21:09 - 2015-08-27 07:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2015-09-09 21:09 - 2015-08-27 06:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2015-09-09 21:09 - 2015-08-27 06:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2015-09-09 21:09 - 2015-08-27 06:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2015-09-09 21:09 - 2015-08-27 06:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2015-09-09 21:09 - 2015-08-27 06:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
    2015-09-09 21:09 - 2015-08-27 06:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2015-09-09 21:09 - 2015-08-27 06:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
    2015-09-09 21:09 - 2015-08-27 06:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2015-09-09 21:09 - 2015-08-27 06:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
    2015-09-09 21:09 - 2015-08-27 06:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2015-09-09 21:09 - 2015-08-27 06:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
    2015-09-09 21:09 - 2015-08-27 06:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
    2015-09-09 21:09 - 2015-08-27 06:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
    2015-09-09 21:09 - 2015-08-27 06:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
    2015-09-09 21:09 - 2015-08-27 06:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2015-09-09 21:09 - 2015-08-27 06:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2015-09-09 21:09 - 2015-08-27 06:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2015-09-09 21:09 - 2015-08-27 06:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2015-09-09 21:09 - 2015-08-27 06:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
    2015-09-09 21:09 - 2015-08-27 06:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2015-09-09 21:09 - 2015-08-27 06:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
    2015-09-09 21:09 - 2015-08-27 06:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2015-09-09 21:09 - 2015-08-27 06:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
    2015-09-09 21:09 - 2015-08-27 06:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
    2015-09-09 21:09 - 2015-08-27 06:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2015-09-09 21:09 - 2015-08-27 06:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-09-30 20:55 - 2013-05-31 18:07 - 00000000 ____D C:\ProgramData\MFAData
    2015-09-30 20:34 - 2015-07-10 13:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
    2015-09-30 20:34 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
    2015-09-30 20:24 - 2013-05-31 18:58 - 00000938 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2015-09-30 20:11 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\sru
    2015-09-30 20:07 - 2012-12-01 18:10 - 00000360 _____ C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job
    2015-09-30 18:54 - 2013-06-01 10:38 - 00000000 ____D C:\Users\Dave\Documents\Excel
    2015-09-30 18:49 - 2015-08-02 16:31 - 01006002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2015-09-30 18:16 - 2014-01-18 17:30 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D3A4574D-FC2C-4E57-99C9-7E33B1143D5F}
    2015-09-30 18:16 - 2012-12-01 18:06 - 00000000 ____D C:\ProgramData\WinClon
    2015-09-30 18:12 - 2013-06-03 16:59 - 00000000 ___RD C:\Users\Dave\Google Drive
    2015-09-30 18:12 - 2013-06-01 09:01 - 00000000 ____D C:\Users\Dave\Documents\Outlook Files
    2015-09-30 18:12 - 2013-05-31 18:58 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2015-09-30 18:09 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2015-09-29 21:42 - 2015-07-10 10:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
    2015-09-28 22:56 - 2015-08-02 16:24 - 00062624 _____ C:\WINDOWS\PFRO.log
    2015-09-28 20:46 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2015-09-28 20:42 - 2015-08-02 16:28 - 00000000 ____D C:\Program Files\Elantech
    2015-09-27 18:24 - 2013-06-01 10:38 - 00000000 ____D C:\Users\Dave\Documents\Ipod Photo
    2015-09-27 16:48 - 2015-07-10 13:20 - 00028961 _____ C:\WINDOWS\setupact.log
    2015-09-27 16:48 - 2015-06-17 03:17 - 00483400 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
    2015-09-27 16:48 - 2014-01-09 16:30 - 00032328 _____ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
    2015-09-22 16:19 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
    2015-09-22 16:19 - 2013-11-16 20:49 - 00003194 _____ C:\WINDOWS\System32\Tasks\RTKCPL
    2015-09-22 16:18 - 2015-08-02 16:28 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
    2015-09-22 16:16 - 2015-06-24 22:59 - 03001320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
    2015-09-22 16:16 - 2015-06-24 22:57 - 04519144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
    2015-09-22 16:16 - 2015-06-24 22:57 - 00032392 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
    2015-09-21 17:41 - 2014-02-05 12:31 - 00000000 ____D C:\Program Files\Common Files\Apple
    2015-09-21 17:38 - 2014-02-05 12:31 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    2015-09-21 12:27 - 2013-05-31 17:46 - 00000000 ____D C:\Users\Dave\AppData\Local\Packages
    2015-09-21 12:19 - 2013-05-31 18:58 - 00003996 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-09-21 12:19 - 2013-05-31 18:58 - 00003764 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-09-15 20:03 - 2015-08-02 17:11 - 00002380 _____ C:\Users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
    2015-09-15 20:03 - 2015-08-02 17:05 - 00000000 ___RD C:\Users\Dave\OneDrive
    2015-09-15 17:12 - 2015-07-10 12:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2015-09-15 17:12 - 2015-07-10 12:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
    2015-09-15 17:10 - 2014-09-28 12:13 - 00003624 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
    2015-09-15 17:10 - 2013-06-24 14:55 - 00000000 ____D C:\Program Files (x86)\Garmin
    2015-09-15 17:10 - 2013-06-05 18:47 - 00000000 ____D C:\ProgramData\Package Cache
    2015-09-13 08:32 - 2015-07-10 13:20 - 00349568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2015-09-13 00:02 - 2015-07-10 17:29 - 00000000 ____D C:\Program Files\Windows Journal
    2015-09-13 00:02 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
    2015-09-12 17:12 - 2013-05-31 22:26 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-09-12 17:09 - 2013-09-11 18:41 - 00000000 ____D C:\WINDOWS\system32\MRT
    2015-09-12 16:41 - 2013-06-01 10:45 - 00000000 ____D C:\Users\Dave\Documents\Word
    2015-09-07 18:31 - 2015-08-02 17:17 - 00000000 ____D C:\Windows.old

    ==================== Files in the root of some directories =======

    2013-05-31 17:47 - 2014-06-14 15:37 - 0063486 _____ () C:\Users\Dave\AppData\Roaming\AbsoluteReminder.xml
    2013-06-05 19:50 - 2013-06-05 19:51 - 0021503 _____ () C:\Users\Dave\AppData\Local\WiDiSetupLog.20130605.195022.txt
    2015-08-02 16:29 - 2015-08-02 16:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    2012-12-01 17:58 - 2012-08-06 09:23 - 0000031 _____ () C:\ProgramData\ECReset_Partition.bat
    2012-12-01 17:58 - 2012-08-06 10:34 - 1782152 _____ (Samsung Electronics) C:\ProgramData\ExpressCacheRun.exe
    2013-05-31 22:22 - 2013-02-21 16:59 - 2063240 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
    2013-05-31 22:22 - 2013-01-12 23:51 - 0003004 _____ () C:\ProgramData\MakeMarkerFile.xml
    2014-06-08 13:27 - 2014-06-08 13:27 - 0000101 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

    Files to move or delete:
    ====================
    C:\ProgramData\ECReset_Partition.bat
    C:\ProgramData\ExpressCacheRun.exe
    C:\ProgramData\MakeMarkerFile.exe
    C:\Users\EasySurvey\EasySurvey.exe


    Some files in TEMP:
    ====================
    C:\Users\Dave\AppData\Local\Temp\yni7oasz.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\WINDOWS\system32\winlogon.exe => File is digitally signed
    C:\WINDOWS\system32\wininit.exe => File is digitally signed
    C:\WINDOWS\explorer.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
    C:\WINDOWS\system32\svchost.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
    C:\WINDOWS\system32\services.exe => File is digitally signed
    C:\WINDOWS\system32\User32.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
    C:\WINDOWS\system32\userinit.exe => File is digitally signed
    C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
    C:\WINDOWS\system32\rpcss.dll => File is digitally signed
    C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
    C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
    C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-09-27 15:09

    ==================== End of FRST.txt ============================
     
  7. DRGW

    DRGW Thread Starter

    Joined:
    Apr 3, 2005
    Messages:
    279
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-09-2015
    Ran by Dave (2015-09-30 21:05:49)
    Running from C:\Users\Dave\Downloads
    Windows 10 Home (X64) (2015-08-02 16:05:07)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2955845399-2853126549-2735461571-500 - Administrator - Disabled)
    Dave (S-1-5-21-2955845399-2853126549-2735461571-1002 - Administrator - Enabled) => C:\Users\Dave
    DefaultAccount (S-1-5-21-2955845399-2853126549-2735461571-503 - Limited - Disabled)
    Guest (S-1-5-21-2955845399-2853126549-2735461571-501 - Limited - Disabled)
    UpdatusUser (S-1-5-21-2955845399-2853126549-2735461571-1001 - Limited - Enabled) => C:\Users\UpdatusUser

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AV: AVG Internet Security 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG Internet Security 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
    FW: AVG Internet Security 2015 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Absolute Reminder (HKLM-x32\...\{40F4FF7A-B214-4453-B973-080B09CED019}) (Version: 2.1.0.8 - Absolute Software)
    Adobe Reader X (10.1.15) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
    AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
    AllSharePlayLink (HKLM-x32\...\{CE1836A8-3F2B-49BD-8395-93DD414068D2}) (Version: 1.0.0 - Samsung Electronics Co., Ltd.)
    ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Apple Application Support (32-bit) (HKLM-x32\...\{3540ADD5-822B-47FB-B1C2-CD7B2C8E9FEC}) (Version: 4.0.2 - Apple Inc.)
    Apple Application Support (64-bit) (HKLM\...\{C9C0FE2C-602E-49D7-8C42-5B9E8FF04798}) (Version: 4.0.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
    Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-006A-76A7-A758B70C2201}) (Version: 12.34.1.271 - APN, LLC) <==== ATTENTION
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6140 - AVG Technologies)
    AVG 2015 (Version: 15.0.4419 - AVG Technologies) Hidden
    AVG 2015 (Version: 15.0.6140 - AVG Technologies) Hidden
    Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
    Coupon Printer (HKLM-x32\...\Coupon Printer2.2.1.6) (Version: 2.2.1.6 - Coupons.com Inc.)
    CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
    CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Elevated Installer (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
    E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
    Epson Event Manager (HKLM-x32\...\{116DBCAF-9544-4592-9156-AC99F6C2D426}) (Version: 3.10.0016 - Seiko Epson Corporation)
    EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
    EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
    EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
    ETDWare X64 15.7.0.1_WHQL (HKLM\...\Elantech) (Version: 15.7.0.1 - ELAN Microelectronic Corp.)
    ExpressCache (HKLM\...\{3EA6AB5D-D434-4ACA-9609-48F1319518EF}) (Version: 1.0.94 - Condusiv Technologies)
    EZ-RC (HKLM-x32\...\EZ-RC) (Version: 1.0.0.308 - Universal Electronics)
    FBackup 5 (x32 Version: 5.4.813 - Softland) Hidden
    FBackup 5.4 (HKLM-x32\...\{7097595f-f82b-4c76-849e-f074cf90aba4}) (Version: 5.4.813.0 - Softland)
    Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
    Freemake Video Converter version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
    Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
    Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
    Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (HKLM-x32\...\{44d9dfc0-3a4a-4439-870f-f97550a9bc8d}) (Version: 4.1.8.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (x32 Version: 4.1.8.0 - Garmin Ltd or its subsidiaries) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
    Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
    Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
    Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4242 - Intel Corporation)
    Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
    Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
    Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
    Intel(R) WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{ae509f68-6982-4506-befc-f2218d72cd5e}) (Version: 15.8.0 - Intel Corporation)
    iTunes (HKLM\...\{88509E20-3936-4D88-A1C0-B274C7BB5151}) (Version: 12.3.0.44 - Apple Inc.)
    Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
    KaraFun Player (HKLM-x32\...\KaraFun Player_is1) (Version: 1.20.86.771 - Recisio)
    Malware Protection Live (HKLM-x32\...\MalwareProtectionLive) (Version: - )
    Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
    Nectar Search Toolbar (HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\...\Nectar Search Toolbar) (Version: - )
    Nectar Search Toolbar (HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\Nectar Search Toolbar) (Version: - )
    NVIDIA Graphics Driver 306.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.41 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
    Online Support(S Service) (HKLM-x32\...\{C8996970-A56E-4659-B01B-CCB7097C4E59}) (Version: 1.1 - Samsung Electronics CO., LTD.)
    Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
    Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
    Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.20 - Samsung Electronics CO., LTD.)
    Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)
    Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Link 1.8.0.1401171024 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1401171024 - Copyright 2013 SAMSUNG)
    Samsung Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
    Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
    Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Update (HKLM-x32\...\{00ABE05F-DB49-4421-AA35-833DD9A9A94D}) (Version: 2.2.12 - Samsung Electronics CO., LTD.)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
    Software Updater (HKLM-x32\...\{7B3A525D-9D3D-4618-AE52-A31DE98C8AC3}) (Version: 4.1.4 - SEIKO EPSON CORPORATION)
    User Guide (HKLM-x32\...\{B1C9F5CF-2EE4-414A-906B-37896B032E8F}) (Version: 1.3.00 - Samsung Electronics CO., LTD.)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 6.18 - NCH Software)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
    Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-2955845399-2853126549-2735461571-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

    ==================== Restore Points =========================

    27-09-2015 16:47:47 Windows Update

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0C45C16D-12F5-433F-BF76-41FC30585C76} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2015-04-10] (SEC)
    Task: {0F847D29-AAB8-47C2-A242-7E34F3396368} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
    Task: {25FEC747-3861-467B-8768-14A3EB0635E5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
    Task: {272514AB-DDD9-4462-A9EA-CC3257378491} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
    Task: {27EFDD95-6487-45F5-91CD-C2CF264CE42D} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe
    Task: {38956658-1179-4B23-B875-1207829303AA} - System32\Tasks\Softland\FBackup 5\fba_Google Chrome => C:\Program Files (x86)\Softland\FBackup 5\bSchedStarter.EXE [2015-08-04] (Softland)
    Task: {41EFAF23-1CCB-4EC2-8EC3-EA09C5BA960F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
    Task: {4D26AB61-CE8F-427D-A6A1-63D2B6EBB6E4} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
    Task: {6994E56C-9DA4-43F8-86A1-68ED23124F62} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
    Task: {789D5464-BA8C-4BCE-8553-B3C836447B24} - System32\Tasks\Softland\FBackup 5\fba_Dave's Documents => C:\Program Files (x86)\Softland\FBackup 5\bSchedStarter.EXE [2015-08-04] (Softland)
    Task: {797BE566-BD9D-4E12-AE7F-829F8C978F72} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
    Task: {7FBABBA1-6FDA-41E1-AAB3-B1D8E482C7FE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
    Task: {88179927-6BA1-4738-B429-0C20EF3F566E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
    Task: {8859F9CD-ECA4-44C8-884A-8A3BD07BFD52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {8C270561-7FE6-46E9-B0DA-F577CE0D363D} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-09-22] (Realtek Semiconductor)
    Task: {93E388B4-3B94-4A83-A0DB-FADA08E7AAE6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
    Task: {94C19EBB-16C7-4FB6-B6F7-0A207DFB027A} - System32\Tasks\Softland\FBackup 5\fba_iTunes => C:\Program Files (x86)\Softland\FBackup 5\bSchedStarter.EXE [2015-08-04] (Softland)
    Task: {970847A7-300A-4714-9099-B113FA0D09F8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
    Task: {AF6CA85A-9E8B-494D-B664-55C003978BF4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
    Task: {B5707F1A-1A69-4448-96C6-8353D50A0593} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
    Task: {C61E3A0A-DF3B-4142-BA07-21E4306EA48D} - System32\Tasks\Softland\FBackup 5\FBackup 5 Tray Agent_Dave => C:\Program Files (x86)\Softland\FBackup 5\bTray.exe [2015-08-04] (Softland)
    Task: {CAA633E1-E3AE-4FDC-B4AB-8414ADDD5F11} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
    Task: {CF32C6B0-715B-4759-B39C-E86BDC18F97E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
    Task: {D51470AB-EBDD-441A-A890-74E7C2D653BE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
    Task: {D7CB3FC4-D4F4-4945-BF10-E37A44511EA5} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
    Task: {D834A714-26CB-4B12-BC11-65916863C6CD} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-09-11] ()
    Task: {F7C96C72-F76A-42B2-981B-F2C0AF3466C9} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-07-02] (Samsung Electronics CO., LTD.)
    Task: {F845F863-148F-4E9E-B0D6-CB9EF491235F} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2015-06-19] (Samsung Electronics CO., LTD.)
    Task: {F9DFC478-EDB5-4D0D-971C-998B682A0745} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2015-08-02 17:16 - 2015-08-02 17:16 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
    2015-08-19 08:45 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
    2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
    2015-09-15 14:25 - 2015-09-15 14:25 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
    2014-02-15 18:39 - 2014-01-17 11:24 - 00013824 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
    2015-08-02 16:47 - 2015-08-02 16:47 - 00515584 _____ () C:\Windows\Temp\sqlite-3.7.2-sqlitejdbc.dll
    2014-02-15 18:39 - 2014-01-17 11:24 - 01394176 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
    2014-02-15 18:39 - 2014-01-17 11:24 - 01435648 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
    2013-12-21 12:25 - 2013-12-21 12:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
    2013-12-21 12:26 - 2013-12-21 12:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
    2013-12-21 12:27 - 2013-12-21 12:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
    2013-10-22 10:52 - 2013-10-22 10:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
    2013-10-22 10:52 - 2013-10-22 10:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
    2013-12-21 12:27 - 2013-12-21 12:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
    2013-07-23 20:19 - 2013-07-23 20:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
    2013-07-23 20:19 - 2013-07-23 20:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
    2013-07-23 20:19 - 2013-07-23 20:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
    2013-07-23 20:19 - 2013-07-23 20:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
    2015-08-30 08:54 - 2015-08-18 08:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2015-08-30 08:54 - 2015-08-18 08:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2015-08-15 16:35 - 2015-08-03 02:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
    2015-07-10 12:00 - 2015-07-10 17:28 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2015-08-02 17:16 - 2015-08-02 17:16 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
    2015-07-10 11:59 - 2015-07-10 11:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
    2015-08-15 16:35 - 2015-08-03 02:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2015-08-15 16:35 - 2015-08-03 02:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
    2015-08-19 08:45 - 2015-08-11 09:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2015-08-15 16:35 - 2015-08-03 02:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-07-10 12:00 - 2015-07-10 17:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
    2014-02-15 18:39 - 2014-01-17 11:24 - 00048640 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
    2010-08-31 23:19 - 2010-08-31 23:19 - 00131440 _____ () C:\Program Files (x86)\EZ-RC\ez-rc-tray.exe
    2015-09-09 20:15 - 2015-09-09 20:15 - 00847392 _____ () C:\Users\Dave\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe
    2015-08-04 10:29 - 2015-08-04 10:29 - 00435200 ____R () C:\Program Files (x86)\Softland\FBackup 5\bResourceStrings.bpl
    2013-12-11 17:46 - 2013-12-11 17:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
    2013-07-23 20:18 - 2013-07-23 20:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
    2013-07-23 20:18 - 2013-07-23 20:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
    2013-07-23 20:18 - 2013-07-23 20:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
    2013-07-23 20:18 - 2013-07-23 20:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
    2013-10-22 10:48 - 2013-10-22 10:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
    2013-10-24 17:53 - 2013-10-24 17:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
    2013-12-11 17:46 - 2013-12-11 17:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
    2013-10-24 17:53 - 2013-10-24 17:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
    2013-04-19 17:38 - 2013-04-19 17:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
    2013-12-11 17:46 - 2013-12-11 17:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
    2013-10-25 20:49 - 2013-10-25 20:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
    2013-12-11 17:45 - 2013-12-11 17:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
    2013-10-25 20:53 - 2013-10-25 20:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
    2013-10-25 20:53 - 2013-10-25 20:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
    2013-12-11 17:45 - 2013-12-11 17:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
    2013-10-25 20:53 - 2013-10-25 20:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
    2013-10-25 20:48 - 2013-10-25 20:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
    2013-02-14 20:42 - 2013-02-14 20:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 01272128 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00111936 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsAPI.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00111936 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
    2015-06-19 14:55 - 2015-06-19 14:55 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
    2015-09-30 18:11 - 2015-09-30 18:11 - 00098816 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32api.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00110080 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\pywintypes27.dll
    2015-09-30 18:11 - 2015-09-30 18:11 - 00364544 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\pythoncom27.dll
    2015-09-30 18:11 - 2015-09-30 18:11 - 00045568 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\_socket.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 01161216 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\_ssl.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00320512 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32com.shell.shell.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00713216 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\_hashlib.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 01176576 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\wx._core_.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00806400 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\wx._gdi_.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00816128 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\wx._windows_.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 01067008 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\wx._controls_.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00733184 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\wx._misc_.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00682496 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\pysqlite2._sqlite.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00087552 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\_ctypes.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00119808 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32file.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00108544 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32security.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00007168 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\hashobjs_ext.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00068096 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\usb_ext.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00167936 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32gui.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00018432 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32event.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00128512 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\_elementtree.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00127488 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\pyexpat.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00013824 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\common.time34.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00036864 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\_psutil_windows.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00038912 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32inet.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00011264 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32crypt.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00077312 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\wx._html2.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00027136 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\_multiprocessing.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00020480 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\_yappi.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00035840 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32process.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00686080 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\unicodedata.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00123392 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\wx._wizard.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00024064 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32pipe.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00010240 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\select.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00025600 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32pdh.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00525640 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\windows._lib_cacheinvalidation.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00017408 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32profile.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00022528 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\win32ts.pyd
    2015-09-30 18:11 - 2015-09-30 18:11 - 00078848 _____ () C:\Users\Dave\AppData\Local\Temp\_MEI79522\wx._animate.pyd
    2012-12-01 18:10 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
    2012-06-08 03:34 - 2012-06-08 03:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
    2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
    2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
    2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2015-09-28 21:25 - 2015-09-24 03:34 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libglesv2.dll
    2015-09-28 21:25 - 2015-09-24 03:34 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\libegl.dll
    2013-11-16 20:23 - 2013-09-16 13:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
    2015-09-28 21:25 - 2015-09-24 03:34 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.101\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)

    AlternateDataStreams: C:\a5876b3a830989e726b906cde1bd:Win32App
    AlternateDataStreams: C:\Program Files\Garmin GPS Plugin:Win32App
    AlternateDataStreams: C:\Program Files\Intel:Win32App
    AlternateDataStreams: C:\Program Files\Microsoft Silverlight:Win32App
    AlternateDataStreams: C:\Program Files (x86)\AskPartnerNetwork:Win32App
    AlternateDataStreams: C:\Program Files (x86)\Epson Software:Win32App
    AlternateDataStreams: C:\Program Files (x86)\Freemake:Win32App
    AlternateDataStreams: C:\Program Files (x86)\Garmin:Win32App
    AlternateDataStreams: C:\Program Files (x86)\Garmin GPS Plugin:Win32App
    AlternateDataStreams: C:\Program Files (x86)\KaraFun Player:Win32App
    AlternateDataStreams: C:\Program Files (x86)\Microsoft Office:Win32App
    AlternateDataStreams: C:\Program Files (x86)\Microsoft SQL Server Compact Edition:Win32App
    AlternateDataStreams: C:\Program Files (x86)\Microsoft Visual Studio 8:Win32App
    AlternateDataStreams: C:\Program Files (x86)\MSBuild:Win32App
    AlternateDataStreams: C:\Program Files (x86)\Windows Live:Win32App
    AlternateDataStreams: C:\Program Files\Common Files\microsoft shared:Win32App
    AlternateDataStreams: C:\ProgramData\AVG2015:Win32App
    AlternateDataStreams: C:\ProgramData\Temp:0CFF5F08
    AlternateDataStreams: C:\ProgramData\Xerox PhotoCafe:Win32App
    AlternateDataStreams: C:\Users\Dave\SkyDrive:ms-properties

    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\FBackup5Srv => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\FBackup5Srv => ""="Service"

    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2955845399-2853126549-2735461571-1001\Control Panel\Desktop\\Wallpaper ->
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Dave\downloads\img_2661.jpg
    DNS Servers: 192.168.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C62251D359A8F5B5CC8EADB510991ABB"
    HKU\S-1-5-21-2955845399-2853126549-2735461571-1002\...\StartupApproved\Run: => "OneDrive"

    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{AE54B90A-1407-4A22-BE29-B494BFD2E168}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{D30A55E7-012B-493D-9C72-37F0A75C0E6A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{4EA3213D-B4DD-4C0D-A79D-EAB85B45BE09}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{D5465656-89A8-48B5-BA4E-8044F6581D4F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{C5EAFE33-208C-430C-8BA7-FA83244637D0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{D2E79784-E4E6-4D2C-A533-96482A2B16D1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{E7429FA0-D04C-44FD-A867-9C21408E9B72}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{30970677-0E4A-4F14-A465-82C4E3A130BB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
    FirewallRules: [{AEA541FB-7DF2-4260-BA5B-62A6597EA37F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
    FirewallRules: [{42EF950A-943E-46DA-8CF2-F4D2603731E5}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
    FirewallRules: [{165CD15E-4F60-4D9B-8A1B-DDD66AE61215}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
    FirewallRules: [{F0A5743D-C4BC-4930-8D01-5750243241BD}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
    FirewallRules: [{C870E80C-D28C-46AC-A41D-886F2457B963}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    FirewallRules: [{F19122F1-AC4D-456E-A027-0DAFB37DC7D1}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    FirewallRules: [{F68BF3E4-7CD6-4BA1-A533-1DE4259C0648}] => (Allow) LPort=1900
    FirewallRules: [{C589272E-0896-49CA-A3FC-3D11873DFE7B}] => (Allow) LPort=7900
    FirewallRules: [{B423F1BE-A937-4313-B0E1-2255ED920EE6}] => (Allow) LPort=24234
    FirewallRules: [{DBA68E6B-F2AA-441F-BC7F-6607D905903E}] => (Allow) LPort=7679
    FirewallRules: [{C70FC007-EFE0-4658-A9C2-16297BA925EE}] => (Allow) LPort=7676
    FirewallRules: [{C54BFAE0-5D50-40FB-AA94-CA6C67647B0E}] => (Allow) LPort=8643
    FirewallRules: [{6E553540-7DA8-4289-9B7E-3155C681CB36}] => (Allow) LPort=8743
    FirewallRules: [{6433C140-B959-46FB-85D0-371498FA1F71}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
    FirewallRules: [{1E81402A-F221-4C0F-8983-A3D662D3E8DE}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
    FirewallRules: [{58EAE539-063C-4872-9C31-1AF671998B75}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
    FirewallRules: [{FFA6018E-4404-422A-BBA9-4EC1E5A829A3}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
    FirewallRules: [{217273A9-4528-4DFF-8F55-B15D23DF7128}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    FirewallRules: [{778B0501-585B-4804-A645-40567AE0B7D0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
    FirewallRules: [{97A9875A-97C6-4217-83D6-65283449C82C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{9A897439-4D74-4987-871B-D3C70607935B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{D09DC6B1-2A53-4CC6-9366-794831249F2C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{2A226D87-68DB-4C53-9935-4C07BB2A6707}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{B6FEB753-BA62-4CE9-A414-4F6FC7F4A8F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{DF06213A-BD21-4128-B122-992A9DAE1AAE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
    FirewallRules: [{3FC0C84D-23D5-4F2B-9711-25443F18B67B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
    FirewallRules: [{870DB923-A8D5-4F17-A313-9C04B8B88BB4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
    FirewallRules: [{EA82D8F5-D12D-4736-B389-FD1CE2C47194}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{5730FA6E-1AA5-4890-81C2-2C4A224EDDBB}] => (Allow) LPort=2869
    FirewallRules: [{F00EF49E-8C22-47D9-861A-2818C03B8375}] => (Allow) LPort=1900
    FirewallRules: [{ECE4B8EB-FB28-487C-AABC-8360C945C1C1}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
    FirewallRules: [{E008D922-6B9E-4461-ADB1-B44E14307506}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
    FirewallRules: [{CE81E0E1-F0C9-4CE0-8369-C783BE6B12C2}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{5E7FE6DD-D7C1-449F-B138-04A876A005E6}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
    FirewallRules: [{32797C51-0515-4CC8-92B3-67B46EE28349}] => (Allow) C:\Windows\twain_32\escndv\escndv.exe
    FirewallRules: [{D04AEE13-4A7B-4318-9A47-95155563E545}] => (Allow) C:\Windows\twain_32\escndv\escndv.exe
    FirewallRules: [{9151DBC7-0B0F-41CA-804B-8906BA723797}] => (Allow) C:\Windows\twain_32\escndv\escndv.exe
    FirewallRules: [{31CA0BCD-E7E3-40B5-980F-B14B118B272C}] => (Allow) C:\Windows\twain_32\escndv\escndv.exe
    FirewallRules: [{A0EE7CDB-9F60-4882-9D7E-FBFF0037057D}] => (Allow) C:\Windows\twain_32\escndv\escfg.exe
    FirewallRules: [{26E512C9-A16E-447A-B179-AD4BF30CBC52}] => (Allow) C:\Windows\twain_32\escndv\escfg.exe
    FirewallRules: [{630BAB95-3B20-4F1A-9167-BAD3733EE8A0}] => (Allow) C:\Windows\twain_32\escndv\escfg.exe
    FirewallRules: [{9577029B-349B-401E-B1E6-4053C652CD13}] => (Allow) C:\Windows\twain_32\escndv\escfg.exe
    FirewallRules: [TCP Query User{69980824-C531-40F7-96B9-14450F7DC82F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{D246B64E-5353-478E-8990-55D99A2B2CA9}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [TCP Query User{C67B6C70-3B5F-4E9A-B592-25582BCFD302}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [UDP Query User{C427DF0B-5BFC-46D4-A6A7-C20B0485589C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
    FirewallRules: [{16D3AF66-1030-4661-A736-447779AF2E19}] => (Allow) C:\Program Files (x86)\Softland\FBackup 5\FBackup.exe
    FirewallRules: [{FC07D895-4A56-401D-8D6C-B9D822149F37}] => (Allow) C:\Program Files (x86)\Softland\FBackup 5\bBackup.exe
    FirewallRules: [{C93A4AB9-E7E9-4F12-9924-7483A76512E9}] => (Allow) C:\Program Files (x86)\Softland\FBackup 5\bTest.exe
    FirewallRules: [{6BE7A218-C1DE-4019-BFE9-33DC1EF9EE67}] => (Allow) C:\Program Files (x86)\Softland\FBackup 5\bRestore.exe
    FirewallRules: [{AA32D644-9E90-4EA3-B3E3-203160C55505}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{D9873B84-708E-4320-ABDF-9A8680992611}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    FirewallRules: [{D97D93E2-1846-4F7B-94F4-A78B7C2D295F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{8B2A9942-C46B-48A0-A555-B0D4EDA2C1E7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
    FirewallRules: [{F0C8286E-1F68-4425-84AB-B244592202D3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{DD4601AB-D890-4205-A5C6-00A53A3484C8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    FirewallRules: [{CF86CD27-231E-4D6D-A140-D6EFC863B551}] => (Allow) C:\Users\Dave\AppData\Local\Temp\nswA158.tmp\Installer-10354816.exe
    FirewallRules: [{6D887535-07EA-4A24-AEFE-AD5D74A0D247}] => (Allow) C:\Users\Dave\AppData\Local\Temp\nswA158.tmp\Installer-10354816.exe
    FirewallRules: [{E478E156-193F-45EA-A849-C67A320EA473}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{D032FD2E-9A56-4407-B719-01449DC9DB84}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{B325C9EE-1BCB-4E8D-B68F-077753FE8087}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{67B84102-C731-4B38-9192-4C1832BD76F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{2B497C1A-5FD1-4E6B-8714-4196533243A4}] => (Allow) C:\Program Files\iTunes\iTunes.exe
    FirewallRules: [{F691B8C9-E005-49F7-9EEB-3A360F54D7CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/30/2015 09:06:24 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WLXPGSS.SCR, version: 16.4.3503.728, time stamp: 0x5013b255
    Faulting module name: WLXPipeTran.dll, version: 16.4.3503.728, time stamp: 0x5013b3ed
    Exception code: 0xc0000005
    Fault offset: 0x0000ac2e
    Faulting process ID: 0x2fb0
    Faulting application start time: 0xWLXPGSS.SCR0
    Faulting application path: WLXPGSS.SCR1
    Faulting module path: WLXPGSS.SCR2
    Report ID: WLXPGSS.SCR3
    Faulting package full name: WLXPGSS.SCR4
    Faulting package-relative application ID: WLXPGSS.SCR5

    Error: (09/30/2015 08:51:16 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WLXPGSS.SCR, version: 16.4.3503.728, time stamp: 0x5013b255
    Faulting module name: WLXPipeTran.dll, version: 16.4.3503.728, time stamp: 0x5013b3ed
    Exception code: 0xc0000005
    Fault offset: 0x0000ac2e
    Faulting process ID: 0xc50
    Faulting application start time: 0xWLXPGSS.SCR0
    Faulting application path: WLXPGSS.SCR1
    Faulting module path: WLXPGSS.SCR2
    Report ID: WLXPGSS.SCR3
    Faulting package full name: WLXPGSS.SCR4
    Faulting package-relative application ID: WLXPGSS.SCR5

    Error: (09/30/2015 08:46:16 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

    Error: (09/30/2015 08:34:54 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

    Error: (09/30/2015 08:23:31 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

    Error: (09/30/2015 08:00:38 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

    Error: (09/30/2015 07:55:16 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WLXPGSS.SCR, version: 16.4.3503.728, time stamp: 0x5013b255
    Faulting module name: WLXPipeTran.dll, version: 16.4.3503.728, time stamp: 0x5013b3ed
    Exception code: 0xc0000005
    Fault offset: 0x0000ac2e
    Faulting process ID: 0x22f4
    Faulting application start time: 0xWLXPGSS.SCR0
    Faulting application path: WLXPGSS.SCR1
    Faulting module path: WLXPGSS.SCR2
    Report ID: WLXPGSS.SCR3
    Faulting package full name: WLXPGSS.SCR4
    Faulting package-relative application ID: WLXPGSS.SCR5

    Error: (09/30/2015 07:49:12 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WLXPGSS.SCR, version: 16.4.3503.728, time stamp: 0x5013b255
    Faulting module name: WLXPipeTran.dll, version: 16.4.3503.728, time stamp: 0x5013b3ed
    Exception code: 0xc0000005
    Fault offset: 0x0000ac2e
    Faulting process ID: 0x15b8
    Faulting application start time: 0xWLXPGSS.SCR0
    Faulting application path: WLXPGSS.SCR1
    Faulting module path: WLXPGSS.SCR2
    Report ID: WLXPGSS.SCR3
    Faulting package full name: WLXPGSS.SCR4
    Faulting package-relative application ID: WLXPGSS.SCR5

    Error: (09/30/2015 07:38:40 PM) (Source: SideBySide) (EventID: 78) (User: )
    Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest3.
    A component version required by the application conflicts with another component version already active.
    Conflicting components are:.
    Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
    Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.

    Error: (09/30/2015 07:38:40 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: WLXPGSS.SCR, version: 16.4.3503.728, time stamp: 0x5013b255
    Faulting module name: WLXPipeTran.dll, version: 16.4.3503.728, time stamp: 0x5013b3ed
    Exception code: 0xc0000005
    Fault offset: 0x0000ac2e
    Faulting process ID: 0x14a0
    Faulting application start time: 0xWLXPGSS.SCR0
    Faulting application path: WLXPGSS.SCR1
    Faulting module path: WLXPGSS.SCR2
    Report ID: WLXPGSS.SCR3
    Faulting package full name: WLXPGSS.SCR4
    Faulting package-relative application ID: WLXPGSS.SCR5


    System errors:
    =============
    Error: (09/30/2015 08:48:13 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (09/30/2015 08:36:51 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (09/30/2015 08:25:28 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (09/30/2015 08:14:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (09/30/2015 08:02:35 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (09/30/2015 07:40:32 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
    Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6}

    Error: (09/30/2015 06:16:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/30/2015 06:16:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/30/2015 06:16:39 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable

    Error: (09/30/2015 06:16:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
    Percentage of memory in use: 47%
    Total physical RAM: 7893.53 MB
    Available physical RAM: 4156.43 MB
    Total Virtual: 9173.53 MB
    Available Virtual: 4918.17 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:907.26 GB) (Free:764.76 GB) NTFS
    Drive e: (My Passport (1Tb)) (Fixed) (Total:931.48 GB) (Free:708.28 GB) NTFS
    Drive f: (My Passport (500Gb)) (Fixed) (Total:465.73 GB) (Free:127.78 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 931.5 GB) (Disk ID: CEF15F15)

    Partition: GPT.

    ========================================================
    Disk: 1 (Size: 7.5 GB) (Disk ID: 74F02DEA)
    Partition 1: (Not Active) - (Size=7.5 GB) - (Type=73)

    ========================================================
    Disk: 2 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 0007526A)
    Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
     
  8. DRGW

    DRGW Thread Starter

    Joined:
    Apr 3, 2005
    Messages:
    279
    I have downloaded aswMBR and have carried out your instructions. I find that partway through the scan it is stopping but still says, "scanning". Each time it is stopping at the same place. How long should the scan take to complete? I started it just over an hour ago and it has stopped for almost 30 minutes.
     
  9. Curie

    Curie Malware Specialist

    Joined:
    Jun 18, 2015
    Messages:
    481
    Hi DRWG. We will be using another tool later.

    STEP 1

    [​IMG] Reg Fix
    • Press the Windows Key [​IMG] + r on your keyboard at the same time. Type Notepad and click OK.
    • Copy the entire contents of the codebox below and paste into the Notepad document.
      Code:
      Windows Registry Editor Version 5.00
      
      [HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Recovery]
      "AutoRecover"=dword:00000002
    • Click Format. Ensure Wordwrap is unchecked.
    • Click File, Save As and name the file regfix.reg.
    • Select All Files as the Save as type.
    • Save the file to your Desktop.
    • Locate regfix.reg [​IMG] on your Desktop. Right-Click the file and click Merge with the Registry.
    • Accept any prompts.
    • Reboot your computer for the changes to take effect.
    STEP 2
    Clear Cache

    • Open the Edge browser.
    • Click on the three dots on the top right corner of the browser.
    • Click on Settings.
    • Under Clear browsing data, click the button Choose what to clear.
    • Place a checkmark at each of the following checkboxes
      • Browsing history
      • Cookies and saved website data
      • Cached data and files.
    • Press the Clear button.

    ======================================================

    STEP 3
    Questions
    In your next reply
    please provide information on the following questions
    • Where you able to apply steps 1 and 2?
    • Are you able to use Edge properly now?
    • You have a toolbar called Nectar Search. This is no malware, but might be unwanted. Do you want to keep this toolbar?
     
  10. DRGW

    DRGW Thread Starter

    Joined:
    Apr 3, 2005
    Messages:
    279
    Step 1 has been completed with no issues.

    After clearing the cache on Microsoft Edge I receive a message saying, "Some data couldn't be cleared. Please try again."

    I keep trying but receive the same message.

    Apart from that I do not receive the pop up now
     
  11. Curie

    Curie Malware Specialist

    Joined:
    Jun 18, 2015
    Messages:
    481
    STEP 1
    Reset Internet Explorer

    • Close all Internet Explorer and Explorer windows that are currently open.
    • Tap on Windows Key and click on Search bar.
    • Type “Internet Explorer” without the quotes and click on it.
    • On the Tools menu, tap or click Internet options. If you don't see the Tools menu, press Alt.
    • In the Internet Options window, tap or click the Advanced tab.
    • Tap or click Reset.
    • In the Reset Internet Explorer Settings dialog box, tap or click Reset.
    • When Internet Explorer finishes applying the default settings, tap or click Close, and then tap or click OK.
    • Exit and then start Internet Explorer.
    Internet Explorer and Edge are connected. Please try again if you can clear the cache of Edge now. Then answer the following questions:

    1. Are there any outstanding issues with Edge or can you use it properly?

    2. Please tell me if you want to keep the Nectar Search toolbar.
     
  12. DRGW

    DRGW Thread Starter

    Joined:
    Apr 3, 2005
    Messages:
    279
    I have carried out your instructions and still receive the same message when trying to clear the cache.

    Apart from that Edge appears to be ok.

    I don't really use the Nectar Search toolbar now and it could go.
     
  13. Curie

    Curie Malware Specialist

    Joined:
    Jun 18, 2015
    Messages:
    481
    STEP 1
    [​IMG] Uninstall Software

    • Press the Windows Key [​IMG] + r on your keyboard at the same time. Type appwiz.cpl and click OK.
    • Search for the following programmes, right-click and click Uninstall.
      • Nectar Search Toolbar
      • Malware Protection Live
      • Ask Toolbar
    • Follow the prompts.
    • Note: If you are offered the choice to install additional software, ensure you decline.
    • Reboot if necessary.
    STEP 2
    [​IMG] Junkware Removal Tool (JRT)
    • Please download Junkware Removal Tool and save the file to your Desktop.
    • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
    • Right-Click JRT.exe and select [​IMG] Run as administrator to run the programme.
    • Follow the prompts and allow the scan to run uninterrupted.
    • Upon completion, a log (JRT.txt) will open on your desktop.
    • Re-enable your anti-virus software.
    • Copy the contents of JRT.txt and paste in your next reply.
    STEP 3
    [​IMG] AdwCleaner
    • Please download AdwCleaner and save the file to your Desktop.
    • Right-Click AdwCleaner.exe and select [​IMG] Run as administrator to run the programme.
    • Follow the prompts.
    • Click Scan.
    • Upon completion, click Report. A log (AdwCleaner[S1].txt) will open. Briefly check the log for anything you know to be legitimate.
    • Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab, and click Cleaning.
    • Follow the prompts and allow your computer to reboot.
    • After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply.
    -- File and folder backups are made for items removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[S1].txt.


    ======================================================

    STEP 4
    [​IMG] Logs
    In your next reply please include the following logs.
    • Have you been able to uninstall all programs in step 1?
    • JRT.txt
    • AdwCleaner[C1].txt
     
  14. Curie

    Curie Malware Specialist

    Joined:
    Jun 18, 2015
    Messages:
    481
    Are you still with me?
    Please note that I have to abandon this thread if you don't reply within three days, so I can move on to help other people.
     
  15. DRGW

    DRGW Thread Starter

    Joined:
    Apr 3, 2005
    Messages:
    279
    Hi. Sorry for the delay in responding but I've been working away. I have uninstalled the programs in step 1 and the reports follow.
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1156784

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice