Page 1 of 8 12345 ... Last
  1. #1

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    [7SP1 x64] update fails on configuring after reboot

    I have tried everything I could find online to resolve the problem, repeatedly: sfc /scannow, SURT, windows troubleshooter, ran a script to fix some entries, stopped services and deleted the SoftwareDistribution folder. No matter what I do, KB3110329 fails at 9% during 'configuring Windows'. KB3139398 fails to install, and the last monthly rollup update to install was June 2017.
    I also tried using WSUS Offline. It appears to be choking on KB2830477 with code 80248014 (as seen in WindowsUpdate log file).

    I ran everything fresh this morning, as instructed in this forum. SFCFix reported errors with the component hive.

    Link to CBS folder:
    https://1drv.ms/u/s!AguG5r8sWaoRa2iIXV442yKhwLY

    I will have only intermittent access to this system after 10/12 but will follow recommended steps and reply as quickly as I can.

    Thank you for your assistance with this PIA system!


    • Ad Bot

      advertising
      Beep.

        
       

  2. #2

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Here is SFC Fix log file:
    SFCFix version 3.0.0.0 by niemiro.
    Start time: 2017-10-10 11:22:42.827
    Microsoft Windows 7 Service Pack 1 - amd64
    Not using a script file.


    AutoAnalysis::
    WARNING: Components hive failed load test and may be corrupt.

    WARNING: Components hive failed final reload test with error code ERROR_PRIVILEGE_NOT_HELD and may be corrupt.

    SUMMARY: No corruptions were detected.
    AutoAnalysis:: directive completed successfully.


    Successfully processed all directives.
    SFCFix version 3.0.0.0 by niemiro has completed.
    Currently storing 0 datablocks.
    Finish time: 2017-10-10 11:31:35.838
    ----------------------EOF-----------------------

  3. #3
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Hi and welcome to Sysnative. Sorry for the delay. Are you still in need of assistance?

  4. #4

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Yes, please!! And thank you.

  5. #5
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Please do the following when able.

    Retrieve Components Hive
    1. Navigate to C:\Windows\System32\Config and locate the COMPONENTS file.
    2. Please copy this file to your desktop.
    Note: If you receive an error that this file is in-use, simply reboot your computer and try again.
    3. Right-click on this file on your desktop and select Send To...Compressed (zipped) folder. This will create a file named COMPONENTS.ZIP on your desktop.
    4. The file will likely be too large to upload here so please upload to SendSpace and just provide the link here.

  6. #6

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Brian,
    Sorry for the delay. Here's the link to the zipped COMPONENTS file:

    Download COMPONENTS.zip from Sendspace.com - send big files the easy way

  7. #7
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    No problem. I think I see the issue.

    Code:
    2017-10-10 10:11:57, Error                 CBS    Doqe: Failed installing driver updates [HRESULT = 0x80070005 - E_ACCESSDENIED]
    Can you zip/attach the following file so I can confirm?
    Code:
    C:\WINDOWS\INF\setupapi.dev.log

  8. #8

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    The requested file was found at c:\windows\debug\IALogs\inf, not in the above folder. The folder you listed had only these files:
    [7SP1 x64] update fails on configuring after reboot-setupapi-jpg

    The zipped file should be attached...
    Attached Files Attached Files

  9. #9
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Thanks. Zip and attach the setupapi.app.log instead then.

  10. #10

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Would not let me zip the file, but it is small enough so just attached it.
    Thanks again!
    Attached Files Attached Files

  11. #11
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Thanks. The following two drivers are failing because of Access Denied.

    Code:
    tsgenericusbdriver.inf
    tsusbhubfilter.inf
    Please attempt the following.

    Perform a Clean Boot following the instructions below.
    https://support.microsoft.com/en-us/...oot-in-windows

    After a Clean Boot, attempt to install the update and let me know the results.

  12. #12

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    I will attempt at first opportunity. I believe I have already tried this, but will do it again just to be sure something hasn't changed between now and then (and that my memory hasn't abandoned me).

  13. #13

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Performed a clean boot. Attempted to install 3 updates: 3110329, 3139398, and 4038777. 2 failed, one said it installed. Got to 7% during configuring stage after reboot, then failed and reverted. 3110329 error is 80246007; 3139398 is also 80246007. 4038777 error code is 80070005.

  14. #14
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Please do the following.

    Step#1 - FRST Scan
    1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the 64-bit Version so please ensure you download that one.
    2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
    3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
    4. Press Scan button.
    5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
    6. Please copy and paste log back here.
    7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.

  15. #15

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Here you go! If it makes any difference, computer is still in clean boot mode.
    FRST.txt:
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-10-2017
    Ran by networkadmin (administrator) on SAFETY12 (31-10-2017 06:59:05)
    Running from C:\Users\networkadmin\Desktop
    Loaded Profiles: networkadmin (Available Profiles: User1 & networkadmin)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: "F:\PortableApps\FirefoxPortable\App\Firefox\firefox.exe" -requestPending -osint -url "%1")
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
    ==================== Processes (Whitelisted) =================
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
    (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
    (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    ==================== Registry (Whitelisted) ===========================
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4159136 2016-03-04] (ESET)
    Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
    Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
    HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
    AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => No File
    AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [177624 2015-02-05] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => No File
    AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [164752 2015-02-05] (NVIDIA Corporation)
    Startup: C:\Users\andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PortableRoboForm - Shortcut.lnk [2016-04-21]
    ShortcutTarget: PortableRoboForm - Shortcut.lnk -> F:\PortableRoboForm.exe (No File)
    Startup: C:\Users\andy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Start - Shortcut.lnk [2016-04-21]
    ShortcutTarget: Start - Shortcut.lnk -> F:\Start.exe (No File)
    ==================== Internet (Whitelisted) ====================
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 10.0.0.2
    Tcpip\..\Interfaces\{538756DD-C3B5-4184-99D7-61401E05D8F4}: [DhcpNameServer] 10.0.0.2
    Tcpip\..\Interfaces\{E35E72A9-0F22-43F0-A3DD-F9ABBF804AD0}: [DhcpNameServer] 10.0.0.2
    Internet Explorer:
    ==================
    HKU\S-1-5-21-462157724-132793273-1689201830-1142\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
    HKU\S-1-5-21-462157724-132793273-1689201830-1142\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.toshiba.com
    HKU\S-1-5-21-462157724-132793273-1689201830-1142\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com
    SearchScopes: HKLM -> DefaultScope {AFF5B857-0960-4089-A2EE-1CDBDEC676FC} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {AFF5B857-0960-4089-A2EE-1CDBDEC676FC} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
    SearchScopes: HKLM-x32 -> DefaultScope {AFF5B857-0960-4089-A2EE-1CDBDEC676FC} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {AFF5B857-0960-4089-A2EE-1CDBDEC676FC} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
    SearchScopes: HKU\S-1-5-21-462157724-132793273-1689201830-1142 -> DefaultScope {CFE7F79D-1373-49B5-A762-FF8269FF74F4} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS490
    SearchScopes: HKU\S-1-5-21-462157724-132793273-1689201830-1142 -> {AFF5B857-0960-4089-A2EE-1CDBDEC676FC} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS490
    SearchScopes: HKU\S-1-5-21-462157724-132793273-1689201830-1142 -> {CFE7F79D-1373-49B5-A762-FF8269FF74F4} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS490
    BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-03-17] (Siber Systems Inc.)
    BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-22] (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-22] (Oracle Corporation)
    BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
    BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-03-17] (Siber Systems Inc.)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-22] (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
    BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\ZeonIEFavClient.dll [2011-07-08] (Zeon Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-22] (Oracle Corporation)
    BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2012-08-24] (TOSHIBA Corporation)
    Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2017-03-17] (Siber Systems Inc.)
    Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2017-03-17] (Siber Systems Inc.)
    Toolbar: HKU\S-1-5-21-462157724-132793273-1689201830-1142 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
    DPF: HKLM-x32 {7191F0AC-D686-46A8-BFCC-EA61778C74DD} hxxp://72.201.173.195:8090/aplugLite.cab
    DPF: HKLM-x32 {D012C710-86E2-4797-ACA5-DE142834E295} hxxp://78321395.cam.trendnetcloud.com/devices/clients/ActiveX/1_0_1_4212/TRENDnetCloud.cab
    FireFox:
    ========
    FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
    FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2016-05-24] [not signed]
    FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox
    FF Extension: (RoboForm Toolbar) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2017-02-15] [not signed]
    FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] ()
    FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-22] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-22] (Oracle Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIIPT.dll [2013-01-11] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Services\IPT\npIntelWebAPIUpdater.dll [2013-01-11] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-22] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-22] (Oracle Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
    FF Plugin-x32: @TRENDnet.com/CameraPlugin -> C:\Program Files (x86)\TRENDnet\npcamstreamctrl.dll [2015-10-12] (TRENDnet)
    FF Plugin-x32: @trendnet.com/trendnetcloud -> C:\Program Files (x86)\TRENDnet\npTRENDnetCloud.dll [2015-10-12] (TRENDnet)
    FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
    StartMenuInternet: FIREFOX.EXE - F:\PortableApps\FirefoxPortable\App\Firefox64\firefox.exe
    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-12-06]
    CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-12-06]
    StartMenuInternet: Google Chrome.BAPNUZEHPKMRCE4IJXFXQ2DMZ4 - C:\Users\andy\AppData\Local\Google\Chrome\Application\chrome.exe
    ==================== Services (Whitelisted) ====================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    S4 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
    S4 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [11075816 2015-10-16] (DisplayLink Corp.)
    S4 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [53408 2016-03-04] (ESET)
    R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1059880 2016-03-04] (ESET)
    S4 ESHASRV; C:\Program Files\ESET\ESET NOD32 Antivirus\EShaSrv.exe [200864 2016-03-04] (ESET)
    S4 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768 2012-06-27] (Freemake) [File not signed]
    S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
    S4 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
    S4 IDriveService; C:\Program Files (x86)\IDriveWindows\idwservice_600.exe [182872 2013-06-14] ()
    S4 IDWAdmin; C:\Program Files (x86)\IDriveWindows\idwadminsrv.exe [125528 2013-06-14] ()
    S4 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1232880 2014-05-04] ()
    R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
    R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2012-02-08] (Hewlett-Packard) [File not signed]
    S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
    S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
    S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-12] (Electronic Arts)
    S4 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149664 2017-07-12] (Electronic Arts)
    S4 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 7\PDFProFiltSrv.exe [135016 2011-09-09] (Nuance Communications, Inc.)
    R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2012-02-08] (Hewlett-Packard) [File not signed]
    S4 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [File not signed]
    S4 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2015-09-02] (CyberLink)
    S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
    S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
    S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
    S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
    S4 SwOffScheduler; C:\Users\andy\swoff.exe [173056 2011-05-28] (Airytec) [File not signed]
    S4 SwOffWeb; C:\Users\andy\swoff.exe [173056 2011-05-28] (Airytec) [File not signed]
    S4 Thpsrv; C:\windows\system32\ThpSrv.exe [558592 2011-04-20] (TOSHIBA Corporation) [File not signed]
    S4 wgsslvpnsrc; C:\Program Files (x86)\WatchGuard\WatchGuard Mobile VPN with SSL\wgsslvpnsrc.exe [102912 2015-10-15] () [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
    ===================== Drivers (Whitelisted) ======================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    R3 Apowersoft_AudioDevice; C:\windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-01] (Wondershare)
    S3 Bulk1628; C:\windows\System32\Drivers\Bulk1628.sys [17792 2009-10-20] (SunPlus)
    S3 ca1628UVCav; C:\windows\System32\Drivers\ca1628UVCav.sys [2453504 2011-01-11] (Digital Camera)
    R3 CLMirrorDriver; C:\windows\System32\DRIVERS\CLMirrorDriver.sys [21264 2016-11-10] (CyberLink)
    S3 DisplayLinkUsbIo_x64; C:\windows\System32\DRIVERS\DisplayLinkUsbIo_x64_7.9.630.0.sys [58640 2016-09-03] ()
    S3 dlcdcncm; C:\windows\System32\DRIVERS\dlcdcncm62_x64.sys [91920 2015-10-16] (DisplayLink Corp.)
    S3 dlusbaudio; C:\windows\System32\DRIVERS\dlusbaudio_x64.sys [229648 2015-10-16] (DisplayLink Corp.)
    R1 eamonm; C:\windows\System32\DRIVERS\eamonm.sys [248024 2015-09-11] (ESET)
    U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [183016 2013-04-09] (ESET)
    R1 ehdrv; C:\windows\System32\DRIVERS\ehdrv.sys [179544 2015-07-14] (ESET)
    R2 epfwwfpr; C:\windows\System32\DRIVERS\epfwwfpr.sys [170768 2015-07-14] (ESET)
    S3 FlashUSB; C:\windows\System32\DRIVERS\FlashUSB.sys [19968 2014-01-22] (Intel Mobile Communications)
    S3 GeneStor; C:\windows\System32\DRIVERS\GeneStor.sys [111336 2016-09-26] (GenesysLogic)
    R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-09-03] (REALiX(tm))
    R3 ManyCam; C:\windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-10] (ManyCam LLC)
    R3 mcaudrv_simple; C:\windows\System32\drivers\mcaudrv_x64.sys [28160 2013-01-31] (ManyCam LLC)
    S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [56384 2016-09-26] (NVIDIA Corporation)
    R3 S6000KNT; C:\windows\System32\Drivers\S6000KNT.sys [3564568 2016-09-26] (Windows (R) Win 7 DDK provider)
    R3 toshidpt; C:\windows\System32\drivers\Toshidpt.sys [10232 2012-08-01] (TOSHIBA Corporation.)
    S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [X]
    S3 dlcdcecm; system32\DRIVERS\dlcdcecm.sys [X]
    S3 LGELTEBus; system32\DRIVERS\LGELTEBus.sys [X]
    S3 LGELTEmdm; system32\DRIVERS\LGELTEmdm.sys [X]
    S3 LGELTEMux; system32\DRIVERS\LGELTEMux.sys [X]
    S3 LGELTENdis; system32\DRIVERS\LGELTENdis.sys [X]
    S3 LGELTEprt; system32\DRIVERS\LGELTEprt.sys [X]
    S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
    S3 MBAMWebProtection; system32\DRIVERS\mwac.sys [X]
    ==================== NetSvcs (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    ==================== One Month Created files and folders ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2017-10-31 06:59 - 2017-10-31 06:59 - 000019976 _____ C:\Users\networkadmin\Desktop\FRST.txt
    2017-10-31 06:58 - 2017-10-31 06:59 - 000000000 ____D C:\FRST
    2017-10-31 06:41 - 2017-10-31 06:41 - 002403328 _____ (Farbar) C:\Users\networkadmin\Desktop\FRST64.exe
    2017-10-30 14:31 - 2017-10-30 14:31 - 000000000 ____H C:\Users\networkadmin\Documents\Default.rdp
    2017-10-27 10:08 - 2017-10-27 10:08 - 000054434 _____ C:\Users\andy\Desktop\Referrals Hart Doc.pdf
    2017-10-27 10:07 - 2017-10-27 10:07 - 000051748 _____ C:\Users\andy\Desktop\94e94e89-e5c7-41f8-b1e1-9fdaa2143416-000001.pdf
    2017-10-25 12:40 - 2017-10-25 12:47 - 000000000 ____D C:\Users\andy\Desktop\New folder
    2017-10-25 09:09 - 2017-10-25 09:11 - 011707497 _____ C:\Users\networkadmin\Desktop\COMPONENTS.zip
    2017-10-22 17:12 - 2017-10-22 17:11 - 000110144 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-64.dll
    2017-10-19 09:39 - 2017-10-19 09:39 - 000084196 _____ C:\Users\andy\Desktop\Sorbogem Crystalline Sorbitol NF FCC All Grades - Ingredion - 2014-05-07.pdf
    2017-10-18 14:28 - 2017-10-18 14:28 - 000047943 _____ C:\Users\andy\Desktop\416cbfac-1767-4cb7-ba68-fc2b9a790e8d-000001.pdf
    2017-10-18 08:22 - 2017-10-18 08:22 - 774614994 _____ C:\windows\MEMORY.DMP
    2017-10-18 08:22 - 2017-10-18 08:22 - 000262144 _____ C:\windows\Minidump\101817-36348-01.dmp
    2017-10-13 14:10 - 2017-10-13 14:11 - 435513784 _____ (ON1) C:\Users\andy\Downloads\ON1_Effects_10.5.1_Free.exe
    2017-10-13 08:44 - 2017-10-13 08:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
    2017-10-13 08:26 - 2017-10-13 08:26 - 000000000 ____D C:\ddc70a2d2b2cdec6cf79331287a5
    2017-10-10 11:32 - 2017-10-10 11:33 - 200268366 _____ C:\Users\networkadmin\Desktop\CBS.zip
    2017-10-10 11:32 - 2017-10-10 11:32 - 000000000 ___HD C:\Users\networkadmin\Desktop\CBS
    2017-10-10 11:31 - 2017-10-10 11:31 - 000001316 _____ C:\Users\networkadmin\Desktop\SFCFix.txt
    2017-10-10 10:26 - 2017-10-10 10:26 - 000000000 ____D C:\Users\networkadmin\AppData\Local\Garmin_Ltd._or_its_subsid
    2017-10-10 10:26 - 2017-10-10 10:26 - 000000000 ____D C:\Users\networkadmin\AppData\Local\CEF
    2017-10-10 08:05 - 2017-10-10 09:56 - 000065998 _____ C:\windows\woubak-winlogon.reg
    2017-10-10 08:05 - 2017-10-10 09:56 - 000002700 _____ C:\windows\woubak-system-policies.reg
    2017-10-10 07:27 - 2017-10-13 08:44 - 000003554 _____ C:\windows\System32\Tasks\GarminUpdaterTask
    2017-10-10 07:26 - 2013-02-14 23:08 - 000237568 _____ (Microsoft Corporation) C:\windows\system32\wecsvc.dll
    2017-10-10 07:26 - 2013-02-14 23:08 - 000088576 _____ (Microsoft Corporation) C:\windows\system32\wecapi.dll
    2017-10-10 07:26 - 2013-02-14 20:53 - 000113152 _____ (Microsoft Corporation) C:\windows\system32\wecutil.exe
    2017-10-10 07:26 - 2013-02-14 19:54 - 000080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\wecutil.exe
    2017-10-10 07:26 - 2013-02-14 19:54 - 000058368 _____ (Microsoft Corporation) C:\windows\SysWOW64\wecapi.dll
    2017-10-10 06:43 - 2017-10-10 06:43 - 000000041 _____ C:\windows\woubak-pwrscheme-temp.txt
    2017-10-10 06:43 - 2017-10-10 06:43 - 000000041 _____ C:\windows\woubak-pwrscheme-act.txt
    2017-10-09 15:28 - 2017-10-09 15:28 - 000000000 ____D C:\Users\networkadmin\Desktop\wsusoffline1102
    2017-10-09 15:27 - 2017-10-09 15:28 - 002331902 _____ C:\Users\networkadmin\Desktop\wsusoffline1102.zip
    2017-10-09 10:53 - 2017-10-10 11:31 - 000000000 ____D C:\SFCFix
    2017-10-09 10:43 - 2017-10-10 11:31 - 000000000 ____D C:\Users\networkadmin\AppData\Local\niemiro
    2017-10-09 10:42 - 2017-10-09 10:42 - 002884096 _____ (niemiro) C:\Users\networkadmin\Desktop\SFCFix.exe
    2017-10-09 10:02 - 2017-10-09 10:04 - 564744309 _____ C:\Users\networkadmin\Desktop\Windows6.1-KB947821-v34-x64.msu
    2017-10-09 08:39 - 2017-10-09 08:39 - 000000000 ____D C:\Program Files\Malwarebytes
    2017-10-09 08:24 - 2017-10-09 08:24 - 000000000 ____D C:\Users\User1\AppData\Roaming\HandBrake
    2017-10-06 10:25 - 2017-10-06 10:25 - 017092411 _____ C:\Users\User1\Desktop\Windows6.1-KB3110329-x64.msu
    2017-10-06 10:25 - 2017-10-06 10:25 - 017092411 _____ C:\Users\networkadmin\Desktop\Windows6.1-KB3110329-x64.msu
    2017-10-06 09:46 - 2017-10-06 09:46 - 000000000 ____D C:\Users\User1\AppData\Local\ArcSoft
    2017-10-06 09:22 - 2017-10-06 09:22 - 000000000 ____D C:\Users\User1\AppData\Local\ElevatedDiagnostics
    2017-10-06 09:20 - 2017-10-03 09:09 - 564744309 _____ C:\Users\User1\Desktop\SURT.msu
    2017-10-06 09:19 - 2017-08-23 07:54 - 000313366 _____ C:\Users\User1\Desktop\WindowsUpdate.diagcab
    2017-10-06 08:59 - 2017-10-06 08:59 - 000000000 ____D C:\Users\User1\AppData\Roaming\Zeon
    2017-10-06 08:59 - 2017-10-03 10:47 - 000001122 _____ C:\Users\User1\Desktop\reset.cmd
    2017-10-06 08:58 - 2017-10-06 08:58 - 000000000 ____D C:\Users\User1\AppData\Local\NVIDIA Corporation
    2017-10-06 08:57 - 2017-10-06 08:57 - 000000000 ____D C:\Users\User1\Documents\Bluetooth
    2017-10-06 08:57 - 2017-10-06 08:57 - 000000000 ____D C:\Users\User1\AppData\Local\NVIDIA
    2017-10-06 08:57 - 2017-10-06 08:57 - 000000000 ____D C:\Users\User1\AppData\Local\Google
    2017-10-03 10:47 - 2017-10-03 10:47 - 000001122 _____ C:\Users\networkadmin\Desktop\reset.cmd
    2017-10-03 10:46 - 2017-10-03 10:46 - 000000000 ____D C:\Program Files (x86)\Windows Resource Kits
    2017-10-03 10:45 - 2017-10-03 10:45 - 000379392 _____ C:\Users\networkadmin\Desktop\subinacl.msi
    2017-10-03 09:12 - 2017-10-03 09:09 - 564744309 _____ C:\Users\networkadmin\Desktop\SURT.msu
    2017-10-03 08:54 - 2017-10-03 08:54 - 000000000 ____D C:\Users\networkadmin\AppData\Local\ElevatedDiagnostics
    2017-10-03 08:53 - 2017-08-23 07:54 - 000313366 _____ C:\Users\networkadmin\Desktop\WindowsUpdate.diagcab
    ==================== One Month Modified files and folders ========
    (If an entry is included in the fixlist, the file/folder will be moved.)
    2017-10-31 06:56 - 2016-02-02 12:04 - 000000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d15dec894f43d3.job
    2017-10-31 06:56 - 2015-12-07 06:03 - 000000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d130efbb5d0130.job
    2017-10-31 06:56 - 2015-09-17 10:04 - 000000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0f16aee43fded.job
    2017-10-31 06:56 - 2015-09-01 09:03 - 000000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e4cfc87774cc.job
    2017-10-31 06:56 - 2015-05-19 07:04 - 000000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0923caa881f55.job
    2017-10-31 06:56 - 2015-02-05 05:58 - 000000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore1d04143631e2c14.job
    2017-10-31 06:56 - 2012-06-09 19:29 - 000000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2017-10-31 06:55 - 2009-07-13 22:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
    2017-10-31 06:49 - 2015-02-16 09:48 - 000000508 _____ C:\windows\Tasks\G2MUpdateTask-S-1-5-21-462157724-132793273-1689201830-1178.job
    2017-10-31 06:36 - 2015-12-04 09:26 - 000000904 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d12eb089666e33.job
    2017-10-31 06:36 - 2015-09-17 10:04 - 000000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1d0f16aee6a13f2.job
    2017-10-31 06:35 - 2012-06-09 19:29 - 000000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2017-10-31 06:34 - 2016-02-02 12:04 - 000000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1d15dec898864da.job
    2017-10-31 06:34 - 2016-02-02 11:31 - 000000904 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d15de7ff93b9ff.job
    2017-10-31 06:34 - 2015-12-07 06:03 - 000000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1d130efbb87d9f5.job
    2017-10-31 06:34 - 2015-09-18 08:26 - 000000904 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0f2266a6deade.job
    2017-10-31 06:34 - 2015-09-01 09:03 - 000000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e4cfc89d8ad0.job
    2017-10-31 06:34 - 2015-07-16 07:11 - 000000904 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0bfd143053a8b.job
    2017-10-31 06:34 - 2015-06-19 09:44 - 000000604 _____ C:\windows\Tasks\G2MUploadTask-S-1-5-21-462157724-132793273-1689201830-1178.job
    2017-10-31 06:34 - 2015-05-19 07:04 - 000000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1d0923caaabd3f9.job
    2017-10-31 06:34 - 2015-05-15 06:10 - 000000904 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d08f108f575119.job
    2017-10-31 06:34 - 2015-02-05 05:58 - 000000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA1d04143633d1df8.job
    2017-10-31 06:34 - 2015-02-04 06:05 - 000000904 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0407b301f1e75.job
    2017-10-31 06:34 - 2014-11-12 13:20 - 000000904 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1cffeb62299cabb.job
    2017-10-31 06:34 - 2013-12-24 10:42 - 000000904 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA.job
    2017-10-30 14:52 - 2009-07-13 21:45 - 000039552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2017-10-30 14:52 - 2009-07-13 21:45 - 000039552 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2017-10-30 14:40 - 2009-07-13 20:20 - 000000000 ___HD C:\windows\inf
    2017-10-30 14:29 - 2013-01-14 08:54 - 000000000 ___HD C:\windows\pss
    2017-10-30 14:26 - 2014-04-10 10:02 - 000000000 ___HD C:\Program Files (x86)\IDriveWindows
    2017-10-30 11:44 - 2016-03-31 08:50 - 000799866 _____ C:\windows\SysWOW64\PerfStringBackup.TMP
    2017-10-30 11:44 - 2012-07-06 09:46 - 000000000 ____D C:\ProgramData\TEMP
    2017-10-30 11:36 - 2015-12-04 09:26 - 000000852 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d12eb0893b956e.job
    2017-10-30 11:29 - 2012-07-05 15:54 - 000000000 ____D C:\Users\andy\AppData\Roaming\vlc
    2017-10-30 09:31 - 2015-09-18 08:26 - 000000852 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0f22666731de9.job
    2017-10-30 09:17 - 2012-07-05 10:19 - 000000000 ___RD C:\Users\andy\working on
    2017-10-30 08:31 - 2015-07-16 07:11 - 000000852 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0bfd142b62f03.job
    2017-10-30 08:20 - 2011-11-24 20:04 - 000000000 ___HD C:\windows\SysWOW64\Macromed
    2017-10-30 08:15 - 2016-02-02 11:31 - 000000852 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d15de7ff667fda.job
    2017-10-27 08:23 - 2017-09-19 13:46 - 000000000 ____D C:\Users\andy\Desktop\Destiny Springs
    2017-10-25 09:14 - 2014-08-25 13:04 - 000000000 ____D C:\Users\networkadmin\AppData\Local\Eraser 6
    2017-10-25 07:16 - 2015-05-15 06:10 - 000000852 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d08f108f35fdd5.job
    2017-10-25 06:15 - 2015-02-04 06:05 - 000000852 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0407b30052dd2.job
    2017-10-25 06:10 - 2013-12-24 10:42 - 000000852 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core.job
    2017-10-22 23:23 - 2014-08-12 12:55 - 000000000 ____D C:\ProgramData\Origin
    2017-10-22 17:16 - 2014-08-12 12:56 - 000000000 ____D C:\Users\andy\AppData\Roaming\Origin
    2017-10-22 17:13 - 2014-08-06 06:06 - 000000000 ___HD C:\Program Files (x86)\Java
    2017-10-22 17:13 - 2014-01-15 11:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
    2017-10-22 17:13 - 2013-10-21 07:43 - 000000000 ____D C:\ProgramData\Oracle
    2017-10-22 17:12 - 2016-01-25 06:30 - 000000000 ____D C:\Program Files\Java
    2017-10-22 17:11 - 2016-01-25 06:31 - 000110144 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll
    2017-10-22 17:11 - 2014-08-06 06:06 - 000097856 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
    2017-10-22 00:32 - 2013-05-28 13:53 - 000000000 ____D C:\Users\andy\AppData\Roaming\TS3Client
    2017-10-21 21:34 - 2013-05-28 13:24 - 000000000 ____D C:\Users\andy\AppData\Local\TeamSpeak 3 Client
    2017-10-19 14:23 - 2017-09-14 08:32 - 000000000 ____D C:\Users\andy\Desktop\Silica Program
    2017-10-19 10:15 - 2017-07-20 08:39 - 000000000 ____D C:\Users\andy\Desktop\Raytheon MPB
    2017-10-18 08:22 - 2013-10-23 13:27 - 000000000 ___HD C:\windows\Minidump
    2017-10-17 14:25 - 2016-12-30 12:01 - 000000000 ____D C:\Users\andy\AppData\Local\IE Tab
    2017-10-17 09:20 - 2016-06-27 11:08 - 000000000 ___RD C:\Users\andy\Desktop\Active Jobs
    2017-10-16 14:44 - 2017-08-02 14:28 - 000000000 ____D C:\Users\andy\Desktop\INS
    2017-10-16 10:08 - 2017-04-06 14:07 - 000004464 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2017-10-16 10:08 - 2014-12-16 13:10 - 000803328 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2017-10-16 10:08 - 2014-12-16 13:10 - 000144896 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2017-10-16 10:08 - 2014-08-21 21:40 - 000000000 ____D C:\Users\andy\AppData\Local\Adobe
    2017-10-16 10:08 - 2012-07-13 06:13 - 000000000 ___HD C:\windows\system32\Macromed
    2017-10-15 22:36 - 2013-06-21 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
    2017-10-15 12:29 - 2014-08-12 12:55 - 000000000 ____D C:\Program Files (x86)\Origin
    2017-10-13 14:12 - 2016-04-05 13:20 - 000000000 ____D C:\Users\andy\AppData\Roaming\EQATEC Analytics
    2017-10-13 14:02 - 2012-07-06 10:12 - 000001199 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
    2017-10-13 14:02 - 2012-07-06 10:12 - 000000000 ___HD C:\Program Files\Paint.NET
    2017-10-13 13:23 - 2012-07-05 09:07 - 000000000 ____D C:\Users\andy
    2017-10-13 12:51 - 2009-07-13 20:20 - 000000000 ___HD C:\windows\system32\spool
    2017-10-13 09:37 - 2014-08-25 05:40 - 000799866 _____ C:\windows\system32\PerfStringBackup.TMP
    2017-10-13 09:34 - 2017-07-13 16:09 - 000000000 ____D C:\Program Files (x86)\GoToMeeting
    2017-10-13 09:34 - 2015-06-19 09:44 - 000003624 _____ C:\windows\System32\Tasks\G2MUploadTask-S-1-5-21-462157724-132793273-1689201830-1178
    2017-10-13 09:34 - 2015-02-16 09:48 - 000003528 _____ C:\windows\System32\Tasks\G2MUpdateTask-S-1-5-21-462157724-132793273-1689201830-1178
    2017-10-13 08:45 - 2013-07-18 10:00 - 000000000 ____D C:\ProgramData\Package Cache
    2017-10-13 08:44 - 2012-10-27 14:42 - 000000000 ___HD C:\Program Files (x86)\Garmin
    2017-10-13 08:43 - 2012-07-05 09:09 - 000071416 _____ C:\Users\andy\AppData\Local\GDIPFONTCACHEV1.DAT
    2017-10-09 15:01 - 2012-06-29 08:57 - 000071416 _____ C:\Users\networkadmin\AppData\Local\GDIPFONTCACHEV1.DAT
    2017-10-09 08:24 - 2012-06-29 08:44 - 000071416 _____ C:\Users\User1\AppData\Local\GDIPFONTCACHEV1.DAT
    2017-10-06 08:57 - 2014-08-14 09:04 - 000000000 ____D C:\Users\User1\AppData\Roaming\Adobe
    2017-10-06 08:57 - 2012-06-29 08:43 - 000001424 _____ C:\Users\User1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2017-10-06 08:57 - 2012-06-29 08:43 - 000000000 ____D C:\Users\User1\AppData\Local\TOSHIBA
    2017-10-03 12:12 - 2009-07-13 22:08 - 000032552 ____H C:\windows\Tasks\SCHEDLGU.TXT
    2017-10-03 12:07 - 2009-07-13 20:20 - 000000000 ___HD C:\windows\system32\catroot2x
    2017-10-03 11:02 - 2009-07-13 21:45 - 000326352 ____H C:\windows\system32\FNTCACHE.DAT
    ==================== Files in the root of some directories =======
    2014-05-05 08:38 - 2014-05-03 20:38 - 000000044 ____H () C:\Program Files (x86)\7337007b.tmp
    2014-01-13 09:07 - 2016-01-07 10:21 - 000018851 _____ () C:\ProgramData\DVRClient.log
    2016-01-07 10:20 - 2016-01-07 10:20 - 000000717 _____ () C:\ProgramData\DVRServer.log
    2014-01-13 09:08 - 2014-01-28 13:37 - 001049025 _____ () C:\ProgramData\DVRServerMediaDevices_.log
    2013-03-13 10:09 - 2017-01-01 16:15 - 000001534 _____ () C:\ProgramData\ss.ini
    Files to move or delete:
    ====================
    C:\Users\andy\swoff.exe
    C:\Users\andy\Uninstall.exe

    Some files in TEMP:
    ====================
    2017-10-17 15:27 - 2017-10-22 17:16 - 000212992 _____ (Sony DADC Austria AG) C:\Users\andy\AppData\Local\Temp\drm_dyndata_7330017.dll
    2017-10-22 17:10 - 2017-10-22 17:10 - 001856576 _____ (Oracle Corporation) C:\Users\andy\AppData\Local\Temp\jre-8u151-windows-au.exe
    2017-10-09 08:31 - 2017-10-09 08:31 - 071535032 _____ (Malwarebytes ) C:\Users\User1\AppData\Local\Temp\mb3-setup-consumer-3.2.2.2029-1.0.212-1.0.2951.exe
    ==================== Bamital & volsnap ======================
    (There is no automatic fix for files that do not pass verification.)
    C:\windows\system32\winlogon.exe => File is digitally signed
    C:\windows\system32\wininit.exe => File is digitally signed
    C:\windows\SysWOW64\wininit.exe => File is digitally signed
    C:\windows\explorer.exe => File is digitally signed
    C:\windows\SysWOW64\explorer.exe => File is digitally signed
    C:\windows\system32\svchost.exe => File is digitally signed
    C:\windows\SysWOW64\svchost.exe => File is digitally signed
    C:\windows\system32\services.exe => File is digitally signed
    C:\windows\system32\User32.dll => File is digitally signed
    C:\windows\SysWOW64\User32.dll => File is digitally signed
    C:\windows\system32\userinit.exe => File is digitally signed
    C:\windows\SysWOW64\userinit.exe => File is digitally signed
    C:\windows\system32\rpcss.dll => File is digitally signed
    C:\windows\system32\dnsapi.dll => File is digitally signed
    C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
    LastRegBack: 2017-10-30 15:23
    ==================== End of FRST.txt ============================


    Addition.txt:

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017
    Ran by networkadmin (31-10-2017 07:00:23)
    Running from C:\Users\networkadmin\Desktop
    Windows 7 Professional Service Pack 1 (X64) (2012-06-29 15:41:45)
    Boot Mode: Normal
    ==========================================================

    ==================== Accounts: =============================
    Administrator (S-1-5-21-2200001339-424787301-343160645-500 - Administrator - Disabled)
    Guest (S-1-5-21-2200001339-424787301-343160645-501 - Limited - Disabled)
    User1 (S-1-5-21-2200001339-424787301-343160645-1001 - Administrator - Enabled) => C:\Users\User1
    WOUTempAdmin (S-1-5-21-2200001339-424787301-343160645-1004 - Administrator - Enabled)
    ==================== Security Center ========================
    (If an entry is included in the fixlist, it will be removed.)
    AV: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
    AS: ESET Endpoint Antivirus 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
    ==================== Installed Programs ======================
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    64 Bit HP CIO Components Installer (HKLM\...\{FD868C71-6CCF-42E2-B90D-0504AB0036FE}) (Version: 13.2.1 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
    Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
    Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.170 - Adobe Systems Incorporated)
    Airytec Switch Off (HKLM\...\Airytec Switch Off) (Version: 3.4.1 - Airytec)
    AlphaSmart AlphaBeam 3.2 (HKLM-x32\...\AlphaSmart AlphaBeam 3.2) (Version: - )
    ANT Drivers Installer x64 (HKLM\...\{B9218A36-7AD3-4046-8D77-31F51DC0D795}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
    Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
    Apowersoft Free Screen Recorder V1.1.5 (HKLM-x32\...\{4EFA42DB-E4EC-4537-9DF3-5158D08A9785}_is1) (Version: 1.1.5 - Apowersoft)
    ArcSoft Perfect365 (HKLM-x32\...\{5B5E949E-3924-45E3-9229-84E8270BED68}) (Version: 1.8.0.3 - ArcSoft, Inc.)
    Aslain's WoT Modpack version 9.20.0.03 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 9.20.0.03 - Aslain)
    Aslain's XVM WoT Modpack version 9.15.28 (HKLM-x32\...\ZRwTINhSZfduKONYrSCTiCiGPggQZdcLRvoAVxyCOXXpkHeC~1DC3968F_is1) (Version: 9.15.28 - Aslain)
    Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
    Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
    aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1347 - DsNET Corp)
    Baidu WiFi Hotspot (HKLM-x32\...\Baidu WiFi Hotspot) (Version: 5.1.4.124910 - Baidu, Inc.)
    Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION)
    CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
    Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
    Command & Conquer 3 Tiberium Wars™ (HKLM-x32\...\{CAC9DCAF-0EA8-442C-97EA-CA6F5755390A}) (Version: 1.0.0.0 - Electronic Arts)
    CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
    CrazyTalk v7.32 Standard (HKLM-x32\...\{27C4EA98-84A3-4CDF-A436-F984A0283357}) (Version: 7.32.3114.1 - Reallusion Inc.)
    CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
    CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3618 - CyberLink Corp.)
    CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.2820.0 - CyberLink Corp.)
    D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
    DisplayLink Core Software (HKLM\...\{DF3F0788-16F0-4894-9748-677409D69100}) (Version: 7.9.630.0 - DisplayLink Corp.)
    DisplayLink Graphics (HKLM\...\{9784DFBE-6A06-42B9-B973-87CF60174D76}) (Version: 7.6.55102.0 - DisplayLink Corp.)
    Dragon NaturallySpeaking 11 (HKLM-x32\...\{EFFA53BC-8C04-2E21-3D90-A13B1697B0CA}) (Version: 11.50.100 - Nuance Communications Inc.)
    DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.94.0 - DxO Labs)
    DxO Optics Pro 8 (HKLM\...\{ECC28C7D-ABF5-4ED1-9B29-6D48BC218393}) (Version: 8.5.0 - DxO Labs)
    Elevated Installer (HKLM-x32\...\{B85F70BE-A5A3-48A2-A790-AF6001F026E0}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Eraser 6.2.0.2979 (HKLM\...\{C5900DE9-D199-4C27-B692-354C9A6A6C8B}) (Version: 6.2.2979 - The Eraser Project)
    ESET Endpoint Antivirus (HKLM\...\{5ECEEEEF-B81B-4385-B056-A3B6914B2C70}) (Version: 5.0.2260.1 - ESET, spol. s r.o.)
    ezcap Video Grabber (HKLM-x32\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.1.1 - Somagic)
    FastStone Image Viewer 5.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft)
    ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
    Free CUDA Movie Converter 4.3.1 (HKLM-x32\...\Free CUDA Movie Converter_is1) (Version: - TopCUDA Soft, Inc.)
    Freemake Video Converter version 3.0.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 3.0.2 - Ellora Assets Corporation)
    FreeRIP 4.0 (HKLM-x32\...\{501451DE-5808-4599-B544-8BD0915B6B24}_is1) (Version: 4.0 - GreenTree Applications SRL)
    Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
    Garmin Express (HKLM-x32\...\{5b328687-2baf-4fb6-b6c7-c49fb4840cba}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries)
    Garmin Express (HKLM-x32\...\{5F4164CE-621E-4AFD-BBFE-1BBE2299710E}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Garmin Express Tray (HKLM-x32\...\{4E9533AB-7743-4B73-A5D2-42207E159E11}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
    Google Drive (HKLM-x32\...\{AC117AF9-316B-4E1D-959E-F0EB85B0DC5F}) (Version: 2.34.7100.0000 - Google, Inc.)
    Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
    Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
    Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
    Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
    GX-2009 (HKLM-x32\...\{C92D9C5E-BDA7-4AE3-9EE4-8C1D4A7C3293}) (Version: 1.1.0.97 - )
    HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
    HitFilm 2 Express (HKLM\...\{A6E81EFB-2A19-4B5B-8C48-D4E5DB3AD547}) (Version: 2.0.2522.46168 - FXhome)
    IDrive Version - 6.0 (HKLM-x32\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)
    iLinc 11 Client (HKLM-x32\...\iLincClient.11) (Version: - )
    Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
    Inpaint 4.7 (HKLM-x32\...\{2AEDC172-479F-47AE-8A48-A0524D4AED5B}_is1) (Version: - Teorex)
    Intel(R) Identity Protection Technology 1.2.28.0 (HKLM-x32\...\{A87263E8-26CB-1016-8F2F-C04708B17CE2}) (Version: 1.2.28.0 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2430 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
    Java 8 Update 151 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
    Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
    JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.59.2 - JMicron Technology Corp.)
    Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    K-Lite Codec Pack 9.0.2 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.0.2 - )
    Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
    Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - )
    ManyCam 3.1.59 (HKLM-x32\...\ManyCam) (Version: 3.1.59 - ManyCam LLC)
    Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Hyperlapse Pro (HKLM\...\{33503317-BA83-44C8-873E-581B3D8EB837}) (Version: 1.3.5764 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Research Cliplets (HKLM\...\{A4DA1935-2F04-4AFF-BE48-085CCC7BD0CB}) (Version: 1.1.1 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
    Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Morgan Multimedia Motion JPEG Codec 3.0.0.9 (HKLM-x32\...\Morgan Multimedia Motion JPEG Codec_is1) (Version: 3.0.0.9 - Morgan Multimedia)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
    Nuance PDF Converter Professional 7 (HKLM\...\{FFAE98FC-4E1A-45BB-ADED-081160A2CBD7}) (Version: 7.20.6187 - Nuance Communications, Inc.)
    Nuance PDF Converter Professional 7 (HKLM-x32\...\{FFAE98FC-4E1A-45BB-ADED-081160A2CBD7}) (Version: 7.20.6187 - Nuance Communications, Inc.)
    NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
    NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
    NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
    NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    OMC ModPack Client version 1.5.1.210 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.5.1.210 - Odem Mortis)
    ON1 Effects Free 10 (HKLM\...\ON1 Effects Free 10) (Version: 10.1.0 - ON1)
    Origin (HKLM-x32\...\Origin) (Version: 10.4.14.21968 - Electronic Arts, Inc.)
    paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141667}) (Version: 4.0.19 - dotPDN LLC)
    PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )
    Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
    PingPlotter Standard 3.42.3s (HKLM-x32\...\{1C1D0A2C-C8B4-4C2C-9877-884F8FC082B5}) (Version: 3.42.3.6 - Nessoft, LLC)
    PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
    proDAD Adorage 3.0 (64bit) (HKLM\...\proDAD-Adorage-3.0) (Version: 3.0.114.1 - proDAD GmbH)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6360 - Realtek Semiconductor Corp.)
    Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
    RoboForm 7-9-28-8 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-28-8 - Siber Systems)
    Samsung i-Launcher 1.0.1.57 (HKLM-x32\...\Samsung i-Launcher) (Version: 1.0.1.57 - Samsung Electronics Co., Ltd.)
    Samsung Kies3 (HKLM-x32\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15022.8 - Samsung Electronics Co., Ltd.)
    Samsung Story Album Viewer (HKLM-x32\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
    Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
    SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
    Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
    Securence Outlook 2010 Add-In (HKLM-x32\...\{8A258FA6-B80F-4AD3-A3E1-BD91F88F891D}) (Version: 2.13.0201 - Securence)
    SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 3.1.3000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 16.18.9 - NVIDIA Corporation) Hidden
    Should I Remove It (HKLM-x32\...\{4E62123C-4C0D-4123-A8A2-C0103B92D7EA}) (Version: 1.0.4 - Reason Software Company Inc.) Hidden
    SiFEU 0.9 (HKLM-x32\...\SiFEU 0.9) (Version: - )
    SketchUp 8 (HKLM-x32\...\{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}) (Version: 3.0.15158 - Trimble Navigation Limited)
    SPCA1628 PC Driver (HKLM-x32\...\{5F1C7F21-AB33-4362-BCEE-6E0FD1EDC6D8}) (Version: 1.2.0.0 - Icatch)
    SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
    SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.1.1 - Krzysztof Kowalczyk)
    SUPER v2012.build.52 (July 7, 2012) version v2012.build.52 (HKLM-x32\...\{8F311E2E-C275-4CF0-8154-B63991832668}_is1) (Version: v2012.build.52 - eRightSoft)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
    Tiberium Wars 9 In 1 Map Pack (HKLM-x32\...\{5324CA8A-2EA3-4491-ACA3-982AD231B8C8}) (Version: 2.0.0.9 - Tim)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
    TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
    TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
    TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
    TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
    TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.12C - TOSHIBA CORPORATION)
    TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.1.37C - TOSHIBA CORPORATION)
    TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.2.15 - TOSHIBA Corporation)
    TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
    TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
    TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.9.64 - TOSHIBA Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
    TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
    TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
    TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.15.0 - TOSHIBA)
    TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.8 - TOSHIBA Corporation)
    TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.51.2C - TOSHIBA CORPORATION)
    TOSHIBA USB Display Drivers (HKLM\...\{BC0EEA2E-6557-4CBD-ACD9-4F59952761F9}) (Version: 6.1.35912.0 - TOSHIBA Corporation)
    TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.30 - TOSHIBA Corporation)
    TRENDnetCloud Plugin (HKLM-x32\...\{63FE1F13-E737-467C-ADF3-CCBFE5EED10F}) (Version: 1.1.4212 - TRENDnet)
    TRENDnetVIEW Pro 2.3.4 (HKLM-x32\...\DVRServer.Application_is1) (Version: 2.3.4 - TRENDnet)
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Utility Common Driver (HKLM-x32\...\{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.52.3C - TOSHIBA) Hidden
    Utility Common Driver (HKLM-x32\...\InstallShield_{12688FD7-CB92-4A5B-BEE4-5C8E0574434F}) (Version: 1.0.52.3C - TOSHIBA) Hidden
    Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64) (HKLM\...\{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}) (Version: 11.0.0 - Nuance Communications Inc.)
    VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
    VS 2008 CRT Package (HKLM-x32\...\{ED79C920-2FF2-4742-AF32-B58BE68B0FA6}) (Version: 1.1.0 - Microsoft)
    WatchGuard Mobile VPN with SSL client 11.10.4 (HKLM-x32\...\Mobile VPN with SSL client_is1) (Version: - WatchGuard)
    WebCam (HKLM-x32\...\{FC9B811E-39BC-4813-9E29-B83CCF700010}) (Version: 2.22.23.106 - Alcor)
    Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
    Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
    Windows Essentials Media Codec Pack 4.0 [64-Bit] (HKLM-x32\...\Windows Essentials Media Codec Pack) (Version: 4.0 - Media Codec)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
    Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
    Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
    Windows Small Business Server 2008 ClientAgent (HKLM\...\{E4FF4DF1-F99C-49AC-B398-BE0887432846}) (Version: 6.0.5601.0 - Microsoft Corporation)
    Windows Small Business Server 2008 Desktop Links Gadget (HKLM\...\{F5E5D7CA-0F94-41A3-8106-66473C2F3728}) (Version: 6.0.5601.0 - Microsoft Corporation)
    WinUtilities Free Edition 11.33 (HKLM-x32\...\{FC274982-5AAD-4C20-848D-4424A5043010}_is1) (Version: 11.33 - YL Computing, Inc)
    WinX DVD Ripper Platinum 7.5.11 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.)
    WinX HD Video Converter Deluxe 4.0.0 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version: - Digiarty Software, Inc.)
    Wisdom-soft Set up ASR 3.1 Free (HKLM-x32\...\Wisdom-soft Set up ASR 3.1 Free) (Version: - Wisdom Software Inc.)
    Wondershare Video Editor(Build 3.5.0) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software)
    ==================== Custom CLSID (Whitelisted): ==========================
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    CustomCLSID: HKU\S-1-5-21-462157724-132793273-1689201830-1142_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
    ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
    ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-10-09] (Google)
    ShellIconOverlayIdentifiers: [ SncrOverlays (Blocked)] -> {C418E880-6280-4010-A888-FD76028E5511} => -> No File
    ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (The Eraser Project)
    ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-03-04] (ESET)
    ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google)
    ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
    ContextMenuHandlers1: [IBContextMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\idcontext64.dll [2013-01-24] ()
    ContextMenuHandlers1: [PDFC7.ShellExtension] -> {877327F4-8A93-4320-932C-338069C27BEA} => C:\Program Files (x86)\Nuance\PDF Professional 7\ShellExt70.dll [2011-09-09] (Nuance Communications, Inc.)
    ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
    ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
    ContextMenuHandlers1: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA)
    ContextMenuHandlers1: [Zeon.MFCDirectShellExt] -> {353C642C-F13D-4699-9FF2-EFAF490B6C69} => C:\Program Files (x86)\Nuance\PDF Professional 7\bin\DirectShellExt.dll [2010-07-16] (Zeon International Investment Corp. )
    ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (The Eraser Project)
    ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-03-04] (ESET)
    ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
    ContextMenuHandlers2: [IBContextMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\idcontext64.dll [2013-01-24] ()
    ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (The Eraser Project)
    ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-10-09] (Google)
    ContextMenuHandlers4: [IBContextMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\idcontext64.dll [2013-01-24] ()
    ContextMenuHandlers4: [tosBtShllExt] -> {6BEF3D0B-53F0-4b0d-B91C-C19ED3D4C9D1} => C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtShell.dll [2014-01-20] (TOSHIBA)
    ContextMenuHandlers5: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (The Eraser Project)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-06-27] (Intel Corporation)
    ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2015-02-05] (NVIDIA Corporation)
    ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2016-08-28] (The Eraser Project)
    ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2016-03-04] (ESET)
    ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
    ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
    ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
    ==================== Scheduled Tasks (Whitelisted) =============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    Task: {0B5FF150-F1E4-47A5-A7E7-A5C867A64AD5} - System32\Tasks\GoogleUpdateTaskMachineUA1d04143633d1df8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {1164EAEC-5E97-4E08-A038-9A77A8B02F1E} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab9674fc3837 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {12D997B6-9530-4F34-B77C-8891267DDF85} - System32\Tasks\{30CC794C-7865-4D23-B1CE-87B60AB9D8A5} => C:\windows\system32\pcalua.exe -a D:\SETUP.EXE -d D:\
    Task: {14353E53-1AE5-46A0-9B28-38707175C2F2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0e4caa1bed86a => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {16188D9D-67DB-4B72-A1D2-8A528CC36824} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0407b301f1e75 => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {195E26F2-2DF8-4E14-ADF2-A4E393085DAD} - System32\Tasks\GoogleUpdateTaskMachineUA1d130efbb87d9f5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {1B35F0DC-7034-4E94-BB98-F27B2A5373C0} - System32\Tasks\GoogleUpdateTaskMachineCore1d04143631e2c14 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {1C79E337-7B14-4BA0-83D9-6C8D0A666B5D} - System32\Tasks\{6673B227-EF04-4CFD-9526-CD9F7782B6DA} => C:\windows\system32\pcalua.exe -a D:\1520驱动\SPCA1520_V1200_WHQL.exe -d D:\1520驱动
    Task: {2351C306-697E-4E99-9BFB-45EE1319D71B} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ab9674cefe12 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {24CCF0DB-E842-4ECB-A5EC-134EB24C1F49} - System32\Tasks\GoogleUpdateTaskMachineCore1d130efbb5d0130 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {2ACE64DC-AC17-4EFF-B95E-115669833D9B} - System32\Tasks\G2MUploadTask-S-1-5-21-462157724-132793273-1689201830-1178 => C:\Program Files (x86)\GoToMeeting\7759\g2mupload.exe [2017-10-13] (LogMeIn, Inc.)
    Task: {34F5EEE3-2C5B-40F6-BA1B-0049FECA6D74} - System32\Tasks\GoogleUpdateTaskMachineCore1d0f16aee43fded => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {35BCC796-A87C-4AA0-9507-D82D36991E47} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-03-17] (Siber Systems)
    Task: {35D80110-2208-42BA-A103-B3B1ABC58555} - System32\Tasks\GoogleUpdateTaskMachineUA1d15dec898864da => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {3851BBC7-7BD7-4D93-9C7F-569BBEDB0FD2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0f22666731de9 => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {3ADCE40C-6681-49E3-A869-E85B308DF851} - System32\Tasks\G2MUpdateTask-S-1-5-21-462157724-132793273-1689201830-1178 => C:\Program Files (x86)\GoToMeeting\7759\g2mupdate.exe [2017-10-13] (LogMeIn, Inc.)
    Task: {3C9A7A7D-E39D-4AC6-BEBF-C925D8277717} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {3D8D8CFE-8D61-4A53-8075-708AD95673AC} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e4cfc89d8ad0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {42B0F76E-2FE9-43A4-BD52-A9C75922A70C} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bfd0381d0a6f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {4910CB23-59B2-46FA-BB05-D3671F5D730E} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-10-09] ()
    Task: {4A0C3168-2E3E-46A6-9350-C8E649991041} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d15de7ff93b9ff => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {4E9E9DB7-0405-4574-A4F8-71D4393BCED0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0bfd142b62f03 => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {6230CFB5-F534-432F-A0A9-0D1122E4B4E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d12eb089666e33 => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {6558FA0A-69EC-449C-8388-726ABC5F96E3} - System32\Tasks\Windows Codec Update Service => C:\Program Files (x86)\Essentials Codec Pack\WECPUpdate.exe [2012-02-03] (MediaCodec.Org)
    Task: {65F981A9-CC84-4BD8-95A4-3CE69B1BC41D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {67DA7E47-60F2-465C-8B04-FD1C8D1F51FF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0bfd143053a8b => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {6B4E189C-C4AD-4B2E-84D4-8F934EAB0839} - System32\Tasks\ShouldIRemoveIt => C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe [2013-02-13] (Reason Software Company Inc.)
    Task: {76C70952-3BEB-4894-8B73-5EAE92C70136} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0f2266a6deade => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {8DA65BBC-BEE2-41D8-BD87-B3430A58AF8E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d08f108f35fdd5 => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {9881C415-DF44-43AF-83ED-B322778CE99C} - System32\Tasks\GoogleUpdateTaskMachineUA1d0923caaabd3f9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {9AD5A5C9-AE02-486D-B3D9-F00BA944D799} - \Test TimeTrigger -> No File <==== ATTENTION
    Task: {A32D2B88-B2C3-44DA-851E-67F5BAEAF139} - System32\Tasks\Run RoboForm Process => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2017-03-17] (Siber Systems)
    Task: {A62870A5-B32E-4382-86D7-BF29A0120FA0} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e4cfc87774cc => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {A7EF1DB2-E264-44E4-A0DB-72C3453A6B99} - System32\Tasks\Open URL by RoboForm => C:\windows\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://www.roboform.com/test-pass.html?aaa=KICMPMMJNJKJJJNJIMJJCNOJJMIMNMCNLMLMPMOMCNNJNJMMOMCNGMOMLMJMJJOMIMOJJMMMPMMJJNJICMIMCNGMCNNMHMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMNMOMJMJMJNHICMEKMICNJJCKJNBJCMOJBJLJGIJNKJCMJNNICMJNDJCMKJBJJNMJCMOMJ (the data entry has 50 more characters).
    Task: {ABF1E247-D419-4703-BF95-773FA7372806} - System32\Tasks\Baidu LiveUpdate => C:\Program [Argument = Files (x86)\Baidu WiFiHotspot\liveupdate.exe]
    Task: {AD43B04B-473D-4E24-8F73-74D18D07D7DC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d12eb0893b956e => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {B32F4898-CADA-4F3F-8427-FE075828A2A0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d1ab973c818917 => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {B5E3B227-6F3C-4B40-9893-6D3578746D1F} - System32\Tasks\GoogleUpdateTaskMachineCore1d0923caa881f55 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {B910956A-48FC-4F48-A53D-1964A4432891} - System32\Tasks\{176C4663-B32D-45BC-B745-3D98B8A39FCD} => C:\windows\system32\pcalua.exe -a C:\Users\andy\AppData\Local\Temp\jre-8u111-windows-au.exe -d C:\windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
    Task: {BF3B48BD-3183-4D34-BEAA-EB49FF9B1912} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dec894f43d3 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {BFADC804-2DBB-47BD-9B2B-AE81299ADD9A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d15de7ff667fda => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {C57B52FA-0110-4631-AA7D-9AAD5A4BE7A8} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_170_pepper.exe [2017-10-16] (Adobe Systems Incorporated)
    Task: {CBEE004E-0A2F-428B-B5ED-4675430E9CAB} - System32\Tasks\GoogleUpdateTaskMachineUA1d0f16aee6a13f2 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {CDD78BA7-83A6-49AF-B5BC-2E95057EAED6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {D132AE19-5027-49D7-9EB5-8F49CCE36C1D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
    Task: {D2BEBC8E-F634-4D1F-B97C-48F4E9EDD101} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d08f108f575119 => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {DF1541BE-C478-42D9-BD0A-1F916F79E594} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0407b30052dd2 => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {E2E8660C-505D-4B5D-8244-F49F8CCE61E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d1ab973c5d109e => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {E4D37C12-68EB-4412-B747-D079C282ACC1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1cffeb62299cabb => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {E5F8733F-7B4F-4DAD-B888-19FFAAABC26F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
    Task: {F220A7DE-5A2F-4349-9B20-296059EA8DA1} - System32\Tasks\CCleanerSkipUAC => F:\PortableApps\CCleanerPortable\CCleaner.exe
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
    Task: C:\windows\Tasks\G2MUpdateTask-S-1-5-21-462157724-132793273-1689201830-1178.job => C:\Program Files (x86)\GoToMeeting\7759\g2mupdate.exe
    Task: C:\windows\Tasks\G2MUploadTask-S-1-5-21-462157724-132793273-1689201830-1178.job => C:\Program Files (x86)\GoToMeeting\7759\g2mupload.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d04143631e2c14.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0923caa881f55.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0bfd0381d0a6f.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0e4cfc87774cc.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d0f16aee43fded.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d130efbb5d0130.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1d15dec894f43d3.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d04143633d1df8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d0923caaabd3f9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d0e4cfc89d8ad0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d0f16aee6a13f2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d130efbb87d9f5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA1d15dec898864da.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0407b30052dd2.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d08f108f35fdd5.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0bfd142b62f03.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d0f22666731de9.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d12eb0893b956e.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178Core1d15de7ff667fda.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1cffeb62299cabb.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0407b301f1e75.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d08f108f575119.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0bfd143053a8b.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0e4caa1bed86a.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d0f2266a6deade.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d12eb089666e33.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-462157724-132793273-1689201830-1178UA1d15de7ff93b9ff.job => C:\Users\andy\AppData\Local\Google\Update\GoogleUpdate.exe
    ==================== Shortcuts & WMI ========================
    (The entries could be listed to be restored or removed.)

    ==================== Loaded Modules (Whitelisted) ==============
    2014-04-10 10:02 - 2013-01-24 21:43 - 000560640 ____H () C:\Program Files (x86)\IDriveWindows\idcontext64.dll
    2012-06-09 19:12 - 2015-02-05 14:01 - 000012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
    2012-06-09 19:12 - 2015-02-05 14:01 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
    ==================== Alternate Data Streams (Whitelisted) =========
    (If an entry is included in the fixlist, only the ADS will be removed.)
    AlternateDataStreams: C:\Windows:nlsPreferences [386]
    AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1 [5]
    AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2 [5]
    AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3 [5]
    AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4 [5]
    AlternateDataStreams: C:\ProgramData\TEMP:0574215C [239]
    AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [242]
    ==================== Safe Mode (Whitelisted) ===================
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
    ==================== Association (Whitelisted) ===============
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)

    ==================== Internet Explorer trusted/restricted ===============
    (If an entry is included in the fixlist, it will be removed from the registry.)
    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
    There are 7866 more sites.
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\S-1-5-21-462157724-132793273-1689201830-1142\...\123simsen.com -> www.123simsen.com
    There are 7866 more sites.

    ==================== Hosts content: ==========================
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    2009-07-13 19:34 - 2015-05-21 07:31 - 000450771 ____R C:\windows\system32\Drivers\etc\hosts
    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com
    127.0.0.1 www.0scan.com
    127.0.0.1 0scan.com
    127.0.0.1 1000gratisproben.com
    127.0.0.1 www.1000gratisproben.com
    127.0.0.1 1001namen.com
    127.0.0.1 www.1001namen.com
    127.0.0.1 100888290cs.com
    127.0.0.1 www.100888290cs.com
    127.0.0.1 www.100sexlinks.com
    127.0.0.1 100sexlinks.com
    127.0.0.1 10sek.com
    127.0.0.1 www.10sek.com
    127.0.0.1 www.1-2005-search.com
    127.0.0.1 1-2005-search.com
    127.0.0.1 123fporn.info
    127.0.0.1 www.123fporn.info
    127.0.0.1 123haustiereundmehr.com
    127.0.0.1 www.123haustiereundmehr.com
    127.0.0.1 123moviedownload.com
    127.0.0.1 www.123moviedownload.com
    There are 15465 more lines.

    ==================== Other Areas ============================
    (Currently there is no automatic fix for this section.)
    HKU\S-1-5-21-462157724-132793273-1689201830-1142\Control Panel\Desktop\\Wallpaper -> C:\Users\networkadmin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 10.0.0.2
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
    Windows Firewall is enabled.
    ==================== MSCONFIG/TASK MANAGER disabled items ==
    MSCONFIG\Services: ADExchange => 2
    MSCONFIG\Services: DisplayLinkService => 2
    MSCONFIG\Services: DragonSvc => 2
    MSCONFIG\Services: EhttpSrv => 3
    MSCONFIG\Services: ESHASRV => 3
    MSCONFIG\Services: Freemake Improver => 2
    MSCONFIG\Services: Garmin Device Interaction Service => 3
    MSCONFIG\Services: GfExperienceService => 2
    MSCONFIG\Services: gupdate => 2
    MSCONFIG\Services: gupdatem => 3
    MSCONFIG\Services: IDriveService => 2
    MSCONFIG\Services: IDWAdmin => 2
    MSCONFIG\Services: jhi_service => 2
    MSCONFIG\Services: Leawo_service => 2
    MSCONFIG\Services: LMS => 2
    MSCONFIG\Services: nlsX86cc => 2
    MSCONFIG\Services: NvNetworkService => 2
    MSCONFIG\Services: NvStreamSvc => 2
    MSCONFIG\Services: NVSvc => 2
    MSCONFIG\Services: Origin Client Service => 3
    MSCONFIG\Services: Origin Web Helper Service => 2
    MSCONFIG\Services: PDFProFiltSrv => 2
    MSCONFIG\Services: RemoteMouseService => 2
    MSCONFIG\Services: RichVideo64 => 2
    MSCONFIG\Services: SDScannerService => 2
    MSCONFIG\Services: SDUpdateService => 2
    MSCONFIG\Services: SDWSCService => 2
    MSCONFIG\Services: ss_conn_service => 2
    MSCONFIG\Services: SwOffScheduler => 2
    MSCONFIG\Services: SwOffWeb => 2
    MSCONFIG\Services: Thpsrv => 2
    MSCONFIG\Services: TMachInfo => 3
    MSCONFIG\Services: TODDSrv => 2
    MSCONFIG\Services: TOSHIBA Bluetooth Service => 3
    MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3
    MSCONFIG\Services: TPCHSrv => 3
    MSCONFIG\Services: UNS => 2
    MSCONFIG\Services: wgsslvpnsrc => 2
    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\windows\pss\Bluetooth Manager.lnk.CommonStartup
    MSCONFIG\startupreg: Eraser => "C:\Program Files\Eraser\Eraser.exe" -atRestart
    MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
    MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
    MSCONFIG\startupreg: IgfxTray => C:\windows\system32\igfxtray.exe
    MSCONFIG\startupreg: ITSecMng => %ProgramFiles(x86)%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    MSCONFIG\startupreg: Malwarebytes Anti-Malware => "F:\PortableApps\Malwarebytes Anti-Malware\BusinessMessaging.exe"
    MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
    MSCONFIG\startupreg: Persistence => C:\windows\system32\igfxpers.exe
    MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 /MAXX3
    MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
    MSCONFIG\startupreg: S6000Mnt => \C:\windows\SysWOW64\Rundll32.exe S6000Rmv.dll
    MSCONFIG\startupreg: ShadowPlay => C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    MSCONFIG\startupreg: TosVolRegulator => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
    MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    ==================== FirewallRules (Whitelisted) ===============
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    FirewallRules: [{65A2E6AC-D18B-4114-87AF-6C31FB2C5BCF}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{B3C1348D-1FCF-4A2D-8FC4-054DE17C3013}] => (Allow) LPort=2869
    FirewallRules: [{502874DE-29C0-4D15-904D-40E1C85A4D93}] => (Allow) LPort=1900
    FirewallRules: [{73071957-29E6-4D31-9818-2FABF7ED31D8}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{DC60DC09-9AE0-445B-87BA-C3452DD3D368}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{BAB90C1F-1C3F-46E0-A16D-35290D89A681}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{5E8AA309-D8E1-4BD3-9AF1-7104453D5748}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [TCP Query User{E10155D2-EAE8-4C97-98D2-511B282A7BA8}C:\program files (x86)\trendnet\trendnetview pro\dvrserver.exe] => (Allow) C:\program files (x86)\trendnet\trendnetview pro\dvrserver.exe
    FirewallRules: [UDP Query User{B22F5612-DA99-42DB-A79F-74109E192C9C}C:\program files (x86)\trendnet\trendnetview pro\dvrserver.exe] => (Allow) C:\program files (x86)\trendnet\trendnetview pro\dvrserver.exe
    FirewallRules: [TCP Query User{01AA458E-7768-40E4-A201-9CE6E5A5EB9D}F:\portableapps\firefoxportable\app\firefox\plugin-container.exe] => (Allow) F:\portableapps\firefoxportable\app\firefox\plugin-container.exe
    FirewallRules: [UDP Query User{F4852A8C-BA5E-47E1-A5D7-7F3DBE70F098}F:\portableapps\firefoxportable\app\firefox\plugin-container.exe] => (Allow) F:\portableapps\firefoxportable\app\firefox\plugin-container.exe
    FirewallRules: [TCP Query User{F1D308FC-98BD-4FB0-8FE4-BD9E8909875F}E:\portableapps\paxgalaxia\paxgal.exe] => (Allow) E:\portableapps\paxgalaxia\paxgal.exe
    FirewallRules: [UDP Query User{BDA157A3-DE4A-4316-A82B-BA8D6ABF4CDB}E:\portableapps\paxgalaxia\paxgal.exe] => (Allow) E:\portableapps\paxgalaxia\paxgal.exe
    FirewallRules: [TCP Query User{6C5B82CA-275B-4071-B10E-7EA99C2C99A4}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{72343B96-1FFD-46A4-8918-368BA63428F1}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [TCP Query User{A8564B8A-707A-4C2B-9D29-6093625C45D5}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{F24C18C0-EDD2-4B6D-8604-D6F3CFE11909}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [{DC65E122-A6B3-4026-AF4B-95E2B8499839}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{858C5A5E-1B4E-457F-AB1E-FD4992933D3B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{F997751E-DCA6-42B1-B762-76FCCE7456AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{94FA4A58-7440-4DA2-A186-00DBAA8138AB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{604BB9B1-BC0F-494F-B1E8-CCFD9F383794}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{592C2546-CB9F-4844-A994-10CFCF89D77A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [TCP Query User{5123E674-A4BB-45EC-9BE0-ACF9A7243439}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [UDP Query User{C165F9C6-F43A-454E-9FB9-8B07255A9130}C:\program files\onone software\perfect effects 8\perfect effects 8.exe] => (Allow) C:\program files\onone software\perfect effects 8\perfect effects 8.exe
    FirewallRules: [{FB5A57FD-A016-44D9-AFF9-2CE6D19CC9F8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{B395A048-E6C7-4DD9-9B3A-CCDFFC7E1276}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [TCP Query User{9B4EDBDD-1AB2-42C9-8FCD-7232515B9FEE}C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe] => (Allow) C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe
    FirewallRules: [UDP Query User{D4BD701F-9CC6-42B5-9134-C39FBE40F953}C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe] => (Allow) C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe
    FirewallRules: [{295F9834-E096-4443-9FDA-860EE5E7D9E7}] => (Block) C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe
    FirewallRules: [{6875B5A7-1F15-45A6-BB89-8339CD934CAA}] => (Block) C:\program files (x86)\toshiba\bluetooth toshiba stack\tosbtpcs.exe
    FirewallRules: [TCP Query User{7495C93A-2096-4715-9D23-57C0DB7FEA65}C:\users\andy\appdata\local\apps\2.0\w6nv51xz.re0\qyk05hp4.m3a\mobi..tion_980a95f0dc23f55a_0001.0002_73246d135863784d\mobile buddy.exe] => (Allow) C:\users\andy\appdata\local\apps\2.0\w6nv51xz.re0\qyk05hp4.m3a\mobi..tion_980a95f0dc23f55a_0001.0002_73246d135863784d\mobile buddy.exe
    FirewallRules: [UDP Query User{8988CD7F-B597-41AC-9737-0C66EF5F42F9}C:\users\andy\appdata\local\apps\2.0\w6nv51xz.re0\qyk05hp4.m3a\mobi..tion_980a95f0dc23f55a_0001.0002_73246d135863784d\mobile buddy.exe] => (Allow) C:\users\andy\appdata\local\apps\2.0\w6nv51xz.re0\qyk05hp4.m3a\mobi..tion_980a95f0dc23f55a_0001.0002_73246d135863784d\mobile buddy.exe
    FirewallRules: [TCP Query User{99650AE8-1DE9-4F9A-BDEC-C65A8BC0D2F3}F:\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) F:\portableapps\firefoxportable\app\firefox\firefox.exe
    FirewallRules: [UDP Query User{5598881D-2835-49DE-8975-B5216C26BAC3}F:\portableapps\firefoxportable\app\firefox\firefox.exe] => (Allow) F:\portableapps\firefoxportable\app\firefox\firefox.exe
    FirewallRules: [{981D8239-2495-4ACF-9E7C-751F16C31E5A}] => (Block) F:\portableapps\firefoxportable\app\firefox\firefox.exe
    FirewallRules: [{7D403D48-7929-4763-80AB-A08100AB58D6}] => (Block) F:\portableapps\firefoxportable\app\firefox\firefox.exe
    FirewallRules: [TCP Query User{80B50BAA-5FC4-45BE-A13B-B469B3228B8A}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
    FirewallRules: [UDP Query User{80CF532B-2BB8-45D7-9912-CBA38CEF94ED}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
    FirewallRules: [TCP Query User{528AF29A-BC45-434F-9E22-8B03B3C3DEF3}C:\users\andy\appdata\local\apps\2.0\w6nv51xz.re0\qyk05hp4.m3a\mobi..tion_980a95f0dc23f55a_0001.0002_73246d135863784d\mobile buddy.exe] => (Block) C:\users\andy\appdata\local\apps\2.0\w6nv51xz.re0\qyk05hp4.m3a\mobi..tion_980a95f0dc23f55a_0001.0002_73246d135863784d\mobile buddy.exe
    FirewallRules: [UDP Query User{2886DB97-DBC8-4A31-8710-8125BA509B91}C:\users\andy\appdata\local\apps\2.0\w6nv51xz.re0\qyk05hp4.m3a\mobi..tion_980a95f0dc23f55a_0001.0002_73246d135863784d\mobile buddy.exe] => (Block) C:\users\andy\appdata\local\apps\2.0\w6nv51xz.re0\qyk05hp4.m3a\mobi..tion_980a95f0dc23f55a_0001.0002_73246d135863784d\mobile buddy.exe
    FirewallRules: [TCP Query User{A0A1C570-5A7F-4441-9F1B-01EB8C50AF96}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
    FirewallRules: [UDP Query User{ADF47EE6-B28A-4696-8226-6B7B712A4E0A}C:\program files (x86)\remote mouse\remotemouse.exe] => (Allow) C:\program files (x86)\remote mouse\remotemouse.exe
    FirewallRules: [TCP Query User{23612BF6-9FDF-4AF0-8A8B-0CA1B6B11992}C:\program files\on1\on1 effects free 10\on1 effects free 10.exe] => (Allow) C:\program files\on1\on1 effects free 10\on1 effects free 10.exe
    FirewallRules: [UDP Query User{27E34EBF-D6F3-49A7-9A80-82EBC64A2CBE}C:\program files\on1\on1 effects free 10\on1 effects free 10.exe] => (Allow) C:\program files\on1\on1 effects free 10\on1 effects free 10.exe
    FirewallRules: [{62610D3C-09C4-4D9E-BBED-CE43ECCDCB4F}] => (Block) C:\program files\on1\on1 effects free 10\on1 effects free 10.exe
    FirewallRules: [{69232E69-8727-4B49-9A87-5A126B8841EB}] => (Block) C:\program files\on1\on1 effects free 10\on1 effects free 10.exe
    FirewallRules: [{98A63191-04AD-463B-A0BB-077A5DCA152C}] => (Allow) C:\Program Files (x86)\Baidu WiFiHotspot\WifiHotspot.exe
    FirewallRules: [{CCDE7EFF-3BED-43AC-9B2E-C611AAD58F2D}] => (Allow) C:\Program Files (x86)\Baidu WiFiHotspot\WifiHotspot.exe
    FirewallRules: [TCP Query User{9F9A7810-E16E-4A00-B5B9-8413A044F543}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
    FirewallRules: [UDP Query User{C07F8DD3-A7E0-4838-A087-A9D4D2D64ED3}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
    FirewallRules: [{2DCC74C7-69BE-48A0-81DD-FE0B72B4EC3B}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
    FirewallRules: [{164E3F7C-F572-441C-B2A2-A7B2B598187F}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
    FirewallRules: [{F08C93CE-F5E9-4A2A-82A7-2DA1D7168415}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
    FirewallRules: [{CF8AE202-9F87-407F-8403-A02B50E5476B}] => (Allow) C:\Games\World_of_Tanks\worldoftanks.exe
    FirewallRules: [TCP Query User{BA61870A-9784-415D-8B17-7C9B747B50C4}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
    FirewallRules: [UDP Query User{0AE848DB-9FCB-4F02-B496-982BC6BD096C}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Allow) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
    FirewallRules: [{A72FDD7B-1CE8-4FA5-A356-B3DE9BE76D4B}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
    FirewallRules: [{37A386F2-D493-4A2B-8D22-EE63B774D257}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
    FirewallRules: [{24F74FA3-63B0-4FAB-836A-62043632D525}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
    FirewallRules: [{AC1CFDFF-3857-4EEE-B81E-E2AFE7E207D5}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
    FirewallRules: [{8044FEEA-83D0-4F44-BEDB-347DC9077E33}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
    FirewallRules: [{B5CC5AC4-BC31-412A-8035-E7920B9E1E42}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
    FirewallRules: [{7FD42D43-B329-44E9-A03D-438CC6428434}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
    FirewallRules: [{E51EBD29-8095-4D99-A022-02DD49632C53}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
    FirewallRules: [{31CC8E96-8035-4C33-AAB7-675F93A99442}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
    FirewallRules: [{3AB969D0-9C66-4783-891A-0A90C44B3BDD}] => (Allow) C:\Users\andy\AppData\Local\Google\Chrome\Application\chrome.exe
    FirewallRules: [{E77DA4D1-884E-46ED-9D2C-ED733685540B}] => (Allow) C:\Program Files (x86)\Internet Explorer\iexplore.exe
    FirewallRules: [{4FF524E1-248E-4C21-910F-31A49A7BF485}] => (Allow) C:\Games\World_of_Tanks_SB\WoTLauncher.exe
    FirewallRules: [{F91AC017-006B-45BD-8E29-A68AEA76E55C}] => (Allow) C:\Games\World_of_Tanks_SB\WoTLauncher.exe
    FirewallRules: [{69A724CD-40B0-4BD1-8D58-30E055236167}] => (Allow) C:\Games\World_of_Tanks_SB\worldoftanks.exe
    FirewallRules: [{44284FE3-9DB1-4AD7-BACC-2C2AF92FBBBB}] => (Allow) C:\Games\World_of_Tanks_SB\worldoftanks.exe
    FirewallRules: [TCP Query User{CFED644D-4DDF-4CE7-9F6A-724602730246}F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe] => (Allow) F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe
    FirewallRules: [UDP Query User{7E984B79-9BA1-4F34-BA69-9D00FEC95516}F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe] => (Allow) F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe
    FirewallRules: [TCP Query User{8AD1A8B1-2001-4A50-AE5E-62A4C1031662}F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe] => (Allow) F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe
    FirewallRules: [UDP Query User{AC33E547-D9AC-4528-8B37-1A78148941B6}F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe] => (Allow) F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe
    FirewallRules: [TCP Query User{547E1D93-2264-4AA7-A54A-22F5F805BF05}F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe] => (Allow) F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe
    FirewallRules: [UDP Query User{0DAAD679-6AA8-42CE-93BD-AA2C1A04D043}F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe] => (Allow) F:\portableapps\googlechromeportable\app\chrome-bin\chrome.exe
    FirewallRules: [{17ADA1A6-2CBB-44FF-8BBB-40564991B53B}] => (Allow) C:\Users\andy\AppData\Local\Google\Chrome\Application\chrome.exe
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
    StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
    ==================== Restore Points =========================
    30-10-2017 14:34:04 Windows Update
    31-10-2017 06:35:23 Windows Update
    ==================== Faulty Device Manager Devices =============

    ==================== Event log errors: =========================
    Application errors:
    ==================
    Error: (10/31/2017 06:55:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
    Error: (10/31/2017 06:52:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
    Error: (10/30/2017 02:45:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
    Error: (10/30/2017 02:42:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
    Error: (10/30/2017 02:31:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
    Error: (10/30/2017 02:26:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
    Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
    Error: (10/30/2017 11:44:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: )
    Description: Installing the performance counter strings for service Outlook (Outlook) failed. The first DWORD in the Data section contains the error code.
    Error: (10/30/2017 11:44:12 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3013) (User: )
    Description: Unable to update the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the error code.
    Error: (10/30/2017 11:23:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: )
    Description: Installing the performance counter strings for service Outlook (Outlook) failed. The first DWORD in the Data section contains the error code.
    Error: (10/30/2017 11:23:31 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3013) (User: )
    Description: Unable to update the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the error code.

    System errors:
    =============
    Error: (10/31/2017 06:57:04 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
    {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
    and APPID
    {344ED43D-D086-4961-86A6-1106F4ACAD9B}
    to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
    Error: (10/31/2017 06:56:57 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1110) (User: HACI)
    Description: The processing of Group Policy failed. Windows could not determine if the user and computer accounts are in the same forest. Ensure the user domain name matches the name of a trusted domain that resides in the same forest as the computer account.
    Error: (10/31/2017 06:56:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Windows Time service terminated with the following error:
    An attempt was made to logon, but the network logon service was not started.
    Error: (10/31/2017 06:56:04 AM) (Source: Microsoft-Windows-Time-Service) (EventID: 46) (User: NT AUTHORITY)
    Description: The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started.
    Error: (10/31/2017 06:53:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Windows Time service terminated with the following error:
    An attempt was made to logon, but the network logon service was not started.
    Error: (10/31/2017 06:52:58 AM) (Source: Microsoft-Windows-Time-Service) (EventID: 46) (User: NT AUTHORITY)
    Description: The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started.
    Error: (10/31/2017 06:34:34 AM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1110) (User: HACI)
    Description: The processing of Group Policy failed. Windows could not determine if the user and computer accounts are in the same forest. Ensure the user domain name matches the name of a trusted domain that resides in the same forest as the computer account.
    Error: (10/30/2017 02:48:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
    Description: Installation Failure: Windows failed to install the following update with error 0x80070005: 2017-09 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4038777).
    Error: (10/30/2017 02:48:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
    Description: The Windows Time service terminated with the following error:
    An attempt was made to logon, but the network logon service was not started.
    Error: (10/30/2017 02:48:10 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 46) (User: NT AUTHORITY)
    Description: The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started.

    CodeIntegrity:
    ===================================
    Date: 2016-05-24 17:55:11.100
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\l3codeca.acm because the set of per-page image hashes could not be found on the system.
    Date: 2012-10-31 12:32:56.550
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dlumd9.dll because the set of per-page image hashes could not be found on the system.
    Date: 2012-10-31 12:32:56.534
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dlumd9.dll because the set of per-page image hashes could not be found on the system.
    Date: 2012-10-31 12:32:56.496
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dlumd9.dll because the set of per-page image hashes could not be found on the system.
    Date: 2012-10-31 12:32:41.592
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dlumd9.dll because the set of per-page image hashes could not be found on the system.
    Date: 2012-10-31 12:32:41.575
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dlumd9.dll because the set of per-page image hashes could not be found on the system.
    Date: 2012-10-31 12:32:41.539
    Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dlumd9.dll because the set of per-page image hashes could not be found on the system.

    ==================== Memory info ===========================
    Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
    Percentage of memory in use: 26%
    Total physical RAM: 8099.76 MB
    Available physical RAM: 5934.36 MB
    Total Virtual: 16197.71 MB
    Available Virtual: 13880.64 MB
    ==================== Drives ================================
    Drive c: (TI106348W0B) (Fixed) (Total:594.7 GB) (Free:313.79 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive g: (Data) (Network) (Total:840 GB) (Free:82.35 GB) NTFS
    Drive j: () (Network) (Total:299.9 GB) (Free:194.71 GB) NTFS
    Drive m: () (Network) (Total:199.9 GB) (Free:55.96 GB) NTFS
    Drive n: () (Network) (Total:299.9 GB) (Free:194.71 GB) NTFS
    Drive p: (Data) (Network) (Total:840 GB) (Free:82.35 GB) NTFS
    Drive r: () (Network) (Total:199.9 GB) (Free:55.96 GB) NTFS
    Drive x: () (Network) (Total:199.9 GB) (Free:55.96 GB) NTFS
    ==================== MBR & Partition Table ==================
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596.2 GB) (Disk ID: 854931EA)
    Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
    Partition 2: (Not Active) - (Size=594.7 GB) - (Type=07 NTFS)
    ==================== End of Addition.txt ============================

  16. #16
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Staying in a clean boot is actually good until we resolve the issue. Can you please uninstall the following programs temporarily until we resolve your issue?

    ESET Endpoint Antivirus
    Spybot - Search & Destroy <---Note: First Undo your immunization before uninstalling. You can do that by clicking the Undo button with Spybot S&D and then remove from Add/Remove programs

  17. #17

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Both uninstalled. Ready for next step.

  18. #18
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    While still in a clean boot, please attempt to install only KB3110329. If it fails, please zip up and attach your c:\windows\logs\cbs\cbs.log

    Thank you.

  19. #19

    Join Date
    Feb 2015
    Location
    Arizona
    Posts
    98

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Update said it installed but again, failed during the Configuring stage after reboot. Log attached.
    Attached Files Attached Files

  20. #20
    Administrator
    Windows Update Instructor
    Security Analyst

    Join Date
    Oct 2014
    Posts
    15,966

    Re: Win 7 SP1 x64 update fails on configuring after reboot

    Please check if you have KB2515325 installed. If you do, please attempt to uninstall it and let me know if it's successful.

    Thank you.

Page 1 of 8 12345 ... Last

Similar Threads

  1. [7SP1 x64] KB4041681 fails to install
    By ICTMMG in forum Windows Update
    Replies: 95
    Last Post: 01-12-2018, 05:15 PM
  2. [SOLVED] [7SP1 x64] Install of kb4054518 fails
    By ErnestBunbury in forum Windows Update
    Replies: 18
    Last Post: 01-08-2018, 04:57 PM
  3. [SOLVED] [7SP1 x64] KB4048957 fails to install
    By nemti in forum Windows Update
    Replies: 13
    Last Post: 12-18-2017, 11:26 AM
  4. [SOLVED] [7SP1 x64] kb4048957 fails to install
    By L8TR in forum Windows Update
    Replies: 48
    Last Post: 12-15-2017, 06:01 PM
  5. [SOLVED] [7SP1 x64] KB4048597 fails to install
    By rob0v in forum Windows Update
    Replies: 64
    Last Post: 12-12-2017, 08:55 PM

Log in

Log in