[SOLVED] Error 8007312; SFC /scannow and SfcFix Both Clean

Yes I did. Specifically for Avira antivirus (won't update, launcher won't open) and Outlook (when I open the program).
 
Before I do, let me ask...how confident are you the repair install will work this time given the recent successful fixes? Scale of 1 to 10 (1 is "not at all", 10 is a "slam dunk").

Also, are we done with the USB, softwarenew folder, winpe, and rufus? I'd like to delete them if we are.

Thanks
 
If the repair install starts I would give it a 6 that it will work. Before I believe you immediately got the message "this version of System Recovery Options is not compatible with the version of Windows you are trying to repair". I wanted to see if that came up.

We are done with the softwarenew folder. I would keep the others until we are done.
 
OK. 6 out of 10. I'll take those odds. I'll start the repair in a few minutes. I'm on EST so this will be my last task for the evening. I'll send you an update from my phone on how the repair is progressing. Thanks.
 
Didn't work. I got "press any key to boot from CD or DVD" so I pressed a key and instead of launching the repair options it bypassed all of it and just booted up normally. Then I tried to run setup manually and got the error "the version of this file is not compatible with the version of Windows you're running. Check your computer's system information to see whether your need a x86 (32-bit) or x64 (64-bit) version of the program, and then contact the software publisher."
 
Darn. If we could get it to run I still think there's a decent chance it will fix the issues. OK, let's go another route. Please do the following. Hopefully it will run this time.

Step#1 - SFCFix Script
Warning: this fix is specific to the user in this thread. No one else should follow these instructions as it may cause more harm than good. If you are after assistance, please start a thread of your own.
  1. Download SFCFix.exe (by niemiro) and save this to your Desktop. If you still have this on your desktop from downloading previously, you don't need to re-download.
  2. Download the file below, SFCScript.txt, and save this to your Desktop.
  3. Save any open documents and close all open windows.
  4. On your Desktop, you should see two files: SFCFix.exe and SFCScript.txt.
  5. Drag the file SFCScript.txt onto the file SFCFix.exe and release it.
  6. SFCFix will now process the script.
  7. Upon completion, a file should be created on your Desktop: SFCFix.txt.
  8. Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this file into your next post for me to analyse please
 

Attachments

And now we know why.
Code: 
2016-07-01 00:16:35, Info                  CBS    Failed to load Core DLL from path: C:\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.18766_none_0b32a93025b365c1\cbscore.dll [HRESULT = 0x8007007e - ERROR_MOD_NOT_FOUND]

File Identification
1. Run FRST by Right-Clicking on the file and choosing Run as administrator. Again, it may already be open.
2. Type cbscore.dll into the Search box of the FRST window.
3. Click the Search Files button.
4. When the search is done it will open a notepad window with the results. Can you copy/paste the contents of this window into your next post?
 
Farbar Recovery Scan Tool (x86) Version: 29-06-2016
Ran by Joe (2016-07-01 10:42:02)
Running from C:\Users\Joe\Desktop
Boot Mode: Normal

================== Search Files: "cbscore.dll" =============

C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.18766_none_0b32a93025b365c1\CbsCore.dll
[2015-08-27 17:05][2015-02-18 03:06] 0845312 ____A (Microsoft Corporation) CBAA2DCABBF06BD02BA43EF846FECD88 [File is digitally signed]

C:\System Volume Information\SystemRestore\FRStaging\Windows\winsxs\x86_microsoft-windows-servicingstack_31bf3856ad364e35_6.1.7601.17592_none_0b0e4b4025cf4049\CbsCore.dll
[2015-08-27 17:38][2011-04-09 01:57] 0845312 ____A (Microsoft Corporation) 5B3D1C528CD6674FF6BD1F6720F5A686 [File is digitally signed]

====== End of Search ======
 
That's not good. Please do the following.

Logs Needed
1. Please download Farbar Recovery Scan Tool and save it to your Desktop. (you already did this)
Note: You need to run the 32-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Note: Ensure that the Addition.txt check box is checked at the bottom of the form within the Optional Scan area.
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe). Please also paste that along with the FRST.txt into your reply.
 
Here is the FRST log:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-06-2016
Ran by Joe (administrator) on JOE-PC (01-07-2016 11:29:15)
Running from C:\Users\Joe\Desktop
Loaded Profiles: Joe (Available Profiles: Joe)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avguard.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\Antivirus\avshadow.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Eyeo GmbH) C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\Antivirus\avgnt.exe [814608 2016-05-10] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Avira SystrayStartTrigger] => C:\Program Files\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-04] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [2623456 2016-06-02] (Malwarebytes Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12336856 2015-06-18] (Realtek Semiconductor)
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-21-956595361-2088304539-1011358878-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-956595361-2088304539-1011358878-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-956595361-2088304539-1011358878-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-956595361-2088304539-1011358878-1000\...\Policies\Explorer: [NoResolveSearch] 1
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => No File
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Malwarebytes Anti-Ransomware.lnk [2016-04-05]
ShortcutTarget: Malwarebytes Anti-Ransomware.lnk -> C:\Program Files\Malwarebytes\Anti-Ransomware\mbarw.exe (Malwarebytes)
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox Preloader.lnk [2016-01-17]
ShortcutTarget: Firefox Preloader.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5AC59C76-E506-4058-9050-80801E872FBA}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{5AC59C76-E506-4058-9050-80801E872FBA}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-956595361-2088304539-1011358878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-956595361-2088304539-1011358878-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-956595361-2088304539-1011358878-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?gws_rd=ssl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-956595361-2088304539-1011358878-1000 -> DefaultScope {0C7FAAAF-A6BA-476D-AC5C-BB183454E529} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-956595361-2088304539-1011358878-1000 -> {0C7FAAAF-A6BA-476D-AC5C-BB183454E529} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-19] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-19] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Handler: AutorunsDisabled\intu-help-qb6 - {6898B29B-BF49-43cb-A0B1-D0B9496AF491} - C:\Program Files\Intuit\QuickBooks 2013\HelpAsyncPluggableProtocol.dll [2015-12-10] (Intuit, Inc.)
Handler: AutorunsDisabled\mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\microsoft shared\Web Components\11\OWC11.DLL [2009-03-24] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808
FF DefaultSearchEngine.US: Google
FF Homepage: Google
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-18] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-08-27] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Yet Another Smooth Scrolling - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\extensions\yetanothersmoothscrolling@kataho.xpi [2016-04-25]
FF Extension: Preloader (for Firefox) - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\extensions\{8a8c1ada-2504-45c6-a2d2-265591abbd00}.xpi [2016-04-27]
FF Extension: RAMBack - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\extensions\ramback@pavlov.net.xpi [2016-04-27]
FF Extension: Disconnect - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\extensions\2.0@disconnect.me.xpi [2016-04-29]
FF Extension: NoScript - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-06-08]
FF Extension: Simple Popup Blocker - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\Extensions\@simplepopupblocker.xpi [2016-01-25]
FF Extension: Ghostery - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\Extensions\firefox@ghostery.com.xpi [2016-07-01]
FF Extension: uBlock Origin - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\Extensions\uBlock0@raymondhill.net.xpi [2016-06-24]
FF Extension: LavaFox V2-Purple - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\Extensions\zigboom555@aol.com [2016-06-29]
FF Extension: Video DownloadHelper - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\13m4v0js.default-1452970844808\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-23]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
S2 AntiVirMailService; C:\Program Files\Avira\Antivirus\avmailc7.exe [970656 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files\Avira\Antivirus\sched.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\Antivirus\avguard.exe [467016 2016-05-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files\Avira\Antivirus\avwebg7.exe [1435704 2016-05-10] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG)
R2 MB3Service; C:\Program Files\Malwarebytes\Anti-Ransomware\MBAMService.exe [2511840 2016-03-23] (Malwarebytes)
R2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [742368 2016-06-02] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 QBCFMonitorService; C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2015-12-10] (Intuit) [File not signed]
S4 QBFCService; C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2013-06-19] (Intuit Inc.) [File not signed]
S4 QBVSS; C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe [1248256 2013-06-19] (Intuit Inc.) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [109016 2016-03-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137240 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37896 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [60088 2016-05-10] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [50016 2016-06-02] ()
R3 farflt; C:\Windows\system32\drivers\farflt.sys [49024 2016-07-01] (Malwarebytes)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [189680 2016-07-01] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
S3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [44328 2015-11-17] (Microsoft Corporation)
R0 nvamacpi; C:\Windows\System32\DRIVERS\NVAMACPI.sys [24680 1999-12-31] (NVIDIA Corporation)
S4 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S4 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [31848 2015-12-03] (Avira Operations GmbH & Co. KG)
S3 eapihdrv; \??\C:\Users\Joe\AppData\Local\Temp\ehdrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-01 11:29 - 2016-07-01 11:29 - 00014768 _____ C:\Users\Joe\Desktop\FRST.txt
2016-07-01 10:23 - 2016-06-30 19:25 - 984048480 _____ C:\Users\Joe\Downloads\BlakeR_OP7_hd.mp4
2016-07-01 00:18 - 2016-07-01 00:18 - 00296320 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-30 23:06 - 2016-06-30 23:06 - 00358726 _____ C:\Users\Joe\Desktop\ShowKeyPlus.zip
2016-06-30 20:33 - 2016-07-01 11:29 - 00000000 ____D C:\FRST
2016-06-30 20:32 - 2016-06-30 20:33 - 01740288 _____ (Farbar) C:\Users\Joe\Desktop\FRST.exe
2016-06-30 15:41 - 2016-06-30 15:41 - 00000063 _____ C:\Users\Joe\Desktop\rufus.ini
2016-06-30 15:34 - 2016-06-30 15:35 - 195844096 _____ C:\Users\Joe\Desktop\winpe.iso
2016-06-30 15:34 - 2016-06-30 15:34 - 00827816 _____ (Akeo Consulting (hxxp://akeo.ie)) C:\Users\Joe\Desktop\rufus-2.2p.exe
2016-06-28 15:05 - 2016-06-28 15:05 - 00000000 ____D C:\e0bd9f277ad137dfc5
2016-06-28 13:38 - 2016-06-28 13:38 - 00000000 ____D C:\18c17034ba6f1a5768
2016-06-28 11:40 - 2016-06-29 22:59 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-28 10:21 - 2016-06-28 10:21 - 00000000 ____D C:\ProgramData\Adobe
2016-06-28 00:42 - 2016-06-28 00:42 - 00000000 ____D C:\a43c68a95a319dcec5bcf11833
2016-06-27 23:21 - 2016-05-18 12:10 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-27 19:03 - 2016-06-27 19:04 - 00000000 ____D C:\7321727bd40b629176cfe233
2016-06-27 18:57 - 2016-05-13 17:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-27 18:57 - 2016-05-13 17:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-27 18:57 - 2016-05-13 17:49 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-27 18:57 - 2016-05-13 17:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-27 18:57 - 2016-05-13 17:27 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-26 17:41 - 2016-06-26 17:41 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-26 14:31 - 2016-06-27 13:49 - 00000078 _____ C:\Windows\system32\JOE-PC.Windows 7 Ultimate, 32-bit Service Pack 1 (build 7601).txt
2016-06-26 14:30 - 2016-06-29 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Backup and Restore
2016-06-26 14:30 - 2016-06-29 22:56 - 00000000 ____D C:\Windows\RegBak
2016-06-26 14:30 - 2016-06-26 14:30 - 00000000 ____D C:\Program Files\Acelogix
2016-06-25 22:08 - 2016-06-27 23:23 - 00000000 ____D C:\Users\Joe\Desktop\Updates
2016-06-23 11:05 - 2016-06-23 14:38 - 00000000 ____D C:\Users\Joe\Documents\Good Works Application
2016-06-22 17:43 - 2016-06-22 17:44 - 239126136 _____ C:\Users\Joe\Desktop\Windows6.1-KB947821-v34-x86.msu
2016-06-20 19:28 - 2016-06-29 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-20 19:28 - 2016-06-20 19:28 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-20 19:24 - 2016-06-29 22:59 - 00000000 ____D C:\Program Files\iTunes
2016-06-20 19:24 - 2016-06-29 22:59 - 00000000 ____D C:\Program Files\iPod
2016-06-18 14:10 - 2016-04-09 02:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-18 03:34 - 2016-05-12 11:18 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-18 03:34 - 2016-05-12 11:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-18 03:34 - 2016-05-12 11:18 - 00351744 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-18 03:34 - 2016-05-12 11:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-18 03:34 - 2016-05-12 11:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-18 03:34 - 2016-05-12 11:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-18 03:34 - 2016-05-12 11:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-18 03:34 - 2016-05-12 10:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-18 03:34 - 2016-05-12 10:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-18 03:34 - 2016-05-11 11:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-16 08:47 - 2016-06-16 08:47 - 00000000 ___DL C:\Users\UpdatusUser\My Documents
2016-06-16 08:38 - 2016-06-16 08:38 - 00000000 ____D C:\ProgramData\Intel
2016-06-10 23:54 - 2016-06-29 22:57 - 00000000 ____D C:\Users\Joe\Desktop\ConfigFox-1.4.3-x32
2016-06-05 22:34 - 2016-06-05 22:34 - 00001024 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-06-05 13:59 - 2016-06-05 13:59 - 01610816 _____ (Malwarebytes) C:\Users\Joe\Desktop\JRT.exe
2016-06-05 13:24 - 2016-06-29 22:54 - 00000000 ____D C:\Windows\system32\RTCOM
2016-06-05 13:23 - 2015-06-18 18:45 - 03522264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2016-06-05 13:23 - 2015-06-17 14:45 - 02394328 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApoApi.dll
2016-06-05 13:23 - 2015-06-15 17:39 - 01708248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2016-06-05 13:23 - 2015-05-18 14:47 - 02637528 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2016-06-05 13:23 - 2015-05-15 19:27 - 02630872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2016-06-05 13:23 - 2011-11-22 16:28 - 00013416 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR.dll
2016-06-05 13:23 - 2009-11-24 09:55 - 00345328 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSXT.dll
2016-06-05 13:23 - 2009-11-24 09:55 - 00140528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW.dll
2016-06-05 13:22 - 2015-06-18 17:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-05 13:22 - 2015-06-17 19:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO.dll
2016-06-05 13:22 - 2015-05-05 14:01 - 01716480 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO232.dll
2016-06-05 13:22 - 2014-01-08 15:25 - 00332568 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp32.dll
2016-06-05 13:22 - 2012-06-08 16:21 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO32.dll
2016-06-05 13:22 - 2011-12-16 14:57 - 00054360 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld32.dll
2016-06-05 13:22 - 2010-11-08 07:31 - 00359768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP32A.dll
2016-06-05 13:22 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT32.dll
2016-06-05 13:22 - 2010-11-08 07:31 - 00295768 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA32.dll
2016-06-05 13:22 - 2010-11-08 07:31 - 00170840 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED32A.dll
2016-06-05 13:22 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL32A.dll
2016-06-05 13:22 - 2010-11-08 07:31 - 00064856 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG32A.dll
2016-06-05 13:22 - 2009-11-18 07:13 - 00050776 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn32.dll
2016-06-05 13:21 - 2015-05-25 15:18 - 02820120 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2016-06-05 13:20 - 2014-06-07 00:00 - 00519368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTACap.dll
2016-06-05 13:20 - 2013-10-11 12:47 - 00092584 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-05 13:20 - 2012-03-08 11:47 - 00095840 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTARen.dll
2016-06-04 20:11 - 2016-06-29 22:58 - 00000000 ____D C:\Program Files\WinDirStat
2016-06-04 20:11 - 2016-06-29 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat
2016-06-04 20:11 - 2016-06-04 20:11 - 00000989 _____ C:\Users\Joe\Desktop\WinDirStat.lnk
2016-06-04 19:16 - 2016-06-29 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-06-04 19:16 - 2016-06-04 19:16 - 00001961 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2016-06-04 10:25 - 2016-06-04 10:25 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-04 10:24 - 2015-01-30 20:49 - 03982144 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-06-04 10:24 - 2015-01-30 20:48 - 02556560 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-06-04 10:24 - 2015-01-30 20:48 - 00633672 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-06-04 10:24 - 2015-01-30 20:48 - 00107848 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-06-04 10:24 - 2015-01-30 20:48 - 00061768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-06-04 10:19 - 2015-01-30 22:51 - 00051856 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-06-04 10:18 - 2016-06-04 10:18 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-04 10:17 - 2015-01-30 22:51 - 19916432 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 17559184 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 10964624 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-06-04 10:17 - 2015-01-30 22:51 - 07755632 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 06295288 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 02576200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 02447000 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 01867920 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 01009296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3230908.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 00892560 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3230908.dll
2016-06-04 10:17 - 2015-01-30 22:51 - 00013235 _____ C:\Windows\system32\nvinfo.pb
2016-06-04 09:55 - 2016-06-04 09:55 - 00189112 _____ (Power Admin LLC) C:\Windows\PAExec.exe
2016-06-03 23:07 - 2016-06-29 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GWX Control Panel
2016-06-03 23:07 - 2016-06-03 23:07 - 00001032 _____ C:\Users\Public\Desktop\GWX Control Panel.lnk
2016-06-01 19:15 - 2016-06-17 23:20 - 00000000 ____D C:\Users\Joe\AppData\Local\ESET

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-01 11:19 - 2011-02-21 19:02 - 00000000 ___DC C:\Users\Joe\Documents\Health Insurance
2016-07-01 11:00 - 2015-04-17 23:13 - 00000000 ____D C:\Users\Joe\AppData\Roaming\vlc
2016-07-01 10:33 - 2015-07-05 19:44 - 00000000 ____D C:\Users\Joe\AppData\LocalLow\Adblock Plus for IE
2016-07-01 00:35 - 2015-04-08 13:37 - 00016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-01 00:35 - 2015-04-08 13:37 - 00016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-01 00:27 - 2015-04-10 18:27 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-07-01 00:26 - 2016-02-19 15:22 - 00049024 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2016-07-01 00:26 - 2015-04-12 23:20 - 00189680 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 00:25 - 2009-07-14 00:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-01 00:12 - 2015-08-26 23:02 - 00000000 ____D C:\Users\Joe
2016-07-01 00:12 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\inf
2016-06-30 18:58 - 2016-01-11 20:31 - 00005036 __RSH C:\ProgramData\ntuser.pol
2016-06-30 15:34 - 2010-11-20 17:01 - 00776356 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-30 14:37 - 2011-09-03 16:45 - 00000000 ___DC C:\Users\Joe\Desktop\Tools
2016-06-29 23:00 - 2016-01-14 16:50 - 00000000 ____D C:\AdwCleaner
2016-06-29 23:00 - 2015-07-05 19:44 - 00000000 ____D C:\Program Files\Adblock Plus for IE
2016-06-29 23:00 - 2015-04-10 09:57 - 00000000 ____D C:\Program Files\7-Zip
2016-06-29 22:59 - 2016-05-26 19:07 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Exploit
2016-06-29 22:59 - 2016-04-19 23:43 - 00000000 ____D C:\Program Files\Common Files\Java
2016-06-29 22:59 - 2016-03-30 20:25 - 00000000 ____D C:\Program Files\FUSB3_allOS_2.1.28.1_PV
2016-06-29 22:59 - 2015-12-30 22:25 - 00000000 ____D C:\Program Files\CONEXANT
2016-06-29 22:59 - 2015-06-10 17:02 - 00000000 ____D C:\Program Files\Common Files\Nuance
2016-06-29 22:59 - 2015-06-10 17:01 - 00000000 ____D C:\Program Files\Common Files\Intuit
2016-06-29 22:59 - 2015-05-05 15:29 - 00000000 ____D C:\Program Files\ESET
2016-06-29 22:59 - 2015-04-13 14:42 - 00000000 ____D C:\Program Files\CCleaner
2016-06-29 22:59 - 2015-04-11 00:07 - 00000000 ____D C:\Program Files\Media Cope
2016-06-29 22:59 - 2015-04-10 10:00 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2016-06-29 22:59 - 2015-04-10 09:58 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-29 22:59 - 2015-04-08 14:49 - 00000000 ____D C:\Program Files\Microsoft ActiveSync
2016-06-29 22:59 - 2015-04-08 14:03 - 00000000 ____D C:\Program Files\Common Files\Designer
2016-06-29 22:59 - 2015-04-08 14:02 - 00000000 ____D C:\Program Files\Microsoft FrontPage
2016-06-29 22:59 - 2015-04-08 14:01 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-29 22:59 - 2015-04-08 11:29 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-06-29 22:59 - 2009-07-14 00:52 - 00000000 ____D C:\Program Files\DVD Maker
2016-06-29 22:59 - 2009-07-13 22:37 - 00000000 ____D C:\Program Files\Common Files\System
2016-06-29 22:59 - 2009-07-13 22:37 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-06-29 22:59 - 2009-07-13 22:37 - 00000000 ____D C:\Program Files\Common Files\Services
2016-06-29 22:59 - 2009-07-13 22:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-29 22:58 - 2016-03-30 20:27 - 00000000 ____D C:\Program Files\Renesas Electronics
2016-06-29 22:58 - 2016-03-27 14:03 - 00000000 ____D C:\Program Files\Speccy
2016-06-29 22:58 - 2015-12-30 20:16 - 00000000 ____D C:\Program Files\SlimDrivers
2016-06-29 22:58 - 2015-08-26 22:58 - 00000000 ____D C:\ProgramData\HP
2016-06-29 22:58 - 2015-08-26 22:55 - 00000000 ____D C:\Program Files\Realtek
2016-06-29 22:58 - 2015-08-26 22:51 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-29 22:58 - 2015-04-24 00:24 - 00000000 ____D C:\ProgramData\GEAR Software
2016-06-29 22:58 - 2015-04-20 14:22 - 00000000 ____D C:\Program Files\MSECache
2016-06-29 22:58 - 2015-04-14 00:28 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-06-29 22:58 - 2015-04-10 09:54 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-29 22:58 - 2009-07-14 00:52 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-06-29 22:58 - 2009-07-14 00:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-06-29 22:58 - 2009-07-14 00:52 - 00000000 ____D C:\Program Files\Windows Defender
2016-06-29 22:58 - 2009-07-14 00:52 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-06-29 22:58 - 2009-07-14 00:52 - 00000000 ____D C:\Program Files\MSBuild
2016-06-29 22:58 - 2009-07-13 22:37 - 00000000 ____D C:\Program Files\Windows NT
2016-06-29 22:57 - 2016-05-26 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2016-06-29 22:57 - 2016-04-19 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-29 22:57 - 2016-03-31 00:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-06-29 22:57 - 2016-03-30 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics
2016-06-29 22:57 - 2016-03-27 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-06-29 22:57 - 2016-02-19 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-06-29 22:57 - 2015-12-30 22:12 - 00000000 ____D C:\ProgramData\SlimWare Utilities, Inc
2016-06-29 22:57 - 2015-12-30 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
2016-06-29 22:57 - 2015-12-29 11:58 - 00000000 ____D C:\Users\Joe\AppData\Local\niemiro
2016-06-29 22:57 - 2015-12-23 19:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-06-29 22:57 - 2015-12-23 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-29 22:57 - 2015-08-17 21:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeVideoCutter
2016-06-29 22:57 - 2015-06-10 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickBooks
2016-06-29 22:57 - 2015-05-20 23:33 - 00000000 ____D C:\Users\Joe\AppData\Local\Intel
2016-06-29 22:57 - 2015-05-13 13:51 - 00000000 ____D C:\Users\Joe\Desktop\Mlwre Tools
2016-06-29 22:57 - 2015-05-10 21:46 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-29 22:57 - 2015-04-30 18:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-06-29 22:57 - 2015-04-29 13:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Cope
2016-06-29 22:57 - 2015-04-10 20:26 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2016-06-29 22:57 - 2015-04-10 17:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-29 22:57 - 2015-04-10 14:10 - 00000000 ____D C:\Users\Joe\AppData\Local\HP
2016-06-29 22:57 - 2015-04-10 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-29 22:57 - 2015-04-08 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-06-29 22:57 - 2015-04-08 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2016-06-29 22:57 - 2009-09-07 16:01 - 00000000 ___DC C:\Users\Joe\AppData\Local\Intuit
2016-06-29 22:56 - 2015-06-26 23:00 - 00000000 ____D C:\Windows\CheckSur
2016-06-29 22:56 - 2015-06-10 16:48 - 00000000 ____D C:\Windows\Intuit
2016-06-29 22:56 - 2015-05-07 15:52 - 00000000 ____D C:\Windows\erdnt
2016-06-29 22:56 - 2015-04-13 14:57 - 00000000 ____D C:\Windows\pss
2016-06-29 22:56 - 2015-04-08 14:02 - 00000000 ____D C:\Windows\Msagent
2016-06-29 22:56 - 2011-04-11 22:24 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2016-06-29 22:56 - 2009-07-14 00:52 - 00000000 ____D C:\Windows\Performance
2016-06-29 22:56 - 2009-07-14 00:52 - 00000000 ____D C:\Windows\Offline Web Pages
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 __RSD C:\Windows\Media
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\servicing
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\security
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\schemas
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Resources
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\rescache
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\PLA
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\L2Schemas
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\IME
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Help
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Globalization
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Cursors
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Branding
2016-06-29 22:56 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\AppCompat
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\2C0A
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0C0A
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0C04
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0816
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0804
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0424
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\041F
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\041E
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\041D
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\041B
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0419
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0416
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0415
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0414
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0413
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0412
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0411
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0410
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\040E
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\040D
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\040C
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\040B
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\040A
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0409
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0408
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0407
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0406
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0405
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0404
2016-06-29 22:55 - 2016-03-30 20:27 - 00000000 ____D C:\Windows\system32\0401
2016-06-29 22:55 - 2016-02-20 18:07 - 00000000 ____D C:\Windows\system32\catroot2.bak
2016-06-29 22:55 - 2015-08-28 05:08 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-06-29 22:55 - 2015-08-28 05:08 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-29 22:55 - 2011-04-11 22:24 - 00000000 ____D C:\Windows\ShellNew
2016-06-29 22:55 - 2009-07-14 00:34 - 00000000 ____D C:\Windows\Setup
2016-06-29 22:55 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\Dism
2016-06-29 22:55 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\com
2016-06-29 22:55 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2016-06-29 22:54 - 2015-04-27 20:24 - 00000000 ____D C:\Windows\system32\vbox
2016-06-29 22:54 - 2015-04-10 23:22 - 00000000 ____D C:\Windows\system32\Macromed
2016-06-29 22:54 - 2015-04-08 12:47 - 00000000 ____D C:\Windows\system32\SPReview
2016-06-29 22:54 - 2015-04-08 12:37 - 00000000 ____D C:\Windows\system32\EventProviders
2016-06-29 22:54 - 2011-04-11 22:16 - 00000000 ____D C:\Windows\system32\winrm
2016-06-29 22:54 - 2011-04-11 22:16 - 00000000 ____D C:\Windows\system32\WCN
2016-06-29 22:54 - 2011-04-11 22:16 - 00000000 ____D C:\Windows\system32\slmgr
2016-06-29 22:54 - 2011-04-11 22:16 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2016-06-29 22:54 - 2009-07-14 00:52 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\TAPI
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\sysprep
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\spool
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\SMI
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\Setup
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\ras
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\oobe
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\NDF
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\MUI
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\migwiz
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\manifeststore
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\lv-LV
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\lt-LT
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\inetsrv
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\IME
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\icsxml
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\ias
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\et-EE
2016-06-29 22:54 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system
2016-06-29 22:41 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\registration
2016-06-29 18:31 - 2016-01-14 15:53 - 00002117 _____ C:\Users\Joe\Desktop\Tweaking.com - Windows Repair.lnk
2016-06-29 15:49 - 2015-05-20 15:44 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-06-29 15:39 - 2015-04-10 10:00 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-29 14:27 - 2015-12-29 12:07 - 00000000 ____D C:\SFCFix
2016-06-28 13:06 - 2009-08-14 09:21 - 00000000 ___DC C:\Users\Joe\Documents\Inbound Marketing
2016-06-28 11:20 - 2009-08-14 09:21 - 00000000 ___DC C:\Users\Joe\Documents\Employment
2016-06-28 10:56 - 2013-03-02 14:12 - 00000000 ___DC C:\Users\Joe\Documents\Dating
2016-06-28 10:39 - 2010-05-21 08:08 - 00034816 ____C C:\Users\Joe\Desktop\Outstanding Project Status.xls
2016-06-21 23:57 - 2015-04-24 00:24 - 00000000 ____D C:\ProgramData\Apple Computer
2016-06-21 23:57 - 2015-04-24 00:22 - 00000000 ____D C:\ProgramData\Apple
2016-06-21 22:46 - 2015-04-13 14:42 - 00000965 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-21 10:55 - 2013-11-11 15:48 - 00000000 ___DC C:\Users\Joe\Documents\Personal Health
2016-06-20 19:24 - 2015-04-24 00:22 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-18 09:55 - 2015-04-10 09:56 - 00000000 ____D C:\Users\Joe\AppData\Local\Adobe
2016-06-18 09:54 - 2016-05-12 11:43 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-06-18 09:54 - 2016-05-12 11:43 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-06-17 23:45 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Web
2016-06-17 23:45 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\Vss
2016-06-17 23:41 - 2009-07-13 22:37 - 00000000 ____D C:\Windows\system32\Msdtc
2016-06-17 23:20 - 2015-04-10 14:21 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Mozilla
2016-06-17 23:20 - 2015-04-10 14:21 - 00000000 ____D C:\Users\Joe\AppData\Local\Mozilla
2016-06-17 23:20 - 2015-04-10 09:56 - 00000000 ____D C:\Users\Joe\AppData\LocalLow\Sun
2016-06-17 23:20 - 2015-04-09 03:27 - 00000000 ____D C:\Users\Joe\AppData\Roaming\Adobe
2016-06-17 23:20 - 2015-04-07 18:09 - 00000000 ____D C:\Users\Joe\AppData\Local\VirtualStore
2016-06-17 23:19 - 2015-06-10 17:01 - 00000000 ____D C:\ProgramData\Intuit
2016-06-17 23:19 - 2015-04-11 13:24 - 00000000 ____D C:\RegBackup
2016-06-17 23:19 - 2015-04-10 10:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-17 23:19 - 2015-04-10 09:56 - 00000000 ____D C:\ProgramData\Oracle
2016-06-17 23:18 - 2016-02-16 23:07 - 00000000 ____D C:\Program Files\UltimateOutsider
2016-06-17 23:18 - 2015-12-23 19:29 - 00000000 ____D C:\ProgramData\Avira
2016-06-17 23:18 - 2015-04-30 18:39 - 00000000 ____D C:\Program Files\Tweaking.com
2016-06-17 23:18 - 2015-04-10 20:26 - 00000000 ____D C:\Program Files\VS Revo Group
2016-06-17 23:18 - 2015-04-10 09:58 - 00000000 ____D C:\Program Files\VideoLAN
2016-06-17 23:17 - 2015-08-17 21:38 - 00000000 ____D C:\Program Files\Tomatosoft
2016-06-17 23:16 - 2016-02-19 15:21 - 00000000 ____D C:\Program Files\Malwarebytes
2016-06-17 23:15 - 2015-12-23 20:21 - 00000000 ____D C:\Program Files\Java
2016-06-17 23:14 - 2016-03-31 00:37 - 00000000 ____D C:\Program Files\HP
2016-06-17 23:14 - 2015-06-10 17:01 - 00000000 ____D C:\Program Files\Intuit
2016-06-17 23:12 - 2015-12-23 19:29 - 00000000 ____D C:\Program Files\Avira
2016-06-17 23:12 - 2015-04-10 23:20 - 00000000 ____D C:\Program Files\Belkin
2016-06-17 23:12 - 2015-04-08 11:24 - 00000000 ____D C:\Program Files\Common Files\InstallShield
2016-06-17 23:11 - 2015-04-10 09:56 - 00000000 ____D C:\Program Files\Adobe
2016-06-16 08:47 - 2015-04-10 14:34 - 00000000 ____D C:\Users\UpdatusUser
2016-06-15 18:31 - 2015-04-08 17:57 - 00000000 ____D C:\Windows\system32\MRT
2016-06-12 16:07 - 2015-05-05 23:36 - 00024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2016-06-09 08:10 - 2009-07-14 00:53 - 00032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-06-05 13:26 - 2015-04-10 21:28 - 00000000 ___HD C:\Program Files\Temp
2016-06-04 10:25 - 2015-04-11 10:47 - 00000000 ____D C:\temp

==================== Files in the root of some directories =======

2015-10-21 08:53 - 2015-10-21 08:53 - 0000218 _____ () C:\Users\Joe\AppData\Local\recently-used.xbel
2015-08-30 16:01 - 2016-02-27 23:27 - 0007671 _____ () C:\Users\Joe\AppData\Local\resmon.resmoncfg
2016-03-31 00:36 - 2016-03-31 00:36 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-07-01 01:52

==================== End of FRST.txt ============================

Here is the Addition log:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-06-2016
Ran by Joe (2016-07-01 11:30:19)
Running from C:\Users\Joe\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2015-08-27 14:01:42)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-956595361-2088304539-1011358878-500 - Administrator - Disabled)
Guest (S-1-5-21-956595361-2088304539-1011358878-501 - Limited - Disabled)
Joe (S-1-5-21-956595361-2088304539-1011358878-1000 - Administrator - Enabled) => C:\Users\Joe

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.02 (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adblock Plus for IE (32-bit) (HKLM\...\{E93152F1-E3AE-4B2A-9BAC-F770203F67E5}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{15A0A9A6-6CF0-4EEE-8E12-096B33F92CA7}) (Version: 9.3.0.15 - Apple Inc.)
Avira Antivirus (HKLM\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM\...\{28d41884-9b36-4f54-bed2-92863f08e65d}) (Version: 1.1.62.21333 - Avira Operations GmbH & Co. KG)
Avira Launcher (Version: 1.1.62.21333 - Avira Operations GmbH & Co. KG) Hidden
Belkin Desktop PCI Card Driver (HKLM\...\{50D47CE8-9C16-42D1-A8D8-B143B22E232A}) (Version: 1.12.0005 - Belkin)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant D850 PCI V.92 Modem (HKLM\...\CNXT_MODEM_PCI_HSF) (Version: 7.80.4.0 - Conexant)
Dropbox Update Helper (Version: 1.3.27.77 - Dropbox, Inc.) Hidden
Free Video Cutter 1.4 (HKLM\...\FreeVideoCutter) (Version: - Tomatosoft)
GWX Control Panel (HKLM\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{2BDCE73D-C1CF-45BF-B6EB-B010365314A3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
iTunes (HKLM\...\{7C14EFF4-6BD4-4398-AF8D-41F40F8D71F1}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Malwarebytes Anti-Exploit version 1.8.1.2563 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.2563 - Malwarebytes)
Microsoft Office 2000 SR-1 Premium (HKLM\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3821 - Microsoft Corporation)
Microsoft Office 2003 Primary Interop Assemblies (HKLM\...\{91490409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.6553.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 RC Redistributable (x86) - 14.0.22816 (HKLM\...\{714692fa-709b-4925-8170-821d51135f42}) (Version: 14.0.22816.0 - Microsoft Corporation)
Mozilla Firefox 47.0 (x86 en-US) (HKLM\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA Graphics Driver 309.08 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 309.08 - NVIDIA Corporation)
QuickBooks (Version: 23.0.4015.2305 - Intuit Inc.) Hidden
QuickBooks Pro 2013 (HKLM\...\{3C631966-387E-4054-85D9-BBFFABE32BD8}) (Version: 23.0.4012.2305 - Intuit Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Registry Backup and Restore (HKLM\...\Registry Backup and Restore_is1) (Version: - Acelogix)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SlimDrivers (HKLM\...\{746AB259-6474-4111-8966-1C62F9A6E063}) (Version: 2.3.1 - SlimWare Utilities, Inc.)
Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1220 - SUPERAntiSpyware.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tweaking.com - Hardware Identify (HKLM\...\Tweaking.com - Hardware Identify) (Version: 2.0.1 - Tweaking.com)
Tweaking.com - Registry Compressor (HKLM\...\Tweaking.com - Registry Compressor) (Version: 1.1.0 - Tweaking.com)
Tweaking.com - Simple System Tweaker (HKLM\...\Tweaking.com - Simple System Tweaker) (Version: 2.2.0 - Tweaking.com)
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 3.9.0 - Tweaking.com)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-956595361-2088304539-1011358878-1000\...\WinDirStat) (Version: - )
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{05EC5C13-D255-4592-9CCB-98615172F0D6}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{0ADF9C35-0D5E-4B75-88DD-B64868907E17}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{123FAF7F-3FB1-4B8F-AD18-0047401D436A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{23CEE673-F947-4d94-9D54-F4BA00C8B73D}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{37A2FC00-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{37A2FC02-1795-4679-94A3-A153F1A8BB54}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{3CDEA288-D759-4C3B-B07F-7AFBCC842D98}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{4716D3CE-55DB-4D2A-818C-87D912895890}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{4844F3F7-2161-4AC4-B219-B3B4311782AA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{4A56F19E-9F50-4F43-93C8-050E44AA83A9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{4E5E74B5-8EB5-4859-A335-837EED412620}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{5428A9ED-6CD8-11D6-9C8A-0001023DCAA2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{547C8F00-5567-4AE3-8BB0-CC3CE2AB9070}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{57D590F1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{596801D8-2C9D-4627-9C67-195CB81B655A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{5B7331FA-8910-4748-A8A4-60B445041F28}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{5ED8AC89-B2DE-476D-8EEA-E170B2FCB058}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{7694F1CD-A55B-4B7C-8820-A90892EB4E9E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{7DBF8260-30AD-4D1B-876A-8032B87B809F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{828E5386-74CF-4019-B356-C857CD028A7D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{82CC31B3-53B4-4161-A4E9-6B4F1290A6C8}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{8572570D-12D9-4F2C-8BB8-EB8848178B94}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{8E590317-1329-11D1-B70B-00805F29CD16}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{8FEDE364-AB37-4551-80C9-6D468E222AB2}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{9D9B61F2-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{9D9B61F3-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{9D9B61F4-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{9D9B61F5-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{9D9B61F6-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{9D9B61F7-9E2B-492A-81B3-AA5A1CCFBC3A}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{A63E42D0-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{A63E42D2-9C63-47B5-ABF2-0C839EC20778}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{AF5E0A13-CEAB-47CE-991D-77E82CD1BF3F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{B10BFAC3-EFF1-40D9-ADA0-BEBE037C24CA}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{B66F2BF1-91EB-44CE-8088-AE4AE19D30A1}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D14FD6B3-6A9F-4537-9460-07B836707127}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D4A12AAF-E15E-470B-A6B6-63032186F91F}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D9B9C060-0954-11D3-9E07-00104BD2BE34}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\ViewSource.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D9BC6F81-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D9BC6F84-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D9BC6F87-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\cominifile.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D9BC6FA1-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D9BC6FA6-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\GraphSeriesCol.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{D9BC6FB2-A54B-11D4-A516-0050DA68678D}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\StorageClasses.dll (Intuit, Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{DCB2B478-EFF6-48F6-B718-13E98876854E}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{DFD0AF10-B86C-4AF3-B609-1348D513E565}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{E1A173E1-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{E1A173E3-D957-4C3E-A098-43756A3DB454}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{EADA914E-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{EAEF733D-5B08-4E85-8440-5A087504DF87}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{F2C593CC-74B2-4F71-8556-DD4D426D0409}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{FAC93D42-FFC2-11d1-9DEB-0008C7A08EBA}\localserver32 -> C:\Program Files\Intuit\QuickBooks 2013\QBW32.EXE (Intuit Inc.)
CustomCLSID: HKU\S-1-5-21-956595361-2088304539-1011358878-1000_Classes\CLSID\{FB17915F-06D1-4214-A902-CC5EE05186E9}\InprocServer32 -> C:\Program Files\Common Files\Intuit\QuickBooks\QBObjProxy.dll (Intuit Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03A8C745-FD68-41D1-B105-5B0828F45A50} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com)
Task: {13D1EBD4-5207-4DC0-B6C4-2BC1E660E7A3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {544020C9-FD51-4D79-B914-B6FA5DBBF456} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Joe\Desktop\Extended Windows 7 Disk Cleanup.lnk -> C:\Windows\System32\Extended Windows 7 Disk Cleanup.bat ()

==================== Loaded Modules (Whitelisted) ==============

2016-02-19 15:21 - 2016-04-15 12:44 - 00775648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-RANSOMWARE\arwlib.dll
2016-02-19 15:21 - 2016-02-23 16:45 - 00709632 _____ () C:\Program Files\Malwarebytes\Anti-Ransomware\QtQuick\Controls\qtquickcontrolsplugin.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-956595361-2088304539-1011358878-1000\...\dell.com -> dell.com
IE trusted site: HKU\S-1-5-21-956595361-2088304539-1011358878-1000\...\google.com -> hxxps://www.google.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 06:23 - 2016-06-29 19:47 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-956595361-2088304539-1011358878-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupreg: Intuit SyncManager => C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe startup
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: wmssetup => "%WinDir%\system32\rundll32.exe" "%ProgramFiles%\Windows Media Player\wmssetup.dll",LaunchProcessInputFiles

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{7D098088-A0B1-41E2-916B-E0DD597E56EC}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [TCP Query User{FDB40F82-6DF6-4AB1-AEE7-ACFA95F2CEB3}C:\windows\system32\mmc.exe] => (Allow) C:\windows\system32\mmc.exe
FirewallRules: [{740197B5-9B91-43DC-9448-5F2FAA99E4ED}] => (Allow) LPort=48113
FirewallRules: [{3733C92E-EC05-4014-B40F-9E9C9CEC76FE}] => (Allow) LPort=48113
FirewallRules: [{8C4C9F01-E6ED-4EE4-A861-ED9D6069E637}] => (Allow) LPort=1900
FirewallRules: [{DC5FA52D-2EA4-4A63-8CD3-CE3CF4B3D717}] => (Allow) LPort=2869
FirewallRules: [{B090623D-E700-4C76-92C8-40CB8B6926BE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B59F637C-41B8-4DAC-B195-FE04C25DE545}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BC96F977-4923-4AD8-B661-DACDC7F446D4}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{1B1D4144-048F-4FA0-9D6A-0F734076156E}] => (Allow) C:\Program Files\CCleaner\CCleaner.exe
FirewallRules: [{E49F43D1-A17B-4EA0-92F8-6EB6DB873169}] => (Allow) C:\Program Files\CCleaner\CCleaner.exe
FirewallRules: [{4D93C549-6841-4E1B-A55E-49525B0ADEA7}] => (Allow) C:\Program Files\CCleaner\CCleaner.exe
FirewallRules: [{D570D2E9-333E-4E9B-AB89-037A6AC2D3C0}] => (Allow) C:\Program Files\CCleaner\CCleaner.exe
FirewallRules: [{47E2B93E-0533-4D0E-84C7-56E79016931A}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{7AA16DFE-6251-425F-9933-20C986A4B9DD}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{203F9A42-A87A-4C33-9915-BB608D9FB8CA}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{A0E155F6-D450-46E9-8C9A-D6C467155056}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Restore Points =========================

25-06-2016 23:05:40 Windows Update
27-06-2016 11:36:38 Windows Update
28-06-2016 22:49:59 Windows Update
29-06-2016 09:57:48 Windows Update
29-06-2016 21:55:41 Restore Operation
01-07-2016 00:13:51 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Conexant D850 PCI V.92 Modem
Description: Conexant D850 PCI V.92 Modem
Class Guid: {4d36e96d-e325-11ce-bfc1-08002be10318}
Manufacturer: Conexant
Service: Modem
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (07/01/2016 11:29:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.


Error: (07/01/2016 11:29:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Server service depends on the Server SMB 1.xxx Driver service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (07/01/2016 11:29:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.


Error: (07/01/2016 11:29:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Server service depends on the Server SMB 1.xxx Driver service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (07/01/2016 11:29:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.


Error: (07/01/2016 11:29:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Server service depends on the Server SMB 1.xxx Driver service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (07/01/2016 11:24:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.


Error: (07/01/2016 11:24:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Server service depends on the Server SMB 1.xxx Driver service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.


Error: (07/01/2016 11:24:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068 = The dependency service or group failed to start.


Error: (07/01/2016 11:24:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Server service depends on the Server SMB 1.xxx Driver service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.



==================== Memory info ===========================

Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 61%
Total physical RAM: 3518.49 MB
Available physical RAM: 1338.61 MB
Total Virtual: 8793.82 MB
Available Virtual: 6094.41 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.51 GB) (Free:758.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E63346F5)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Let me know if there is anything unusual here. Thanks.
 
You must log in or register to reply here.
Back
Top