Page 1 of 2 12 LastLast
Results 1 to 10 of 19
  1. #1
    Member
    Join Date
    Nov 2015
    Posts
    10
    Points
    0

    Default Computer freezes due to "long running script."

    I've got a Dell PC and am on Windows 7. I use Internet explorer as my browser.

    Of late, my computer freezes (regardless of what site I'm on: my gmail, twitter, reading articles on the web), and the same message is given: that the site's not responding due to a long-running script. The screen freezes, the cursor won't move, and often the site closes saying "Internet Explorer has stopped working."

    I do have Malwarebytes Anti-Malware programme (the free version), and have scanned & fixed--to no avail.

    Can someone help? Thanks in advance.
    Last edited by benrand; 11-15-2015 at 02:12 PM.

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hi! My name is zep516 and Welcome to Help2Go!
    I'll do the best I can to resolve your computer issue
    Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

    What version of Internet explorer ? Have you tried to reset the browser... as shown Here

    Please run the diagnostics scan below;

    Everything gets download to the desktop and tools are "Run as administrator."

    Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  3. #3
    Member
    Join Date
    Nov 2015
    Posts
    10
    Points
    0

    Default

    Thanks, truly appreciate your help.

    (a) I don't know know to find the info. on what version of Internet Explorer I'm using.

    (b) I clicked on the link to reset the browser. I got a warning that resetting would mean I'd lose the tool-bar, other settings I've saved, etc., etc. I got nervous when I read this. I have LastPass (the free version) and have a vault with passwords to several sites. I was concerned that I'd lose this vault plus access to my yahoo and gmail accounts. So I aborted the resetting browser option.

    (c) On Farba: I went for the 32-bit option. I was unable to right click on the "Run" button (and I don't know what "Run as administrator" means).
    Left clicking runs the programme. So I ran it.

    Here are the results of the two items you requested:

    can result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-11-2015
    Ran by Radha (administrator) on RADHA-PC (15-11-2015 19:24:20)
    Running from C:\Users\Radha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIOF0IVF
    Loaded Profiles: Radha (Available Profiles: Radha)
    Platform: Microsoft Windows 7 Enterprise Service Pack 1 (X86) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    () C:\Program Files\Canon\IJPLM\ijplmsvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
    (Microsoft Corporation) C:\Program Files\EMET 4.1\EMET_Agent.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Dropbox, Inc.) C:\Users\Radha\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
    (CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
    (Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
    (Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (LastPass) C:\Users\Radha\AppData\LocalLow\LastPass\LastPassBroker.exe
    (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_19_0_0_245_ActiveX.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
    HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
    HKLM\...\Run: [EMET 4.1 Agent] => C:\Program Files\EMET 4.1\EMET_agent.exe [78992 2013-11-21] (Microsoft Corporation)
    HKU\S-1-5-21-147396072-559182813-3382226817-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-03-01] (Google Inc.)
    HKU\S-1-5-21-147396072-559182813-3382226817-1000\...\Run: [Google Update] => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
    HKU\S-1-5-21-147396072-559182813-3382226817-1000\...\Run: [Dropbox Update] => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-06-06]
    ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-06-06]
    ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
    Startup: C:\Users\Radha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
    Tcpip\..\Interfaces\{9AA18526-B2D7-451C-AFD7-043C4AA50417}: [DhcpNameServer] 10.0.0.1

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-147396072-559182813-3382226817-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-147396072-559182813-3382226817-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-147396072-559182813-3382226817-1000 -> {6AD08BE6-FDFB-48AB-ABD8-91D81A48A80E} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg114
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
    BHO: Advertising Cookie Opt-out -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-10] (Google Inc)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files\LastPass\LPToolbar.dll [2015-06-06] (LastPass)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
    Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll [2015-06-06] (LastPass)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
    Toolbar: HKU\S-1-5-21-147396072-559182813-3382226817-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://files.pcpitstop.com/cab/pcmatic.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2000-12-22] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF ProfilePath: C:\Users\Radha\AppData\Roaming\Mozilla\Firefox\Profiles\4dammkxm.default
    FF DefaultSearchEngine: Yahoo!
    FF SelectedSearchEngine: Yahoo!
    FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/yhp-ff
    FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
    FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files\LastPass\nplastpass.dll [2015-06-06] (LastPass)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-147396072-559182813-3382226817-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Radha\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-147396072-559182813-3382226817-1000: @talk.google.com/O1DPlugin -> C:\Users\Radha\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-147396072-559182813-3382226817-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
    FF Plugin HKU\S-1-5-21-147396072-559182813-3382226817-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Radha\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Radha\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Extension: LastPass - C:\Users\Radha\AppData\Roaming\Mozilla\Firefox\Profiles\4dammkxm.default\Extensions\support@lastpass.com [2015-06-06] [not signed]

    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - <no Path\update_url>

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
    R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [3537224 2014-11-18] (Symantec Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-11-15 19:23 - 2015-11-15 19:24 - 00000000 ____D C:\FRST
    2015-11-13 19:30 - 2015-11-13 19:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2015-11-13 19:30 - 2015-11-13 19:30 - 00002017 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2015-11-12 13:29 - 2015-11-12 13:29 - 00000000 ____D C:\Users\Radha\AppData\LocalLow\Adblock Plus for IE
    2015-11-12 13:16 - 2015-11-12 13:30 - 00000000 ____D C:\Program Files\PCPitstop
    2015-11-12 13:16 - 2015-11-12 13:26 - 00000000 ____D C:\ProgramData\PCPitstop
    2015-11-12 12:56 - 2015-11-12 12:56 - 00000000 ____D C:\Users\Radha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-11-12 07:33 - 2015-11-03 09:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-11-11 06:45 - 2015-10-29 09:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-11-11 06:45 - 2015-10-29 09:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-11-11 06:45 - 2015-10-29 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-11-11 06:45 - 2015-10-29 09:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-11-11 06:45 - 2015-10-19 16:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2015-11-11 06:45 - 2015-10-19 16:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-11-11 06:45 - 2015-10-19 16:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-11-11 06:45 - 2015-10-19 16:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-11-11 06:45 - 2015-10-19 16:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-11-11 06:45 - 2015-10-19 16:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-11-11 06:45 - 2015-10-19 16:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-11-11 06:45 - 2015-10-19 16:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-11-11 06:45 - 2015-10-19 16:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-11-11 06:45 - 2015-10-19 16:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-11-11 06:45 - 2015-10-19 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-11-11 06:45 - 2015-10-19 16:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-11-11 06:45 - 2015-10-19 16:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-11-11 06:45 - 2015-10-19 15:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2015-11-11 06:45 - 2015-10-19 15:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2015-11-11 06:45 - 2015-10-19 15:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2015-11-11 06:45 - 2015-10-13 08:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2015-11-11 06:45 - 2015-10-13 08:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2015-11-11 06:45 - 2015-09-23 05:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-11-11 06:45 - 2015-09-23 05:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2015-11-11 06:44 - 2015-11-03 13:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-11-11 06:44 - 2015-10-30 14:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-11-11 06:44 - 2015-10-30 14:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-11-11 06:44 - 2015-10-30 14:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-11-11 06:44 - 2015-10-30 14:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-11-11 06:44 - 2015-10-30 14:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-11-11 06:44 - 2015-10-30 14:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-11-11 06:44 - 2015-10-30 14:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-11-11 06:44 - 2015-10-30 14:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-11-11 06:44 - 2015-10-30 14:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-11-11 06:44 - 2015-10-30 14:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-11-11 06:44 - 2015-10-30 14:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-11-11 06:44 - 2015-10-30 14:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-11-11 06:44 - 2015-10-30 14:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-11-11 06:44 - 2015-10-30 14:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-11-11 06:44 - 2015-10-30 14:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-11-11 06:44 - 2015-10-30 14:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-11-11 06:44 - 2015-10-30 14:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-11-11 06:44 - 2015-10-30 14:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-11-11 06:44 - 2015-10-30 14:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-11-11 06:44 - 2015-10-30 14:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-11-11 06:44 - 2015-10-30 14:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-11-11 06:44 - 2015-10-30 14:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-11-11 06:44 - 2015-10-30 14:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2015-11-11 06:44 - 2015-10-30 14:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-11-11 06:44 - 2015-10-30 14:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2015-11-11 06:44 - 2015-10-30 14:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-11-11 06:44 - 2015-10-30 14:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-11-11 06:44 - 2015-10-30 14:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-11-11 06:44 - 2015-10-30 14:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-11-11 06:44 - 2015-10-30 14:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-11-11 06:44 - 2015-10-30 13:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-11-11 06:44 - 2015-10-30 13:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-11-11 06:44 - 2015-10-30 13:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-11-11 06:44 - 2015-10-12 20:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2015-11-11 06:44 - 2015-10-01 09:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-11-11 06:44 - 2015-10-01 09:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-11-11 06:43 - 2015-10-20 09:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-11-11 06:43 - 2015-10-20 09:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-11-11 06:43 - 2015-10-20 09:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-11-11 06:43 - 2015-10-20 09:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-10-25 11:12 - 2015-10-25 11:12 - 00000000 ___HD C:\$Windows.~WS
    2015-10-25 11:12 - 2015-10-25 11:12 - 00000000 ____D C:\$WINDOWS.~BT

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-11-15 19:20 - 2011-02-26 13:38 - 01840178 _____ C:\Windows\WindowsUpdate.log
    2015-11-15 19:10 - 2009-07-13 20:34 - 00022416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-11-15 19:10 - 2009-07-13 20:34 - 00022416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-11-15 19:08 - 2011-02-26 17:33 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-11-15 19:04 - 2014-03-09 14:31 - 00000000 ____D C:\ProgramData\boost_interprocess
    2015-11-15 19:04 - 2012-08-16 09:23 - 00000000 ___RD C:\Users\Radha\Dropbox
    2015-11-15 19:04 - 2012-08-16 09:21 - 00000000 ____D C:\Users\Radha\AppData\Roaming\Dropbox
    2015-11-15 19:02 - 2011-03-01 13:06 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-11-15 19:02 - 2009-07-13 20:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-11-15 19:02 - 2009-07-13 20:39 - 00424378 _____ C:\Windows\setupact.log
    2015-11-15 11:44 - 2011-09-02 08:47 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA.job
    2015-11-15 11:44 - 2011-09-02 08:47 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core.job
    2015-11-15 11:42 - 2012-05-20 11:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-11-15 11:40 - 2015-06-17 09:29 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA.job
    2015-11-15 11:02 - 2011-03-01 13:06 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-11-14 11:47 - 2011-02-27 10:11 - 00109462 _____ C:\Windows\PFRO.log
    2015-11-13 19:30 - 2011-07-21 07:25 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2015-11-13 19:30 - 2011-07-21 07:23 - 00000000 ____D C:\ProgramData\Adobe
    2015-11-13 19:30 - 2011-07-21 07:23 - 00000000 ____D C:\Program Files\Adobe
    2015-11-13 13:40 - 2015-06-17 09:29 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core.job
    2015-11-13 09:23 - 2012-02-15 09:18 - 00000000 ____D C:\Users\Radha\Documents\DELILAH (Novel)
    2015-11-13 08:43 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache
    2015-11-13 07:42 - 2015-03-10 13:43 - 00000000 ____D C:\Users\Radha\Documents\Mars Project
    2015-11-12 18:19 - 2009-07-13 20:33 - 00414408 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-11-12 13:31 - 2011-03-01 13:06 - 00000000 ____D C:\Users\Radha\AppData\Local\Google
    2015-11-12 13:31 - 2011-03-01 13:06 - 00000000 ____D C:\Program Files\Google
    2015-11-12 13:10 - 2012-02-15 09:19 - 00000000 ____D C:\Users\Radha\Documents\DEATH BY DROWNING (Novel)
    2015-11-11 12:47 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2015-11-11 12:22 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Windows Journal
    2015-11-11 08:21 - 2011-02-26 17:35 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-11-11 08:20 - 2013-08-14 05:57 - 00000000 ____D C:\Windows\system32\MRT
    2015-11-11 08:14 - 2011-02-27 14:52 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-11-10 11:42 - 2012-05-20 11:57 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2015-11-10 11:42 - 2011-11-25 09:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2015-11-09 11:27 - 2013-05-10 05:23 - 00000000 ____D C:\Users\Radha\Documents\Shipping Labels (DBC)
    2015-11-06 13:10 - 2011-08-17 08:33 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2015-10-28 11:08 - 2015-02-04 11:57 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-10-26 06:04 - 2011-02-26 17:29 - 00000000 ____D C:\Users\Radha
    2015-10-26 06:04 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\system32\wfp
    2015-10-26 06:03 - 2011-08-17 08:45 - 00000000 ___HD C:\ProgramData\CanonIJScan
    2015-10-26 06:03 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
    2015-10-25 11:12 - 2011-02-26 13:34 - 00000000 ____D C:\Windows\Panther
    2015-10-21 07:38 - 2011-05-22 14:56 - 00000000 ____D C:\Users\Radha\Documents\Screenwriter
    2015-10-21 07:38 - 2003-04-21 13:49 - 00004630 _____ C:\Windows\Scwriter.ini
    2015-10-19 13:27 - 2015-03-07 10:39 - 00000000 ____D C:\Users\Radha\Documents\R.B. OCI Application 2015
    2015-10-18 17:26 - 2015-02-04 11:57 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-10-18 17:26 - 2015-02-04 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-10-18 17:26 - 2015-02-04 11:57 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2015-10-17 10:29 - 2014-06-20 07:08 - 00000000 ____D C:\ProgramData\Skype
    2015-10-17 10:25 - 2014-06-20 07:08 - 00000000 ____D C:\Users\Radha\AppData\Roaming\Skype

    ==================== Files in the root of some directories =======

    2014-02-11 06:20 - 2014-02-11 06:20 - 49940480 _____ () C:\Program Files\GUT1287.tmp
    2015-09-18 06:37 - 2015-09-18 06:37 - 6420480 _____ () C:\Program Files\GUTC582.tmp
    2015-02-04 12:28 - 2015-06-06 06:16 - 16258616 _____ (LastPass) C:\Program Files\Common Files\lpuninstall.exe
    2014-12-23 11:14 - 2014-12-17 13:34 - 1836584 _____ (BeFrugal.com ) C:\Users\Radha\AppData\Roaming\BeFrugal.com-Install.exe

    Some files in TEMP:
    ====================
    C:\Users\Radha\AppData\Local\Temp\CloudBackup5114.exe
    C:\Users\Radha\AppData\Local\Temp\cwrtra9-.dll
    C:\Users\Radha\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptaizd3.dll
    C:\Users\Radha\AppData\Local\Temp\GUR5CCE.exe
    C:\Users\Radha\AppData\Local\Temp\GUR8BE9.exe
    C:\Users\Radha\AppData\Local\Temp\MSETUP4.EXE
    C:\Users\Radha\AppData\Local\Temp\ose00000.exe
    C:\Users\Radha\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Radha\AppData\Local\Temp\vcredist_x86.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-11-10 13:07

    ==================== End of FRST.txt ============================

    Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-11-2015
    Ran by Radha (2015-11-15 19:25:55)
    Running from C:\Users\Radha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIOF0IVF
    Microsoft Windows 7 Enterprise Service Pack 1 (X86) (2011-02-27 01:29:22)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-147396072-559182813-3382226817-500 - Administrator - Disabled)
    Guest (S-1-5-21-147396072-559182813-3382226817-501 - Limited - Disabled)
    Radha (S-1-5-21-147396072-559182813-3382226817-1000 - Administrator - Enabled) => C:\Users\Radha

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
    Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
    Canon CanoScan LiDE 110 User Registration (HKLM\...\Canon CanoScan LiDE 110 User Registration) (Version: - )
    Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
    Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
    Canon MG2500 series On-screen Manual (HKLM\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
    Canon MG2500 series User Registration (HKLM\...\Canon MG2500 series User Registration) (Version: - *Canon Inc.)
    Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version: - )
    Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
    Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
    Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
    CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - )
    Chinese Simplified Fonts Support For Adobe Reader X (HKLM\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
    Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dropbox (HKU\S-1-5-21-147396072-559182813-3382226817-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
    EMET 4.1 (HKLM\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
    FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
    Google Advertising Cookie Opt-out (HKLM\...\{291820D0-A626-40F9-BDFF-8D5CEAB04243}) (Version: 1.0.1.0 - Google Inc)
    Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
    LastPass (uninstall only) (HKLM\...\LastPass) (Version: - LastPass)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Streets and Trips 2002 (HKLM\...\{12BDDF23-B1DB-49C8-92D3-3E6841CCED61}) (Version: 9.00.16.2000 - Microsoft)
    Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version: - )
    Movie Magic Screenwriter (HKLM\...\InstallShield_{2D8A75A0-6097-41EC-AE41-AB5505DC3384}) (Version: 4.73.03 - Write Brothers, Inc.)
    Movie Magic Screenwriter (Version: 4.73.03 - Write Brothers, Inc.) Hidden
    Norton Online Backup (HKLM\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.1.3 - Symantec Corporation)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    03-11-2015 10:10:08 Windows Update
    07-11-2015 10:39:50 Windows Update
    11-11-2015 07:58:44 Windows Update
    12-11-2015 14:22:55 Windows Update
    15-11-2015 19:11:35 Installed Microsoft Fix it 50195
    15-11-2015 19:17:51 Windows Update

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:04 - 2015-01-13 20:12 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {2DB95B7B-1E33-458E-A000-B1E0A7BE3DF1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {3A5529C3-1697-492D-8B8A-28379C6A5354} - System32\Tasks\{9E0D32F8-D7DD-4A89-A917-96E9C49BE9F3} => pcalua.exe -a D:\display\DRIVERS\Installation\Setup.exe -d C:\Users\Radha\Desktop
    Task: {3F098BB4-E1E0-434D-B981-80DFC7FBF7FA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
    Task: {5FF6984B-00FF-4400-88CC-11A42FA79A39} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {64221DCD-47A2-475A-AF75-3D337AA9DFD0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
    Task: {72AD9A0F-CB0F-41B5-B6D3-EE99A4CE9561} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {7FF9DBC9-6E74-47A4-B2AB-D0CFAD35E614} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
    Task: {B22F1C5A-5AB2-4C1E-978A-5C6A12FFEEC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {B61B2A96-9CBD-4694-A604-37788E3FEAE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
    Task: {DCB5ECBF-973A-44D4-88FE-14E3717D7789} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core.job => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA.job => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core.job => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA.job => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2013-11-21 09:14 - 2013-11-21 09:14 - 00080528 _____ () C:\Program Files\EMET 4.1\EMET_CE.DLL
    2006-12-04 00:25 - 2006-12-04 00:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll
    2011-08-17 08:33 - 2012-03-27 19:49 - 00140456 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    2015-11-15 19:03 - 2015-11-15 19:03 - 00071168 _____ () c:\users\radha\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptaizd3.dll
    2015-09-30 18:42 - 2015-09-02 16:11 - 00012800 _____ () C:\Users\Radha\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
    2015-03-04 13:45 - 2015-09-02 16:11 - 00779776 _____ () C:\Users\Radha\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
    2015-09-30 18:42 - 2015-09-02 16:11 - 00056320 _____ () C:\Users\Radha\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
    2015-09-30 18:42 - 2015-09-02 16:11 - 00012288 _____ () C:\Users\Radha\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-147396072-559182813-3382226817-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Radha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 10.0.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{37225636-25DD-4FD4-B904-2FF776BC99F6}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{AFFE1798-295C-4DCD-BF02-4CCE8DB26B51}] => (Allow) LPort=2869
    FirewallRules: [{225FB13A-DD64-4AEF-8FC0-2D2364C81AEA}] => (Allow) LPort=1900
    FirewallRules: [{7F567D4B-E427-4D52-99D7-598D17ADA8E1}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [TCP Query User{0A1D2E02-AC24-4D9C-8828-4BF577CDDA09}C:\program files\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files\symantec\norton online backup\nobuclient.exe
    FirewallRules: [UDP Query User{AD40CFB2-6681-40C2-AE82-FB7C31C19D28}C:\program files\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files\symantec\norton online backup\nobuclient.exe
    FirewallRules: [TCP Query User{79017B72-03CB-45DF-8A14-F5149E7CB8AF}C:\users\radha\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\radha\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{FCA296CA-B33E-403F-9E25-13544B0F2A1D}C:\users\radha\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\radha\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{4C098F5A-6FFD-4EAA-910F-B0B31C2B5217}] => (Allow) C:\Users\Radha\AppData\Local\Temp\nsdAB31.tmp\Installer-76161700.exe
    FirewallRules: [{B6F16A13-E17F-4FC5-BDEF-5209477F4510}] => (Allow) C:\Users\Radha\AppData\Local\Temp\nsdAB31.tmp\Installer-76161700.exe
    FirewallRules: [TCP Query User{B1E7EEB1-9FC5-4168-9A1B-6EB5E1D13ECB}C:\program files\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files\symantec\norton online backup\nobuclient.exe
    FirewallRules: [UDP Query User{60FF0E13-EF58-4276-9381-3A60ECF2A6BE}C:\program files\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files\symantec\norton online backup\nobuclient.exe

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/15/2015 07:13:06 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "login.live.com" is not trusted by the rule "MSLiveCA" associated with the domain "login.live.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=api.login.live.com, OU=Passport, O=Microsoft Corporation, STREET=1 Microsoft Way, L=Redmond, S=Washington, PostalCode=98052, C=US, SERIALNUMBER=600413485, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Washington, OID.1.3.6.1.4.1.311.60.2.1.3=US
    Issuer CA : CN=Symantec Class 3 EV SSL CA - G3, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 1C9E763D4C3CE23340F43FE50FB53A72
    Thumbprint : D890F29880C39E3EBDA50F8C7BFDB1EBFECE1BC6
    SignatureAlg : sha256RSA
    NotAfter : 10/30/2017 4:59:59 PM
    NotBefore : 10/29/2015 5:00:00 PM
    PublicKey : 3082010A0282010100BECC97B3025315E15B2E19FCCE6F37FC87BDE397214A0DCBB021AE5280A59F504F79E73EEB59A66E3BD755DCF02DD925A9A50E0E6BE48090030BE54FA5F3D5AFB998641A480FC61AC76F65C75A92EE3E2EDFF207DE2BD24D1343A2C489082B6EA1A3DC91E111453B89FB943E62B0FE8FC2295177E39CFB836FF88A3FA70A7EDF4CBFFC52966BA64275BEFEAD2813A54A82732DFF2E235DC9CB75B2736C7C8EC364E7F16A9DB44BBC3BF50EFC5E3DBC40BEB357B6904205AB0A99DF4C99F03485A3DF3B672CC97C5B358A65944CAD2478FDE72FD54716E1DEC54E4F0F7A9B7F9A47EC81F02407334B7A03349268869758DA5045BEAC9E0279FFF81C7CB52729A10203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 07:10:29 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "login.live.com" is not trusted by the rule "MSLiveCA" associated with the domain "login.live.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=api.login.live.com, OU=Passport, O=Microsoft Corporation, STREET=1 Microsoft Way, L=Redmond, S=Washington, PostalCode=98052, C=US, SERIALNUMBER=600413485, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Washington, OID.1.3.6.1.4.1.311.60.2.1.3=US
    Issuer CA : CN=Symantec Class 3 EV SSL CA - G3, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 1C9E763D4C3CE23340F43FE50FB53A72
    Thumbprint : D890F29880C39E3EBDA50F8C7BFDB1EBFECE1BC6
    SignatureAlg : sha256RSA
    NotAfter : 10/30/2017 4:59:59 PM
    NotBefore : 10/29/2015 5:00:00 PM
    PublicKey : 3082010A0282010100BECC97B3025315E15B2E19FCCE6F37FC87BDE397214A0DCBB021AE5280A59F504F79E73EEB59A66E3BD755DCF02DD925A9A50E0E6BE48090030BE54FA5F3D5AFB998641A480FC61AC76F65C75A92EE3E2EDFF207DE2BD24D1343A2C489082B6EA1A3DC91E111453B89FB943E62B0FE8FC2295177E39CFB836FF88A3FA70A7EDF4CBFFC52966BA64275BEFEAD2813A54A82732DFF2E235DC9CB75B2736C7C8EC364E7F16A9DB44BBC3BF50EFC5E3DBC40BEB357B6904205AB0A99DF4C99F03485A3DF3B672CC97C5B358A65944CAD2478FDE72FD54716E1DEC54E4F0F7A9B7F9A47EC81F02407334B7A03349268869758DA5045BEAC9E0279FFF81C7CB52729A10203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 07:09:51 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "csync.flickr.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 07:07:33 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "video-api.yql.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 07:07:28 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "jsapi.login.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=login.yahoo.com, OU=Information Technology, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 03D60AF73A3A69DA16C27B8C4E6357C1
    Thumbprint : C577671CBD1CA4AAF4BEEC9721DD95AE3BDCC353
    SignatureAlg : sha256RSA
    NotAfter : 6/16/2016 4:59:59 PM
    NotBefore : 6/16/2015 5:00:00 PM
    PublicKey : 3082010A0282010100B3919B9F5CD259649B64B374FC494849A953A50E3D9045FFECF7B868378DE032E62A4F1E106DBD888FEB4B83553E77443350C32D4EA3931A54C2D4F07D46129F48AA536ADC7CE86AF8FDB7EF2C70F3CEE99AD3AD40FE2F393F1CEC5CF55D0FFBF4D6524AF761F946C004139A505E4CB408C31FE72C976C04BB2372CA4E116324C237D201C9B4030792342C5DFE23548A78B5166E1F63F3F34DFC4F80ECD5B0030C748C2FAFBC0EB780E75F8410B81A3A0E7CB88B0A7A8544F7DD7373F3695AA4B97601802A36755E2782951506CAC77DD004F84293AD8A78D31AB44B08F35CC5645F3F6C06DB151D4E9B1C145F1E9EBED95CA2E54243C72DA0DC5C472D5445970203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 07:06:53 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "beap-bc.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 11:58:43 AM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 11:57:38 AM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "twitter.com" is not trusted by the rule "TwitterCA" associated with the domain "twitter.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=twitter.com, OU=Twitter Security, O="Twitter, Inc.", STREET=1355 Market St, L=San Francisco, S=California, PostalCode=94103-1307, C=US, SERIALNUMBER=4337446, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
    Issuer CA : CN=Symantec Class 3 EV SSL CA - G3, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 1AC85EB7AEC3513CD80D85385ECFD208
    Thumbprint : ADD53F6680FE66E383CBAC3E60922E3B4C412BED
    SignatureAlg : sha256RSA
    NotAfter : 5/9/2016 4:59:59 PM
    NotBefore : 9/9/2014 5:00:00 PM
    PublicKey : 3082010A0282010100E3AC593407DC11F81CCAB30F93448A543476906AC02200BE959ADA583C6C3831A2A21F3B64E29DE0F5C2AB07905B7CFEF9888C6A9D693BE02365B711D6E888D63E6D8BEDCAEA580BFE4DBF2A95CABB21BBCED6E2100211216826F7927E9CA380B182D7E5A6A08647421AC65B04D9C3B5B29B38D4A16D3BBDD805F0519BBD95777FE9028E60A37A65205223DB8D012724C200660D1466B3522BCC6B5BA5442FE2406DDA21A1925A5712D34701EFE9DFAFC6918C21AF776513361C637A2D05E663C50BD839E9ACF23BFF9DC5A7460A6E1A66101E4AE7BAC789791FAEF1F38403CAE7508A1963BF3C201078C5F4533C7D5E0DAF96708992B97F9A190CF6786A8F730203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 11:56:46 AM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "twitter.com" is not trusted by the rule "TwitterCA" associated with the domain "twitter.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=twitter.com, OU=Twitter Security, O="Twitter, Inc.", STREET=1355 Market St, L=San Francisco, S=California, PostalCode=94103-1307, C=US, SERIALNUMBER=4337446, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
    Issuer CA : CN=Symantec Class 3 EV SSL CA - G3, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 1AC85EB7AEC3513CD80D85385ECFD208
    Thumbprint : ADD53F6680FE66E383CBAC3E60922E3B4C412BED
    SignatureAlg : sha256RSA
    NotAfter : 5/9/2016 4:59:59 PM
    NotBefore : 9/9/2014 5:00:00 PM
    PublicKey : 3082010A0282010100E3AC593407DC11F81CCAB30F93448A543476906AC02200BE959ADA583C6C3831A2A21F3B64E29DE0F5C2AB07905B7CFEF9888C6A9D693BE02365B711D6E888D63E6D8BEDCAEA580BFE4DBF2A95CABB21BBCED6E2100211216826F7927E9CA380B182D7E5A6A08647421AC65B04D9C3B5B29B38D4A16D3BBDD805F0519BBD95777FE9028E60A37A65205223DB8D012724C200660D1466B3522BCC6B5BA5442FE2406DDA21A1925A5712D34701EFE9DFAFC6918C21AF776513361C637A2D05E663C50BD839E9ACF23BFF9DC5A7460A6E1A66101E4AE7BAC789791FAEF1F38403CAE7508A1963BF3C201078C5F4533C7D5E0DAF96708992B97F9A190CF6786A8F730203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/15/2015 11:54:03 AM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "twitter.com" is not trusted by the rule "TwitterCA" associated with the domain "twitter.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=twitter.com, OU=Twitter Security, O="Twitter, Inc.", STREET=1355 Market St, L=San Francisco, S=California, PostalCode=94103-1307, C=US, SERIALNUMBER=4337446, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.2=Delaware, OID.1.3.6.1.4.1.311.60.2.1.3=US
    Issuer CA : CN=Symantec Class 3 EV SSL CA - G3, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 1AC85EB7AEC3513CD80D85385ECFD208
    Thumbprint : ADD53F6680FE66E383CBAC3E60922E3B4C412BED
    SignatureAlg : sha256RSA
    NotAfter : 5/9/2016 4:59:59 PM
    NotBefore : 9/9/2014 5:00:00 PM
    PublicKey : 3082010A0282010100E3AC593407DC11F81CCAB30F93448A543476906AC02200BE959ADA583C6C3831A2A21F3B64E29DE0F5C2AB07905B7CFEF9888C6A9D693BE02365B711D6E888D63E6D8BEDCAEA580BFE4DBF2A95CABB21BBCED6E2100211216826F7927E9CA380B182D7E5A6A08647421AC65B04D9C3B5B29B38D4A16D3BBDD805F0519BBD95777FE9028E60A37A65205223DB8D012724C200660D1466B3522BCC6B5BA5442FE2406DDA21A1925A5712D34701EFE9DFAFC6918C21AF776513361C637A2D05E663C50BD839E9ACF23BFF9DC5A7460A6E1A66101E4AE7BAC789791FAEF1F38403CAE7508A1963BF3C201078C5F4533C7D5E0DAF96708992B97F9A190CF6786A8F730203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001


    System errors:
    =============
    Error: (11/14/2015 11:43:55 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/14/2015 11:43:55 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/13/2015 06:39:03 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/13/2015 06:39:03 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/12/2015 06:29:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (11/12/2015 06:29:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (11/12/2015 09:28:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 20.

    Error: (11/12/2015 08:02:27 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/12/2015 08:02:27 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/12/2015 08:02:25 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.


    ==================== Memory info ===========================

    Processor: Intel(R) Pentium(R) D CPU 3.00GHz
    Percentage of memory in use: 65%
    Total physical RAM: 2038.15 MB
    Available physical RAM: 694.54 MB
    Total Virtual: 4076.3 MB
    Available Virtual: 2303.71 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:148.88 GB) (Free:96.43 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 41AB2316)
    Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=148.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    Make sure your time and date are correct on the computer.

    Farber is running from a temporary location, needs to be downloaded to the desktop.
    Running from C:\Users\Radha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SIOF0IVF
    Lets fix the browser so it downloads to the desktop.
    To do that;

    Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and
    select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.

    Next
    Clean out your temporary internet files and temp files.

    Download TFC by OldTimer TFC - Temp File Cleaner by OldTimer Download - Geeks to Go Forum to your desktop.
    Right-click on the file and choose Run As Administrator
    TFC will close all programs when run, so make sure you have saved all your work before you begin.

    * Click the Start button to begin the cleaning process.
    * Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
    * Please let TFC run uninterrupted until it is finished.

    Once TFC is finished it should restart your computer. If it does not, please manually restart the computer yourself to ensure a complete cleaning.

    Next
    Please Re-download Farbar Recovery Scan Tool and save it to your Desktop.
    Do a scan and re-post the frst and additions.txt logs.

  5. #5
    Member
    Join Date
    Nov 2015
    Posts
    10
    Points
    0

    Default

    Thank you again.

    I went through the Temp File Cleaner process. After (hopefully) cleaning, it gave me only one option: EXit. So I exited & re-started the computer.

    Next, I tried to download Farbar Recovery. I get a message (either when I select run or save as) that this programme is not commonly downloaded and could harm my computer. I therefore didn't proceed. What do I now do? Apologies for the bother.

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Download farber, it can't harm the computer, Some Anti Virus programs don't like my tools (Farber) and give you that warning. Please proceed.

    Thanks
    Joe

  7. #7
    Member
    Join Date
    Nov 2015
    Posts
    10
    Points
    0

    Default

    Thanks!

    OK, here goes:

    Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-11-2015
    Ran by Radha (administrator) on RADHA-PC (16-11-2015 13:11:07)
    Running from C:\Users\Radha\Desktop
    Loaded Profiles: Radha (Available Profiles: Radha)
    Platform: Microsoft Windows 7 Enterprise Service Pack 1 (X86) Language: English (United States)
    Internet Explorer Version 11 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    () C:\Program Files\Canon\IJPLM\ijplmsvc.exe
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE
    (Microsoft Corporation) C:\Program Files\EMET 4.1\EMET_Agent.exe
    (Dropbox, Inc.) C:\Users\Radha\AppData\Roaming\Dropbox\bin\Dropbox.exe
    (CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMUPDT.EXE
    (CANON INC.) C:\Program Files\Canon\Quick Menu\CNQMSWCS.EXE
    (Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
    (Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuClient.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (LastPass) C:\Users\Radha\AppData\LocalLow\LastPass\LastPassBroker.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
    HKLM\...\Run: [CanonQuickMenu] => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE [1282120 2013-05-02] (CANON INC.)
    HKLM\...\Run: [EMET 4.1 Agent] => C:\Program Files\EMET 4.1\EMET_agent.exe [78992 2013-11-21] (Microsoft Corporation)
    HKU\S-1-5-21-147396072-559182813-3382226817-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-03-01] (Google Inc.)
    HKU\S-1-5-21-147396072-559182813-3382226817-1000\...\Run: [Google Update] => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-31] (Google Inc.)
    HKU\S-1-5-21-147396072-559182813-3382226817-1000\...\Run: [Dropbox Update] => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass FF RunOnce.lnk [2015-06-06]
    ShortcutTarget: Install LastPass FF RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Install LastPass IE RunOnce.lnk [2015-06-06]
    ShortcutTarget: Install LastPass IE RunOnce.lnk -> C:\Program Files\Common Files\lpuninstall.exe (LastPass)
    Startup: C:\Users\Radha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
    ShortcutTarget: Dropbox.lnk -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
    Tcpip\..\Interfaces\{9AA18526-B2D7-451C-AFD7-043C4AA50417}: [DhcpNameServer] 10.0.0.1

    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-147396072-559182813-3382226817-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKU\S-1-5-21-147396072-559182813-3382226817-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxps://www.google.com/search?q={searchTerms}
    SearchScopes: HKU\S-1-5-21-147396072-559182813-3382226817-1000 -> {6AD08BE6-FDFB-48AB-ABD8-91D81A48A80E} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=mkg114
    BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
    BHO: Advertising Cookie Opt-out -> {8E425EB4-ADBD-4816-B1E8-49BB9DECF034} -> C:\Program Files\Google\Advertising Cookie Opt-out\opt_out.dll [2013-01-10] (Google Inc)
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
    BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files\LastPass\LPToolbar.dll [2015-06-06] (LastPass)
    BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
    Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
    Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files\LastPass\LPToolbar.dll [2015-06-06] (LastPass)
    Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
    Toolbar: HKU\S-1-5-21-147396072-559182813-3382226817-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-24] (Google Inc.)
    DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxp://files.pcpitstop.com/cab/pcmatic.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
    Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
    Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2000-12-22] (Microsoft Corporation)
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe

    FireFox:
    ========
    FF ProfilePath: C:\Users\Radha\AppData\Roaming\Mozilla\Firefox\Profiles\4dammkxm.default
    FF DefaultSearchEngine: Yahoo!
    FF SelectedSearchEngine: Yahoo!
    FF Homepage: hxxps://www.malwarebytes.org/restorebrowser/yhp-ff
    FF Plugin: @canon.com/EPPEX -> C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
    FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files\LastPass\nplastpass.dll [2015-06-06] (LastPass)
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
    FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-147396072-559182813-3382226817-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Radha\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-147396072-559182813-3382226817-1000: @talk.google.com/O1DPlugin -> C:\Users\Radha\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Plugin HKU\S-1-5-21-147396072-559182813-3382226817-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
    FF Plugin HKU\S-1-5-21-147396072-559182813-3382226817-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Radha\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
    FF Plugin ProgramFiles/Appdata: C:\Users\Radha\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
    FF Extension: LastPass - C:\Users\Radha\AppData\Roaming\Mozilla\Firefox\Profiles\4dammkxm.default\Extensions\support@lastpass.com [2015-06-06] [not signed]

    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [hdokiejnpimakedhajhdlcegeplioahd] - hxxp://clients2.google.com/service/update2/crx
    CHR HKLM\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - <no Path\update_url>

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-27] ()
    S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
    R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
    R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
    R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [3537224 2014-11-18] (Symantec Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
    R1 MpKsl494d5573; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E68A1176-2736-44FC-BE54-ED6F0767DD35}\MpKsl494d5573.sys [39168 2015-11-16] (Microsoft Corporation)
    S3 1394ohci; \SystemRoot\system32\drivers\1394ohci.sys [X]
    S3 AcpiPmi; \SystemRoot\system32\drivers\acpipmi.sys [X]
    S3 adp94xx; \SystemRoot\system32\DRIVERS\adp94xx.sys [X]
    S3 adpahci; \SystemRoot\system32\DRIVERS\adpahci.sys [X]
    S3 adpu320; \SystemRoot\system32\DRIVERS\adpu320.sys [X]
    R1 AFD; \SystemRoot\system32\drivers\afd.sys [X]
    S3 agp440; \SystemRoot\system32\drivers\agp440.sys [X]
    S3 aic78xx; \SystemRoot\system32\DRIVERS\djsvs.sys [X]
    S3 aliide; \SystemRoot\system32\drivers\aliide.sys [X]
    S3 amdagp; \SystemRoot\system32\drivers\amdagp.sys [X]
    S3 amdide; \SystemRoot\system32\drivers\amdide.sys [X]
    S3 AmdK8; \SystemRoot\system32\DRIVERS\amdk8.sys [X]
    S3 AmdPPM; \SystemRoot\system32\DRIVERS\amdppm.sys [X]
    S3 amdsata; \SystemRoot\system32\drivers\amdsata.sys [X]
    S3 amdsbs; \SystemRoot\system32\DRIVERS\amdsbs.sys [X]
    S3 AppID; \SystemRoot\system32\drivers\appid.sys [X]
    S3 arc; \SystemRoot\system32\DRIVERS\arc.sys [X]
    S3 arcsas; \SystemRoot\system32\DRIVERS\arcsas.sys [X]
    S3 b06bdrv; \SystemRoot\system32\DRIVERS\bxvbdx.sys [X]
    S3 BrFiltLo; \SystemRoot\system32\DRIVERS\BrFiltLo.sys [X]
    S3 BrFiltUp; \SystemRoot\system32\DRIVERS\BrFiltUp.sys [X]
    S3 Brserid; \SystemRoot\System32\Drivers\Brserid.sys [X]
    S3 BrSerWdm; \SystemRoot\System32\Drivers\BrSerWdm.sys [X]
    S3 BrUsbMdm; \SystemRoot\System32\Drivers\BrUsbMdm.sys [X]
    S3 BrUsbSer; \SystemRoot\System32\Drivers\BrUsbSer.sys [X]
    S3 BTHMODEM; \SystemRoot\system32\DRIVERS\bthmodem.sys [X]
    R1 cdrom; \SystemRoot\system32\drivers\cdrom.sys [X]
    S3 circlass; \SystemRoot\system32\DRIVERS\circlass.sys [X]
    S3 CmBatt; \SystemRoot\system32\DRIVERS\CmBatt.sys [X]
    S3 cmdide; \SystemRoot\system32\drivers\cmdide.sys [X]
    S3 Compbatt; \SystemRoot\system32\DRIVERS\compbatt.sys [X]
    R3 CompositeBus; \SystemRoot\system32\drivers\CompositeBus.sys [X]
    S4 crcdisk; \SystemRoot\system32\DRIVERS\crcdisk.sys [X]
    S3 drmkaud; \SystemRoot\system32\drivers\drmkaud.sys [X]
    R3 DXGKrnl; \SystemRoot\System32\drivers\dxgkrnl.sys [X]
    S3 ebdrv; \SystemRoot\system32\DRIVERS\evbdx.sys [X]
    S3 elxstor; \SystemRoot\system32\DRIVERS\elxstor.sys [X]
    S3 ErrDev; \SystemRoot\system32\drivers\errdev.sys [X]
    S3 fdc; \SystemRoot\system32\DRIVERS\fdc.sys [X]
    S3 flpydisk; \SystemRoot\system32\DRIVERS\flpydisk.sys [X]
    S3 gagp30kx; \SystemRoot\system32\DRIVERS\gagp30kx.sys [X]
    S3 hcw85cir; \SystemRoot\system32\drivers\hcw85cir.sys [X]
    R3 HdAudAddService; \SystemRoot\system32\drivers\HdAudio.sys [X]
    R3 HDAudBus; \SystemRoot\system32\drivers\HDAudBus.sys [X]
    S3 HidBatt; \SystemRoot\system32\DRIVERS\HidBatt.sys [X]
    S3 HidBth; \SystemRoot\system32\DRIVERS\hidbth.sys [X]
    S3 HidIr; \SystemRoot\system32\DRIVERS\hidir.sys [X]
    R3 HidUsb; \SystemRoot\system32\drivers\hidusb.sys [X]
    S3 HpSAMD; \SystemRoot\system32\drivers\HpSAMD.sys [X]
    S3 i8042prt; \SystemRoot\system32\drivers\i8042prt.sys [X]
    S3 iaStorV; \SystemRoot\system32\drivers\iaStorV.sys [X]
    S3 iirsp; \SystemRoot\system32\DRIVERS\iirsp.sys [X]
    S3 IPMIDRV; \SystemRoot\system32\drivers\IPMIDrv.sys [X]
    S3 isapnp; \SystemRoot\system32\drivers\isapnp.sys [X]
    S3 iScsiPrt; \SystemRoot\system32\drivers\msiscsi.sys [X]
    S3 LSI_FC; \SystemRoot\system32\DRIVERS\lsi_fc.sys [X]
    S3 LSI_SAS; \SystemRoot\system32\DRIVERS\lsi_sas.sys [X]
    S3 LSI_SAS2; \SystemRoot\system32\DRIVERS\lsi_sas2.sys [X]
    S3 LSI_SCSI; \SystemRoot\system32\DRIVERS\lsi_scsi.sys [X]
    R2 luafv; \SystemRoot\system32\drivers\luafv.sys [X]
    S3 megasas; \SystemRoot\system32\DRIVERS\megasas.sys [X]
    S3 MegaSR; \SystemRoot\system32\DRIVERS\MegaSR.sys [X]
    S3 mpio; \SystemRoot\system32\drivers\mpio.sys [X]
    S3 MRxDAV; \SystemRoot\system32\drivers\mrxdav.sys [X]
    S3 msahci; \SystemRoot\system32\drivers\msahci.sys [X]
    S3 msdsm; \SystemRoot\system32\drivers\msdsm.sys [X]
    S3 mshidkmdf; \SystemRoot\System32\drivers\mshidkmdf.sys [X]
    R1 mssmbios; \SystemRoot\system32\drivers\mssmbios.sys [X]
    S3 MTConfig; \SystemRoot\system32\DRIVERS\MTConfig.sys [X]
    S3 nfrd960; \SystemRoot\system32\DRIVERS\nfrd960.sys [X]
    S3 nvraid; \SystemRoot\system32\drivers\nvraid.sys [X]
    S3 nvstor; \SystemRoot\system32\drivers\nvstor.sys [X]
    S3 nv_agp; \SystemRoot\system32\drivers\nv_agp.sys [X]
    S3 ohci1394; \SystemRoot\system32\drivers\ohci1394.sys [X]
    S3 Parport; \SystemRoot\system32\DRIVERS\parport.sys [X]
    S2 Parvdm; \SystemRoot\system32\DRIVERS\parvdm.sys [X]
    S3 pciide; \SystemRoot\system32\drivers\pciide.sys [X]
    S3 pcmcia; \SystemRoot\system32\DRIVERS\pcmcia.sys [X]
    S3 Processor; \SystemRoot\system32\DRIVERS\processr.sys [X]
    S3 ql2300; \SystemRoot\system32\DRIVERS\ql2300.sys [X]
    S3 ql40xx; \SystemRoot\system32\DRIVERS\ql40xx.sys [X]
    S3 QWAVEdrv; \SystemRoot\system32\drivers\qwavedrv.sys [X]
    S3 s3cap; \SystemRoot\system32\drivers\vms3cap.sys [X]
    S3 sbp2port; \SystemRoot\system32\drivers\sbp2port.sys [X]
    S3 Serenum; \SystemRoot\system32\DRIVERS\serenum.sys [X]
    S3 Serial; \SystemRoot\system32\DRIVERS\serial.sys [X]
    S3 sermouse; \SystemRoot\system32\DRIVERS\sermouse.sys [X]
    S3 sffdisk; \SystemRoot\system32\drivers\sffdisk.sys [X]
    S3 sffp_mmc; \SystemRoot\system32\drivers\sffp_mmc.sys [X]
    S3 sffp_sd; \SystemRoot\system32\drivers\sffp_sd.sys [X]
    S3 sfloppy; \SystemRoot\system32\DRIVERS\sfloppy.sys [X]
    S3 sisagp; \SystemRoot\system32\drivers\sisagp.sys [X]
    S3 SiSRaid2; \SystemRoot\system32\DRIVERS\SiSRaid2.sys [X]
    S3 SiSRaid4; \SystemRoot\system32\DRIVERS\sisraid4.sys [X]
    S3 stexstor; \SystemRoot\system32\DRIVERS\stexstor.sys [X]
    S3 storvsc; \SystemRoot\system32\drivers\storvsc.sys [X]
    R3 swenum; \SystemRoot\system32\drivers\swenum.sys [X]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    R1 TermDD; \SystemRoot\system32\drivers\termdd.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 uagp35; \SystemRoot\system32\DRIVERS\uagp35.sys [X]
    S3 uliagpkx; \SystemRoot\system32\drivers\uliagpkx.sys [X]
    S3 UmPass; \SystemRoot\system32\DRIVERS\umpass.sys [X]
    S3 usbcir; \SystemRoot\system32\drivers\usbcir.sys [X]
    S3 usbohci; \SystemRoot\system32\drivers\usbohci.sys [X]
    R1 VgaSave; \SystemRoot\System32\drivers\vga.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    S3 vhdmp; \SystemRoot\system32\drivers\vhdmp.sys [X]
    S3 viaagp; \SystemRoot\system32\drivers\viaagp.sys [X]
    S3 ViaC7; \SystemRoot\system32\DRIVERS\viac7.sys [X]
    S3 viaide; \SystemRoot\system32\drivers\viaide.sys [X]
    S3 VMBusHID; \SystemRoot\system32\drivers\VMBusHID.sys [X]
    S3 vsmraid; \SystemRoot\system32\DRIVERS\vsmraid.sys [X]
    S3 vwifibus; \SystemRoot\System32\drivers\vwifibus.sys [X]
    S3 WacomPen; \SystemRoot\system32\DRIVERS\wacompen.sys [X]
    S3 Wd; \SystemRoot\system32\DRIVERS\wd.sys [X]
    S3 WmiAcpi; \SystemRoot\system32\drivers\wmiacpi.sys [X]
    S4 ws2ifsl; \SystemRoot\system32\drivers\ws2ifsl.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-11-16 13:11 - 2015-11-16 13:11 - 00018484 _____ C:\Users\Radha\Desktop\FRST.txt
    2015-11-16 10:51 - 2015-11-16 10:51 - 01378304 _____ (Farbar) C:\Users\Radha\Desktop\FRST.exe
    2015-11-16 10:06 - 2015-11-16 10:06 - 00448512 _____ (OldTimer Tools) C:\Users\Radha\Desktop\TFC.exe
    2015-11-15 19:23 - 2015-11-16 13:11 - 00000000 ____D C:\FRST
    2015-11-13 19:30 - 2015-11-13 19:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2015-11-13 19:30 - 2015-11-13 19:30 - 00002017 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
    2015-11-12 13:29 - 2015-11-12 13:29 - 00000000 ____D C:\Users\Radha\AppData\LocalLow\Adblock Plus for IE
    2015-11-12 13:16 - 2015-11-12 13:30 - 00000000 ____D C:\Program Files\PCPitstop
    2015-11-12 13:16 - 2015-11-12 13:26 - 00000000 ____D C:\ProgramData\PCPitstop
    2015-11-12 12:56 - 2015-11-12 12:56 - 00000000 ____D C:\Users\Radha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
    2015-11-12 07:33 - 2015-11-03 09:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-11-11 06:45 - 2015-10-29 09:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
    2015-11-11 06:45 - 2015-10-29 09:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
    2015-11-11 06:45 - 2015-10-29 09:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
    2015-11-11 06:45 - 2015-10-29 09:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
    2015-11-11 06:45 - 2015-10-19 16:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
    2015-11-11 06:45 - 2015-10-19 16:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2015-11-11 06:45 - 2015-10-19 16:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2015-11-11 06:45 - 2015-10-19 16:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2015-11-11 06:45 - 2015-10-19 16:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
    2015-11-11 06:45 - 2015-10-19 16:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2015-11-11 06:45 - 2015-10-19 16:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2015-11-11 06:45 - 2015-10-19 16:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2015-11-11 06:45 - 2015-10-19 16:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2015-11-11 06:45 - 2015-10-19 16:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2015-11-11 06:45 - 2015-10-19 16:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2015-11-11 06:45 - 2015-10-19 16:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2015-11-11 06:45 - 2015-10-19 16:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2015-11-11 06:45 - 2015-10-19 16:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2015-11-11 06:45 - 2015-10-19 15:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2015-11-11 06:45 - 2015-10-19 15:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2015-11-11 06:45 - 2015-10-19 15:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2015-11-11 06:45 - 2015-10-13 08:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
    2015-11-11 06:45 - 2015-10-13 08:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
    2015-11-11 06:45 - 2015-09-23 05:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
    2015-11-11 06:45 - 2015-09-23 05:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
    2015-11-11 06:44 - 2015-11-03 13:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-11-11 06:44 - 2015-10-30 14:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2015-11-11 06:44 - 2015-10-30 14:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2015-11-11 06:44 - 2015-10-30 14:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-11-11 06:44 - 2015-10-30 14:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-11-11 06:44 - 2015-10-30 14:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2015-11-11 06:44 - 2015-10-30 14:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-11-11 06:44 - 2015-10-30 14:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2015-11-11 06:44 - 2015-10-30 14:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2015-11-11 06:44 - 2015-10-30 14:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-11-11 06:44 - 2015-10-30 14:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2015-11-11 06:44 - 2015-10-30 14:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2015-11-11 06:44 - 2015-10-30 14:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-11-11 06:44 - 2015-10-30 14:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-11-11 06:44 - 2015-10-30 14:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-11-11 06:44 - 2015-10-30 14:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2015-11-11 06:44 - 2015-10-30 14:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2015-11-11 06:44 - 2015-10-30 14:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2015-11-11 06:44 - 2015-10-30 14:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2015-11-11 06:44 - 2015-10-30 14:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2015-11-11 06:44 - 2015-10-30 14:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2015-11-11 06:44 - 2015-10-30 14:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-11-11 06:44 - 2015-10-30 14:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-11-11 06:44 - 2015-10-30 14:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2015-11-11 06:44 - 2015-10-30 14:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-11-11 06:44 - 2015-10-30 14:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2015-11-11 06:44 - 2015-10-30 14:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-11-11 06:44 - 2015-10-30 14:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-11-11 06:44 - 2015-10-30 14:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-11-11 06:44 - 2015-10-30 14:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2015-11-11 06:44 - 2015-10-30 14:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2015-11-11 06:44 - 2015-10-30 13:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-11-11 06:44 - 2015-10-30 13:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-11-11 06:44 - 2015-10-30 13:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-11-11 06:44 - 2015-10-12 20:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
    2015-11-11 06:44 - 2015-10-01 09:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
    2015-11-11 06:44 - 2015-10-01 09:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-11-11 06:43 - 2015-10-20 09:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
    2015-11-11 06:43 - 2015-10-20 09:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
    2015-11-11 06:43 - 2015-10-20 09:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
    2015-11-11 06:43 - 2015-10-20 09:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
    2015-11-11 06:43 - 2015-10-20 09:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
    2015-10-25 11:12 - 2015-10-25 11:12 - 00000000 ___HD C:\$Windows.~WS
    2015-10-25 11:12 - 2015-10-25 11:12 - 00000000 ____D C:\$WINDOWS.~BT

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-11-16 13:02 - 2011-03-01 13:06 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-11-16 12:44 - 2011-09-02 08:47 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA.job
    2015-11-16 12:42 - 2012-05-20 11:57 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-11-16 12:40 - 2015-06-17 09:29 - 00000918 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA.job
    2015-11-16 11:44 - 2011-09-02 08:47 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core.job
    2015-11-16 10:49 - 2009-07-13 20:34 - 00022416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-11-16 10:49 - 2009-07-13 20:34 - 00022416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-11-16 10:45 - 2011-02-26 17:33 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-11-16 10:44 - 2011-02-26 13:38 - 01869964 _____ C:\Windows\WindowsUpdate.log
    2015-11-16 10:43 - 2014-03-09 14:31 - 00000000 ____D C:\ProgramData\boost_interprocess
    2015-11-16 10:43 - 2012-08-16 09:23 - 00000000 ___RD C:\Users\Radha\Dropbox
    2015-11-16 10:43 - 2012-08-16 09:21 - 00000000 ____D C:\Users\Radha\AppData\Roaming\Dropbox
    2015-11-16 10:40 - 2011-03-01 13:06 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-11-16 10:40 - 2009-07-13 20:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-11-16 10:40 - 2009-07-13 20:39 - 00424490 _____ C:\Windows\setupact.log
    2015-11-14 11:47 - 2011-02-27 10:11 - 00109462 _____ C:\Windows\PFRO.log
    2015-11-13 19:30 - 2011-07-21 07:25 - 00000000 ____D C:\Program Files\Common Files\Adobe
    2015-11-13 19:30 - 2011-07-21 07:23 - 00000000 ____D C:\ProgramData\Adobe
    2015-11-13 19:30 - 2011-07-21 07:23 - 00000000 ____D C:\Program Files\Adobe
    2015-11-13 13:40 - 2015-06-17 09:29 - 00000866 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core.job
    2015-11-13 09:23 - 2012-02-15 09:18 - 00000000 ____D C:\Users\Radha\Documents\DELILAH (Novel)
    2015-11-13 08:43 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\rescache
    2015-11-13 07:42 - 2015-03-10 13:43 - 00000000 ____D C:\Users\Radha\Documents\Mars Project
    2015-11-12 18:19 - 2009-07-13 20:33 - 00414408 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-11-12 13:31 - 2011-03-01 13:06 - 00000000 ____D C:\Users\Radha\AppData\Local\Google
    2015-11-12 13:31 - 2011-03-01 13:06 - 00000000 ____D C:\Program Files\Google
    2015-11-12 13:10 - 2012-02-15 09:19 - 00000000 ____D C:\Users\Radha\Documents\DEATH BY DROWNING (Novel)
    2015-11-11 12:47 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\Microsoft.NET
    2015-11-11 12:22 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Windows Journal
    2015-11-11 08:21 - 2011-02-26 17:35 - 00000000 ____D C:\ProgramData\Microsoft Help
    2015-11-11 08:20 - 2013-08-14 05:57 - 00000000 ____D C:\Windows\system32\MRT
    2015-11-11 08:14 - 2011-02-27 14:52 - 143250520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-11-10 11:42 - 2012-05-20 11:57 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
    2015-11-10 11:42 - 2011-11-25 09:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
    2015-11-09 11:27 - 2013-05-10 05:23 - 00000000 ____D C:\Users\Radha\Documents\Shipping Labels (DBC)
    2015-11-06 13:10 - 2011-08-17 08:33 - 00000000 ____D C:\ProgramData\CanonIJPLM
    2015-10-28 11:08 - 2015-02-04 11:57 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-10-26 06:04 - 2011-02-26 17:29 - 00000000 ____D C:\Users\Radha
    2015-10-26 06:04 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\system32\wfp
    2015-10-26 06:03 - 2011-08-17 08:45 - 00000000 ___HD C:\ProgramData\CanonIJScan
    2015-10-26 06:03 - 2009-07-13 18:37 - 00000000 ____D C:\Windows\registration
    2015-10-25 11:12 - 2011-02-26 13:34 - 00000000 ____D C:\Windows\Panther
    2015-10-21 07:38 - 2011-05-22 14:56 - 00000000 ____D C:\Users\Radha\Documents\Screenwriter
    2015-10-21 07:38 - 2003-04-21 13:49 - 00004630 _____ C:\Windows\Scwriter.ini
    2015-10-19 13:27 - 2015-03-07 10:39 - 00000000 ____D C:\Users\Radha\Documents\R.B. OCI Application 2015
    2015-10-18 17:26 - 2015-02-04 11:57 - 00001060 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-10-18 17:26 - 2015-02-04 11:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-10-18 17:26 - 2015-02-04 11:57 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
    2015-10-17 10:29 - 2014-06-20 07:08 - 00000000 ____D C:\ProgramData\Skype
    2015-10-17 10:25 - 2014-06-20 07:08 - 00000000 ____D C:\Users\Radha\AppData\Roaming\Skype

    ==================== Files in the root of some directories =======

    2014-02-11 06:20 - 2014-02-11 06:20 - 49940480 _____ () C:\Program Files\GUT1287.tmp
    2015-09-18 06:37 - 2015-09-18 06:37 - 6420480 _____ () C:\Program Files\GUTC582.tmp
    2015-02-04 12:28 - 2015-06-06 06:16 - 16258616 _____ (LastPass) C:\Program Files\Common Files\lpuninstall.exe
    2014-12-23 11:14 - 2014-12-17 13:34 - 1836584 _____ (BeFrugal.com ) C:\Users\Radha\AppData\Roaming\BeFrugal.com-Install.exe

    Some files in TEMP:
    ====================
    C:\Users\Radha\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqz9nep.dll


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-11-10 13:07

    ==================== End of FRST.txt ============================
    Additional scan result of Farbar Recovery Scan Tool (x86) Version:16-11-2015
    Ran by Radha (2015-11-16 13:12:16)
    Running from C:\Users\Radha\Desktop
    Microsoft Windows 7 Enterprise Service Pack 1 (X86) (2011-02-27 01:29:22)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-147396072-559182813-3382226817-500 - Administrator - Disabled)
    Guest (S-1-5-21-147396072-559182813-3382226817-501 - Limited - Disabled)
    Radha (S-1-5-21-147396072-559182813-3382226817-1000 - Administrator - Enabled) => C:\Users\Radha

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
    AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20069 - Adobe Systems Incorporated)
    Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.7.0.19530 - Adobe Systems Incorporated)
    Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
    Canon CanoScan LiDE 110 User Registration (HKLM\...\Canon CanoScan LiDE 110 User Registration) (Version: - )
    Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
    Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
    Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
    Canon MG2500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2500_series) (Version: 1.00 - Canon Inc.)
    Canon MG2500 series On-screen Manual (HKLM\...\Canon MG2500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.)
    Canon MG2500 series User Registration (HKLM\...\Canon MG2500 series User Registration) (Version: - *Canon Inc.)
    Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version: - )
    Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.)
    Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.)
    Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
    Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.)
    CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2414) (Version: - )
    Chinese Simplified Fonts Support For Adobe Reader X (HKLM\...\{AC76BA86-7AD7-2447-0000-A00000000003}) (Version: 10.0.0 - Adobe Systems Incorporated)
    Coupon Printer for Windows (HKLM\...\Coupon Printer for Windows5.0.0.3) (Version: 5.0.0.3 - Coupons.com Incorporated)
    D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
    Dropbox (HKU\S-1-5-21-147396072-559182813-3382226817-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
    EMET 4.1 (HKLM\...\{65BC2BDA-D828-4596-99E4-A8799C45C84C}) (Version: 4.1 - Microsoft Corporation)
    FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
    Google Advertising Cookie Opt-out (HKLM\...\{291820D0-A626-40F9-BDFF-8D5CEAB04243}) (Version: 1.0.1.0 - Google Inc)
    Google Talk Plugin (HKLM\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
    Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
    Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
    Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
    Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
    LastPass (uninstall only) (HKLM\...\LastPass) (Version: - LastPass)
    Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
    Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
    Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Streets and Trips 2002 (HKLM\...\{12BDDF23-B1DB-49C8-92D3-3E6841CCED61}) (Version: 9.00.16.2000 - Microsoft)
    Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version: - )
    Movie Magic Screenwriter (HKLM\...\InstallShield_{2D8A75A0-6097-41EC-AE41-AB5505DC3384}) (Version: 4.73.03 - Write Brothers, Inc.)
    Movie Magic Screenwriter (Version: 4.73.03 - Write Brothers, Inc.) Hidden
    Norton Online Backup (HKLM\...\{652C1CDF-C61D-4525-9348-8C272CC2DB24}) (Version: 2.10.1.3 - Symantec Corporation)
    Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
    Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

    ==================== Restore Points =========================

    03-11-2015 10:10:08 Windows Update
    07-11-2015 10:39:50 Windows Update
    11-11-2015 07:58:44 Windows Update
    12-11-2015 14:22:55 Windows Update
    15-11-2015 19:11:35 Installed Microsoft Fix it 50195
    15-11-2015 19:17:51 Windows Update

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:04 - 2015-01-13 20:12 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {2DB95B7B-1E33-458E-A000-B1E0A7BE3DF1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {3A5529C3-1697-492D-8B8A-28379C6A5354} - System32\Tasks\{9E0D32F8-D7DD-4A89-A917-96E9C49BE9F3} => pcalua.exe -a D:\display\DRIVERS\Installation\Setup.exe -d C:\Users\Radha\Desktop
    Task: {3F098BB4-E1E0-434D-B981-80DFC7FBF7FA} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
    Task: {5FF6984B-00FF-4400-88CC-11A42FA79A39} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    Task: {64221DCD-47A2-475A-AF75-3D337AA9DFD0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
    Task: {72AD9A0F-CB0F-41B5-B6D3-EE99A4CE9561} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {7FF9DBC9-6E74-47A4-B2AB-D0CFAD35E614} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
    Task: {B22F1C5A-5AB2-4C1E-978A-5C6A12FFEEC4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
    Task: {B61B2A96-9CBD-4694-A604-37788E3FEAE1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-10] (Adobe Systems Incorporated)
    Task: {DCB5ECBF-973A-44D4-88FE-14E3717D7789} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core.job => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA.job => C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000Core.job => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-147396072-559182813-3382226817-1000UA.job => C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2013-11-21 09:14 - 2013-11-21 09:14 - 00080528 _____ () C:\Program Files\EMET 4.1\EMET_CE.DLL
    2006-12-04 00:25 - 2006-12-04 00:25 - 00022723 _____ () C:\Windows\System32\sugs2l3.dll
    2011-08-17 08:33 - 2012-03-27 19:49 - 00140456 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    2015-11-16 10:42 - 2015-11-16 10:42 - 00071168 _____ () c:\users\radha\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqz9nep.dll
    2015-09-30 18:42 - 2015-09-02 16:11 - 00012800 _____ () C:\Users\Radha\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
    2015-03-04 13:45 - 2015-09-02 16:11 - 00779776 _____ () C:\Users\Radha\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
    2015-09-30 18:42 - 2015-09-02 16:11 - 00056320 _____ () C:\Users\Radha\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
    2015-09-30 18:42 - 2015-09-02 16:11 - 00012288 _____ () C:\Users\Radha\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-147396072-559182813-3382226817-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Radha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 10.0.0.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{37225636-25DD-4FD4-B904-2FF776BC99F6}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{AFFE1798-295C-4DCD-BF02-4CCE8DB26B51}] => (Allow) LPort=2869
    FirewallRules: [{225FB13A-DD64-4AEF-8FC0-2D2364C81AEA}] => (Allow) LPort=1900
    FirewallRules: [{7F567D4B-E427-4D52-99D7-598D17ADA8E1}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
    FirewallRules: [TCP Query User{0A1D2E02-AC24-4D9C-8828-4BF577CDDA09}C:\program files\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files\symantec\norton online backup\nobuclient.exe
    FirewallRules: [UDP Query User{AD40CFB2-6681-40C2-AE82-FB7C31C19D28}C:\program files\symantec\norton online backup\nobuclient.exe] => (Allow) C:\program files\symantec\norton online backup\nobuclient.exe
    FirewallRules: [TCP Query User{79017B72-03CB-45DF-8A14-F5149E7CB8AF}C:\users\radha\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\radha\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [UDP Query User{FCA296CA-B33E-403F-9E25-13544B0F2A1D}C:\users\radha\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\radha\appdata\roaming\dropbox\bin\dropbox.exe
    FirewallRules: [{4C098F5A-6FFD-4EAA-910F-B0B31C2B5217}] => (Allow) C:\Users\Radha\AppData\Local\Temp\nsdAB31.tmp\Installer-76161700.exe
    FirewallRules: [{B6F16A13-E17F-4FC5-BDEF-5209477F4510}] => (Allow) C:\Users\Radha\AppData\Local\Temp\nsdAB31.tmp\Installer-76161700.exe
    FirewallRules: [TCP Query User{B1E7EEB1-9FC5-4168-9A1B-6EB5E1D13ECB}C:\program files\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files\symantec\norton online backup\nobuclient.exe
    FirewallRules: [UDP Query User{60FF0E13-EF58-4276-9381-3A60ECF2A6BE}C:\program files\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files\symantec\norton online backup\nobuclient.exe

    ==================== Faulty Device Manager Devices =============

    Name: Teredo Tunneling Pseudo-Interface
    Description: Microsoft Teredo Tunneling Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: tunnel
    Problem: : This device cannot start. (Code10)
    Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (11/16/2015 01:11:12 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 01:10:51 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 01:09:18 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 01:07:18 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 01:05:18 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 01:03:19 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 00:55:09 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 00:53:30 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 00:53:09 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001

    Error: (11/16/2015 00:51:09 PM) (Source: EMET) (EventID: 42) (User: )
    Description: EMET detected that the SSL certificate for "www.yahoo.com" is not trusted by the rule "YahooCA" associated with the domain "login.yahoo.com"

    Certificates details:

    [SSL CERTIFICATE]
    SubjectName : CN=www.yahoo.com, O=Yahoo Inc., L=Sunnyvale, S=California, C=US
    Issuer CA : CN=Symantec Class 3 Secure Server CA - G4, OU=Symantec Trust Network, O=Symantec Corporation, C=US
    SerialNumber : 75120151D2F9E29B8E68B754065F9BC9
    Thumbprint : FAE274DC34E6D34B2E86F31C14B4FA931706C411
    SignatureAlg : sha256RSA
    NotAfter : 12/18/2015 3:59:59 PM
    NotBefore : 10/18/2015 5:00:00 PM
    PublicKey : 3082010A0282010100ADD0411BEEBF4DC0391C3A829A02C550CCBBC30055FC08115FC88BC3CC8B53F559958C5EC6DFB523FF15E2AD2B28BC0EE55E15F3900E1773B9C4C45927A856CCBFC5FC42B888CBEF585EFBDBBECA6E5BC35B6AD16719AD4F211B023C2417C4BC786CC0E232A8F3E86F6AA4950C3800264F8F487C2E8A41714064DBD3656A9C7C3761BA50809E099AAD13B47F0EEF8958A32CC883946F4E544902D35BA5E775AA0614BE25389FB988DFA09EA56ED3458AD652E927DCA7C2D9AF49BD344120E014C958E021ADFDD0A57AE3970FD56A24AC5D56B833357A092B0F666DDA20792928F677BA9C74D5CD796663C1408839358663666D4C7A939866BBDD17E7B1A1950B0203010001

    [ROOTCA CERTIFICATE]
    SubjectName : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    Issuer CA : CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
    SerialNumber : 18DAD19E267DE8BB4A2158CDCC6B3B4A
    Thumbprint : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
    SignatureAlg : sha1RSA
    NotAfter : 7/16/2036 4:59:59 PM
    NotBefore : 11/7/2006 4:00:00 PM
    PublicKey : 3082010A0282010100AF240808297A359E600CAAE74B3B4EDC7CBC3C451CBB2BE0FE2902F95708A364851527F5F1ADC831895D22E82AAAA642B38FF8B955B7B1B74BB3FE8F7E0757ECEF43DB66621561CF600DA4D8DEF8E0C362083D5413EB49CA59548526E52B8F1B9FEBF5A191C23349D843636A524BD28FE870514DD189697BC770F6B3DC1274DB7B5D4B56D396BF1577A1B0F4A225F2AF1C926718E5F40604EF90B9E400E4DD3AB519FF02BAF43CEEE08BEB378BECF4D7ACF2F6F03DAFDD759133191D1C40CB7424192193D914FEAC2A52C78FD50449E48D6347883C6983CBFE47BD2B7E4FC595AE0E9DD4D143C06773E314087EE53F9F73B8330ACF5D3F3487968AEE53E825150203010001


    System errors:
    =============
    Error: (11/14/2015 11:43:55 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/14/2015 11:43:55 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/13/2015 06:39:03 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/13/2015 06:39:03 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/12/2015 06:29:26 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for FailureCommand with the following error:
    %%5

    Error: (11/12/2015 06:29:23 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
    Description: The ScRegSetValueExW call failed for Start with the following error:
    %%5

    Error: (11/12/2015 09:28:15 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 20.

    Error: (11/12/2015 08:02:27 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/12/2015 08:02:27 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.

    Error: (11/12/2015 08:02:25 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
    Description: The following fatal alert was generated: 10. The internal error state is 10.


    ==================== Memory info ===========================

    Processor: Intel(R) Pentium(R) D CPU 3.00GHz
    Percentage of memory in use: 44%
    Total physical RAM: 2038.15 MB
    Available physical RAM: 1135.43 MB
    Total Virtual: 4076.3 MB
    Available Virtual: 2680.59 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:148.88 GB) (Free:101.01 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 41AB2316)
    Partition 1: (Not Active) - (Size=31 MB) - (Type=DE)
    Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=148.9 GB) - (Type=07 NTFS)

    ==================== End of Addition.txt ============================
    Last edited by benrand; 11-16-2015 at 04:18 PM.

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    Hello,

    That's odd. On any Windows 7 computer when you right click on an EXE file you should get the option in the window that opens to"Run as administrator" For instance if I right click on my desktop browser icon I get the option to "Run as administrator and right under that is the option to scan with Microsoft Security Essentials.

    Perhaps a glitch on your computer. We can look at that a bit later.

    I need to look over you logs. Then prepare a fix for you. We will also have several more scans to run, in hopes of getting rid of your issues...

    Thanks
    Joe

  9. #9
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,158
    Points
    1301

    Default

    A few items to fix, Copy everything inside the quote box, then paste it into notepad, save it as Fixlist to the desktop, now open farber and click on the Fix tab

    Once again here we go;
    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the quote box below into Notepad.

    CloseProcesses:
    CreateRestorePoint:
    CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    CHR HKLM\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - <no Path\update_url>
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2014-02-11 06:20 - 2014-02-11 06:20 - 49940480 _____ () C:\Program Files\GUT1287.tmp
    2015-09-18 06:37 - 2015-09-18 06:37 - 6420480 _____ () C:\Program Files\GUTC582.tmp
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
    Task: {5FF6984B-00FF-4400-88CC-11A42FA79A39} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    C:\Program Files\MyPC Backup
    FirewallRules: [{4C098F5A-6FFD-4EAA-910F-B0B31C2B5217}] => (Allow) C:\Users\Radha\AppData\Local\Temp\nsdAB31.tmp\Installer-76161700.exe
    FirewallRules: [{B6F16A13-E17F-4FC5-BDEF-5209477F4510}] => (Allow) C:\Users\Radha\AppData\Local\Temp\nsdAB31.tmp\Installer-76161700.exe
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    RemoveProxy:
    hosts:
    Emptytemp:
    • Click Format and ensure Wordwrap is unchecked.
    • Save as Fixlist.txt to your Desktop (Must be in this location)
    • Run FRST/FRST64 and press the Fix button just once and wait.
    • If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    • The tool will make a log on the Desktop called (Fixlog.txt). Please post it to your reply.


    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    Post the Fix log.txt It will be on the desktop after fix has run. It should only take a short time to run..

    Thanks
    Joe

  10. #10
    Member
    Join Date
    Nov 2015
    Posts
    10
    Points
    0

    Default

    Thanks, Joe.

    Here's the Fixlog:

    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    CHR HKLM\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - <no Path\update_url>
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]
    2014-02-11 06:20 - 2014-02-11 06:20 - 49940480 _____ () C:\Program Files\GUT1287.tmp
    2015-09-18 06:37 - 2015-09-18 06:37 - 6420480 _____ () C:\Program Files\GUTC582.tmp
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Google Talk Plugin\googletalkax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Google Talk Plugin\o1dax.dll (Google)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Radha\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Radha\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll (Dropbox, Inc.)
    CustomCLSID: HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Radha\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
    Task: {5FF6984B-00FF-4400-88CC-11A42FA79A39} - System32\Tasks\LaunchSignup => C:\Program Files\MyPC Backup\Signup Wizard.exe <==== ATTENTION
    C:\Program Files\MyPC Backup
    FirewallRules: [{4C098F5A-6FFD-4EAA-910F-B0B31C2B5217}] => (Allow) C:\Users\Radha\AppData\Local\Temp\nsdAB31.tmp\Installer-76161700.exe
    FirewallRules: [{B6F16A13-E17F-4FC5-BDEF-5209477F4510}] => (Allow) C:\Users\Radha\AppData\Local\Temp\nsdAB31.tmp\Installer-76161700.exe
    CMD: bitsadmin /reset /allusers
    CMD: netsh winsock reset catalog
    CMD: ipconfig /flushdns
    RemoveProxy:
    hosts:
    Emptytemp:
    *****************

    Processes closed successfully.
    Restore point was successfully created.
    "HKLM\SOFTWARE\Policies\Google" => key removed successfully.
    "HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully.
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully.
    HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
    "HKLM\SOFTWARE\Google\Chrome\Extensions\okmhneofinpilciglijihehjpaegledb" => key removed successfully.
    Synth3dVsc => service removed successfully.
    tsusbhub => service removed successfully.
    VGPU => service removed successfully.
    C:\Program Files\GUT1287.tmp => moved successfully
    C:\Program Files\GUTC582.tmp => moved successfully
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{39125640-8D80-11DC-A2FE-C5C455D89593}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{AB9F4455-E591-4132-A386-0B91EAEDB96C}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}" => key removed successfully.
    "HKU\S-1-5-21-147396072-559182813-3382226817-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5FF6984B-00FF-4400-88CC-11A42FA79A39}" => key removed successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FF6984B-00FF-4400-88CC-11A42FA79A39}" => key removed successfully.
    C:\Windows\System32\Tasks\LaunchSignup => moved successfully
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => key removed successfully.
    "C:\Program Files\MyPC Backup" => not found.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C098F5A-6FFD-4EAA-910F-B0B31C2B5217} => value removed successfully.
    HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B6F16A13-E17F-4FC5-BDEF-5209477F4510} => value removed successfully.

    ========= bitsadmin /reset /allusers =========


    BITSADMIN version 3.0 [ 7.5.7601 ]
    BITS administration utility.
    (C) Copyright 2000-2006 Microsoft Corp.

    BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
    Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

    {123EE259-CD32-46F5-AA53-FA5F4C1A2A86} canceled.
    {DB5AF202-8D8A-4702-B2EF-0BF34C1785D8} canceled.
    2 out of 2 jobs canceled.

    ========= End of CMD: =========


    ========= netsh winsock reset catalog =========


    Sucessfully reset the Winsock Catalog.
    You must restart the computer in order to complete the reset.


    ========= End of CMD: =========


    ========= ipconfig /flushdns =========


    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    ========= End of CMD: =========

Page 1 of 2 12 LastLast