Occasionally when surfing the web, I'm getting redirected to a "winerror.info" popup that consists of a blue screen saying that my system has been compromised and I need to call the provided number to speak to a Microsoft rep immediately. This is obviously malware. Any assistance in removal is greatly appreciated.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
Ran by Roberts Family (administrator) on IONGRAPHX (15-09-2015 20:47:20)
Running from C:\Users\Roberts Family\Desktop
Loaded Profiles: Roberts Family (Available Profiles: Roberts Family)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Coupons.com Inc.) C:\Program Files (x86)\Coupons\CouponPrinterService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Octoshape ApS) C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Spotify Ltd) C:\Users\Roberts Family\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(David Ayton) C:\Program Files (x86)\CDisplay\CDisplay.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avrestart.exe
(RockMelt Inc.) C:\Users\Roberts Family\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-05-15] (Apple Inc.)
HKLM-x32\...\Run: [ApnUpdater] => C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1648048 2013-12-23] (Ask)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [377800 2012-11-07] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [Nike+ Connect] => C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2015-02-01] (Nike)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Google Update] => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [RockMelt Update] => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [136336 2011-08-19] (RockMelt Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Spotify Web Helper] => C:\Users\Roberts Family\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-05] (Spotify Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-11-25] ()
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [6983768 2013-03-22] (SlySoft, Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [uTorrent] => C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe [1696096 2015-09-09] (BitTorrent Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21648480 2014-07-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Spotify] => C:\Users\Roberts Family\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-05] (Spotify Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [GoogleChromeAutoLaunch_404CB0ED4D5342B49CBD6BAE6FC58785] => C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe [815944 2015-08-27] (Google Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Dropbox Update] => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-26] (Dropbox, Inc.)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-03-22]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-04-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{BD87AFBD-6DA4-4C77-95F7-A56E0B2AAB7E}: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.coupons.com/
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.coupons.com/
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://g.msn.com/HPDSK/1
URLSearchHook: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> DefaultScope {4D643B2B-B043-4F6D-B426-1E10B87328F6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=MA95B2F96-1D49-4F0A-B353-4F9FC179A0B5&SearchSource=58&CUI=&UM=6&UP=SPAB6D3E2D-81DA-4956-81F6-5D0849904D27&q={searchTerms}&SSPV=SP21726TA_sp_ie
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {2B22ECC0-FEB4-4912-94FF-C491A05E5B06} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=^FV&apn_dtid=^YYYYYY^YY^US&apn_uid=FD8FDC34-78E7-4797-AA90-21E480671C58&apn_sauid=B5668CF0-8BF0-4E29-9922-8C31E22CCD03
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {4D643B2B-B043-4F6D-B426-1E10B87328F6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = hxxp://search.coupons.com/search.asp?p=df&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {9B97950D-482C-1D79-568F-FC7B9D40C785} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z192&form=ZGAIDF&install_date=20110812&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-12-23] (Ask)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: TBSB07898 Class -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} -> C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll [2013-07-15] ()
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll [2013-12-23] (Ask)
Toolbar: HKLM-x32 - Coupons.com CouponBar - {8660E5B3-6C41-44DE-8503-98D99BBECD41} - C:\Program Files (x86)\Coupons.com CouponBar\tbcore3.dll [2013-07-15] ()
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {36103610-3232-3610-3610-323236103610} hxxps://sharecenter.myngc.com/im7/webdav/otdavview361.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo
FF Homepage: hxxp://search.yahoo.com?type=714647&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-25] (Pando Networks)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu LLC)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @talk.google.com/O1DPlugin -> C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @us-w1.rockmelt.com/RockMelt Update;version=8 -> C:\Users\Roberts Family\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll [2011-08-19] (RockMelt Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-25] (Pando Networks)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: revtrax.com/RevTraxPrintMyCoupon -> C:\Users\Roberts Family\AppData\Roaming\RevTrax\RevTraxPrintMyCoupon\1.0.0.0\npRevTraxPrintMyCoupon.dll [2014-10-15] (RevTrax)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009-05-01] (The OpenSSL Project,
http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-09-10] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll [2014-03-20] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll [2014-09-03] (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009-05-01] (The OpenSSL Project,
http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-06-15] (Octoshape ApS)
FF SearchPlugin: C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\searchplugins\askcom.xml [2015-04-26]
FF SearchPlugin: C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\searchplugins\bing-zugo.xml [2011-08-12]
FF SearchPlugin: C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\searchplugins\bingp.xml [2013-07-25]
FF Extension: Ask Toolbar - C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\Extensions\
[email protected] [2012-04-28]
FF Extension: Greasemonkey - C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-08-06]
FF Extension: DivX Web Player - C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\Extensions\
[email protected] [2011-07-26]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2012-07-07]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-10-07]
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
[email protected] [2014-02-04]
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\
[email protected] [2014-02-04]
FF HKLM-x32\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi
FF Extension: Coupons.com CouponBar - C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi [2014-03-12]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP6235994A-288E-468F-8E8F-8EE0F72D5CDB&SSPV=SP21726TA_sp_ch
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Native Client) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\45.0.2454.85\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\45.0.2454.85\pdf.dll => No File
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.5) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\plugins\NPcol400.dll (Catalina Marketing Corporation)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npoctoshape.dll (Octoshape ApS)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll => No File
CHR Plugin: (Java Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll => No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Google Update) - C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll => No File
CHR Plugin: (RockMelt Update) - C:\Users\Roberts Family\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll (RockMelt Inc.)
CHR Plugin: (Google Talk Plugin) - C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Renderer) - C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Octoshape Streaming Services) - C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1103234-0-npoctoshape.dll => No File
CHR Plugin: (Hulu Desktop) - C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll (Hulu LLC)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll => No File
CHR Profile: C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dropbox for Gmail) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-05-29]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-06-22]
CHR Extension: (Avira Browser Safety) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-14]
CHR Extension: (AdBlock) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-05-05]
CHR Extension: (Freemake Video Converter) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2013-06-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR HKU\S-1-5-21-4190836313-3339163880-859448109-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [incfcgceegpikennjoplhfghaaikdgei] - C:\Users\Roberts Family\AppData\Roaming\StartNow Toolbar\CR\zcrx.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [aaaapoldfpilohhfkhihnhdckpackghi] - C:\Users\Roberts Family\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.29.0.crx [2014-08-31]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-02-04]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-02-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2012-07-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome - C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-10-13] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [177648 2014-09-05] (Coupons.com Inc.)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-02-04] (Ellora Assets Corp.) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-04] (Nalpeiron Ltd.) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-08-22] (Company) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)
S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55424 2011-06-24] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-02-12] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2486416 2014-12-31] (MediaTek Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-07-28] (Apple, Inc.) [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-15 20:47 - 2015-09-15 20:48 - 00047358 _____ C:\Users\Roberts Family\Desktop\FRST.txt
2015-09-15 20:46 - 2015-09-15 20:47 - 00000000 ____D C:\FRST
2015-09-15 20:45 - 2015-09-15 20:45 - 02191360 _____ (Farbar) C:\Users\Roberts Family\Desktop\FRST64.exe
2015-09-14 07:35 - 2015-09-14 07:35 - 00001847 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2015-09-14 07:35 - 2015-09-14 07:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-09-14 07:35 - 2015-09-14 07:35 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-09-11 20:22 - 2015-09-11 20:22 - 00011288 _____ C:\Users\Roberts Family\Downloads\Message (2).pgp
2015-09-11 12:22 - 2015-09-11 12:30 - 1480308598 ____R C:\Users\Roberts Family\Downloads\Jurassic.World.2015.HDRip.XViD.AC3-ETRG.avi
2015-09-11 12:22 - 2015-09-11 12:23 - 01533676 _____ C:\Users\Roberts Family\Downloads\~uTorrentPartFile_59BAB65B.dat
2015-09-11 10:03 - 2015-09-11 10:03 - 01574218 _____ C:\Users\Roberts Family\Downloads\Football--Coop-11-09-2015.mp4
2015-09-11 09:16 - 2015-09-11 09:17 - 13155552 _____ (Microsoft Corporation) C:\Users\Roberts Family\Downloads\Silverlight_x64.exe
2015-09-09 18:17 - 2015-09-09 18:17 - 00000040 _____ C:\Windows\system32\`Ê
2015-09-09 11:40 - 2015-09-09 11:40 - 42723838 _____ C:\Users\Roberts Family\Downloads\Batman 044 (2015) (2 covers) (Digital) (Zone-Empire).cbr
2015-09-08 20:42 - 2015-09-08 21:11 - 560972785 _____ C:\Users\Roberts Family\Downloads\ovrnght.mkv
2015-09-06 20:11 - 2015-09-06 20:26 - 1471871646 _____ C:\Users\Roberts Family\Downloads\RSHTM.2015.HDRip.XviD.AC3-EVO.avi
2015-09-06 09:02 - 2015-09-06 09:02 - 00080384 _____ C:\Users\Roberts Family\Downloads\32d8b135-812d-4005-aca4-a5cddd5825a0.wiz
2015-09-04 00:22 - 2015-09-04 00:22 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-03 11:17 - 2015-09-03 11:26 - 2780478375 _____ C:\Users\Roberts Family\Downloads\Minions.2015.720p.HDRip.X264.AC3-EVO.mkv
2015-09-02 18:57 - 2015-09-02 19:03 - 22573757 _____ C:\Users\Roberts Family\Downloads\Injustice - Gods Among Us - Year Four 018 (2015) (digital) (Son of Ultron-Empire).cbr
2015-09-02 15:12 - 2015-09-02 15:14 - 62067488 _____ C:\Users\Roberts Family\Downloads\We Stand On Guard 003 (2015) (digital) (Minutemen-Spaztastic).cbr
2015-09-02 12:55 - 2015-09-02 12:57 - 333228490 _____ C:\Users\Roberts Family\Downloads\Fear.The.Walking.Dead.S01E02.HDTV.x264-KILLERS.mp4
2015-08-28 16:23 - 2015-08-28 16:31 - 1048806728 _____ C:\Users\Roberts Family\Downloads\Southpaw.2015.720p.WEB-DL.999MB.ShAaNiG.mkv
2015-08-26 12:58 - 2015-08-26 12:58 - 46862876 _____ C:\Users\Roberts Family\Downloads\Fight Club 2 004 (2015) (digital) (Son of Ultron-Empire).cbr
2015-08-26 12:58 - 2015-08-26 12:58 - 29626597 _____ C:\Users\Roberts Family\Downloads\East of West 020 (2015) (Digital) (Zone-Empire).cbr
2015-08-26 12:57 - 2015-08-26 12:58 - 47735611 _____ C:\Users\Roberts Family\Downloads\Justice League Of America 03 (2015) (Webrip) (The Last Kryptonian-DCP).cbr
2015-08-26 12:57 - 2015-08-26 12:57 - 39899947 _____ C:\Users\Roberts Family\Downloads\Cyborg 02 (2015) (Webrip) (The Last Kryptonian-DCP).cbr
2015-08-26 12:36 - 2015-08-26 13:05 - 1301482535 _____ C:\Users\Roberts Family\Downloads\Avengers.Age.of.Ultron.2015.WEB-DL.x264-RARBG.mp4
2015-08-26 08:36 - 2015-09-15 20:41 - 00000954 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job
2015-08-26 08:36 - 2015-08-26 08:36 - 00003942 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA
2015-08-26 08:35 - 2015-09-15 08:40 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job
2015-08-26 08:35 - 2015-08-26 08:35 - 00003546 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core
2015-08-26 08:35 - 2015-08-26 08:35 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\Dropbox
2015-08-26 08:35 - 2015-08-26 08:35 - 00000000 ____D C:\ProgramData\Dropbox
2015-08-25 19:25 - 2015-08-25 19:29 - 24364768 _____ C:\Users\Roberts Family\Downloads\Injustice - Gods Among Us - Year Four 017 (2015) (digital) (Son of Ultron-Empire).cbr
2015-08-25 19:21 - 2015-08-25 19:30 - 669029301 _____ C:\Users\Roberts Family\Downloads\452Aau.2015.720p.web-dl.x265_hevc_-_Team_Encodex265_-_Copy.mkv
2015-08-21 08:55 - 2015-08-21 08:58 - 1322774402 _____ C:\Users\Roberts Family\Downloads\A.A.G.2015.720p.HDRip.HEVC.x265.AC3-SANTi.mkv
2015-08-19 19:10 - 2015-08-19 19:14 - 22359838 _____ C:\Users\Roberts Family\Downloads\Injustice - Gods Among Us - Year Four 016 (2015) (digital) (Son of Ultron-Empire).cbr
2015-08-19 19:08 - 2015-08-19 19:08 - 36900148 _____ C:\Users\Roberts Family\Downloads\Invincible 122 (2015) (Digital) (Zone-Empire).cbr
2015-08-19 19:06 - 2015-08-19 19:07 - 40805055 _____ C:\Users\Roberts Family\Downloads\Justice League 043 (2015) (Webrip) (The Last Kryptonian-DCP).cbr
2015-08-19 19:05 - 2015-08-19 19:11 - 32776271 _____ C:\Users\Roberts Family\Downloads\Robin - Son of Batman 003 (2015) (digital-Oroboros).cbr
2015-08-16 18:13 - 2015-08-16 18:13 - 00001755 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-16 18:13 - 2015-08-16 18:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-16 18:12 - 2015-08-16 18:13 - 00000000 ____D C:\Program Files\iTunes
2015-08-16 18:12 - 2015-08-16 18:12 - 00000000 ____D C:\Program Files\iPod
2015-08-16 18:12 - 2015-08-16 18:12 - 00000000 ____D C:\Program Files (x86)\iTunes
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-15 20:31 - 2012-04-22 18:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-15 20:13 - 2011-07-26 12:46 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job
2015-09-15 20:05 - 2011-08-19 12:00 - 00000964 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job
2015-09-15 19:20 - 2011-04-02 01:38 - 00000000 ____D C:\ProgramData\PDFC
2015-09-15 18:34 - 2012-11-15 11:55 - 00000000 ____D C:\ProgramData\Kodak
2015-09-15 18:24 - 2011-07-24 12:06 - 02071633 _____ C:\Windows\WindowsUpdate.log
2015-09-15 14:13 - 2011-07-26 12:46 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job
2015-09-15 14:08 - 2011-07-26 12:46 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA
2015-09-15 14:08 - 2011-07-26 12:46 - 00003536 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core
2015-09-15 12:05 - 2011-08-19 12:00 - 00000912 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job
2015-09-15 08:21 - 2011-07-26 17:39 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-09-15 02:00 - 2011-08-14 20:26 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\Adobe
2015-09-12 21:21 - 2011-07-24 12:12 - 00353048 _____ C:\Users\Roberts Family\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-12 17:23 - 2011-07-28 09:18 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\uTorrent
2015-09-11 09:26 - 2013-05-17 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-09-11 09:26 - 2013-05-17 14:42 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-09-11 09:26 - 2013-05-17 14:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-09-10 16:53 - 2011-07-26 12:46 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\Google
2015-09-10 09:07 - 2009-07-14 00:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-10 09:07 - 2009-07-14 00:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-09 20:35 - 2012-08-07 21:28 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Skype
2015-09-09 20:33 - 2011-08-17 11:44 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\Spotify
2015-09-09 20:31 - 2011-08-17 11:44 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Spotify
2015-09-09 18:51 - 2012-11-25 16:31 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\PMB Files
2015-09-09 18:24 - 2014-08-12 16:53 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-09 18:24 - 2012-10-08 18:03 - 00000000 ___RD C:\Users\Roberts Family\Dropbox
2015-09-09 18:23 - 2013-01-12 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-09 18:23 - 2012-10-08 17:59 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Dropbox
2015-09-09 18:20 - 2013-06-23 13:48 - 00000040 ___SH C:\ProgramData\.zreglib
2015-09-09 18:18 - 2015-01-06 09:22 - 00000368 _____ C:\Windows\Tasks\HPCeeScheduleForRoberts Family.job
2015-09-09 18:18 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-09 18:15 - 2011-07-29 21:08 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\SoftGrid Client
2015-09-04 09:09 - 2011-07-26 12:46 - 00002414 _____ C:\Users\Roberts Family\Desktop\Google Chrome.lnk
2015-08-26 18:14 - 2015-01-06 09:22 - 00003240 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRoberts Family
2015-08-25 21:33 - 2012-11-17 21:29 - 00003220 _____ C:\Windows\System32\Tasks\HPCeeScheduleForIONGRAPHX$
2015-08-25 21:33 - 2012-11-17 21:29 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForIONGRAPHX$.job
2015-08-16 18:12 - 2011-07-27 22:02 - 00000000 ____D C:\Program Files\Common Files\Apple
==================== Files in the root of some directories =======
2012-05-23 23:28 - 2012-05-23 23:32 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe GIF Format CS5 Prefs
2013-03-02 09:40 - 2013-03-02 09:41 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe GIF Format CS6 Prefs
2013-12-19 14:22 - 2013-12-19 14:22 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2011-08-31 11:36 - 2012-09-17 00:21 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-10-22 16:08 - 2015-04-23 17:44 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-12-18 16:04 - 2012-12-21 21:11 - 0000580 _____ () C:\Users\Roberts Family\AppData\Local\cookies.ini
2012-11-15 23:55 - 2013-10-17 22:39 - 0029876 _____ () C:\Users\Roberts Family\AppData\Local\installer.log
2013-06-23 13:48 - 2015-09-09 18:20 - 0000040 ___SH () C:\ProgramData\.zreglib
Some files in TEMP:
====================
C:\Users\Roberts Family\AppData\Local\Temp\avgnt.exe
C:\Users\Roberts Family\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphfumtw.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-11 00:19
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
Ran by Roberts Family (2015-09-15 20:49:04)
Running from C:\Users\Roberts Family\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-07-24 16:06:53)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4190836313-3339163880-859448109-500 - Administrator - Disabled)
Guest (S-1-5-21-4190836313-3339163880-859448109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4190836313-3339163880-859448109-1002 - Limited - Enabled)
Roberts Family (S-1-5-21-4190836313-3339163880-859448109-1001 - Administrator - Enabled) => C:\Users\Roberts Family
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
AMD Catalyst Install Manager (HKLM\...\{6F483F38-6162-7606-1D0B-054852C8E011}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.1.7.0 - SlySoft)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARO 2013 (HKLM\...\ARO 2013_is1) (Version: 8.0 - Support.com)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.29.0 - Ask.com) <==== ATTENTION
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
BitPim 1.0.7 (HKLM-x32\...\{FA61D601-A0FC-48BD-AE7A-54946BCD7FB6}_is1) (Version: 1.0.7 - Joe Pham <
[email protected]>)
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version: - )
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.1.2) (Version: 5.0.1.2 - Coupons.com Incorporated)
CouponBar (HKLM-x32\...\CouponBar5.0.0.4) (Version: 5.0.0.4 - Coupons.com Incorporated) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC++ 0.782 (HKLM-x32\...\DC++) (Version: 0.782 - Jacek Sieka)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
ffdshow [rev 3299] [2010-03-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.0.0.3299 - )
FileZilla Client 3.5.1 (HKLM-x32\...\FileZilla Client) (Version: 3.5.1 - FileZilla Project)
FormatFactory 2.95 (HKLM-x32\...\FormatFactory) (Version: 2.95 - Free Time)
Free Studio version 5.1.4 (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Limited.)
Freemake Video Converter version 4.0.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.4 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.2 - Ellora Assets Corporation)
Freemake Youtube Mp3 Converter (HKLM-x32\...\Freemake Youtube Mp3 Converter_is1) (Version: 3.5.1 - Ellora Assets Corporation)
Freemake YouTube To MP3 Boom (HKLM-x32\...\Freemake YouTube To MP3 Boom_is1) (Version: 1.0.0 - Ellora Assets Corporation)
Freez FLV to AVI/MPEG/WMV Converter (HKLM-x32\...\Freez FLV to AVI/MPEG/WMV Converter v1.6_is1) (Version: 1.6 - www.smallvideosoft.com)
Google Chrome (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)
Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Hawken (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Hawken) (Version: - Meteor Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BB760C1D-98F4-4E38-8CC4-3B67329AA981}) (Version: 1.0.6.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
Hulu Desktop (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (x32 Version: 4.2.218.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
iWisoft Flash SWF to Video Converter 3.4 (HKLM-x32\...\iWisoft Flash SWF to Video Converter_is1) (Version: 3.4.0 - www.flash-swf-converter.com)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
Kodak AiO Software Patch (HKLM-x32\...\{A2879F30-135D-4744-97C0-9D5FCD3E8D34}) (Version: 7.6.12.20 - Eastman Kodak Company)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Learning Lodge Navigator (HKLM-x32\...\VTechDownloadManager) (Version: - VTech)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - )
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MKV to AVI Converter (HKLM-x32\...\{729E66B3-1B80-4F3F-8D19-342A89631E1A}_is1) (Version: - )
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPublisher (HKLM-x32\...\MyPublisher) (Version: - MyPublisher, Inc.)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.6.32 - Nike)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Octoshape Streaming Services (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Octoshape Streaming Services) (Version: - Octoshape ApS)
P@H-Protocol (HKLM-x32\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFMate Free PDF Merger 1.0.8 (HKLM-x32\...\PDFMate Free PDF Merger_is1) (Version: - pdfmate.com)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Perfect Resize 7.0.1 Professional Edition (HKLM-x32\...\{FCADA4FF-142C-42A8-B73C-0A54A7F83345}) (Version: 7.0.1 - onOne Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 - NewspaperDirect Inc.)
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.53.0 - Mediatek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RevTraxPrintMyCoupon (HKLM-x32\...\{19E8EBBF-55F3-41FB-AC8E-373BA0436939}) (Version: 1.0.0.0 - RevTrax) <==== ATTENTION
RockMelt (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\RockMelt) (Version: 0.16.91.483 - RockMelt, Inc.)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.0.0.4 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.0.0 - Shutterfly, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - )
Spotify (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version: - Cryptic Studios)
SWF to AVI (HKLM-x32\...\{3315B802-84C6-47BC-907A-9B77A4646197}_is1) (Version: - www.swftoavi.com)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.1 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Updater (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.35882 - Ask.com) <==== ATTENTION
VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC Streamer 2.51 (HKLM-x32\...\VLC Streamer_is1) (Version: - )
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Wondershare Dr.Fone for iOS(Build 4.1.1.5) (HKLM-x32\...\{A26F8BBD-EC10-4bdc-8AD8-F146825A8A63}_is1) (Version: 4.1.1.5 - Wondershare Software Co.,Ltd.)
XMedia Recode version 3.1.2.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.1.2.2 - XMedia Recode)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
02-09-2015 00:04:38 Scheduled Checkpoint
09-09-2015 01:47:22 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2015-07-29 18:53 - 00000128 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
⸰⸰⸰ऱ獭灳畬捭晡敥挮浯
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {080AD066-1532-4BC6-B584-32A3DF72750D} - System32\Tasks\HPCeeScheduleForIONGRAPHX$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {0FE88D3A-9B16-4A7E-A213-D5AB7BF063D9} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-21] (CyberLink)
Task: {158003A2-290C-4ECB-BE8E-503FDCA9A4F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2972E87A-4577-4122-9B51-1CE61D151706} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {30753F31-1FB7-49F5-83A8-252D74C2C177} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {333B0D89-14F7-43FB-A917-0F06F0DDF448} - System32\Tasks\{60A5FCC0-96EF-4439-840D-FD0AEE7AC45B} => pcalua.exe -a "C:\Users\Roberts Family\Downloads\FirmwareFlashLauncher.exe" -d "C:\Users\Roberts Family\Downloads"
Task: {4009F7F4-7B35-4F4A-A928-8EE725851CED} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-08-19] (RockMelt Inc.)
Task: {59CF60D2-C000-4F96-A3DD-6518DE80F8B5} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-12-23] () <==== ATTENTION
Task: {6F11749F-6893-4B49-8723-80D4B707707D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {792DB1AC-0811-457F-9446-7EC64DFB46EF} - System32\Tasks\{17629013-34CE-48BB-85AE-CFD33CADD85B} => pcalua.exe -a "C:\Users\Roberts Family\Downloads\64bit_Win7_Win8_Win81_R275.exe" -d "C:\Users\Roberts Family\Downloads"
Task: {83FEE5DD-CDD4-4B34-B94D-18C78472848D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {8998E8B3-DB39-4213-B7BB-53A7E96C130B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {97BD8FAF-8C7F-427E-A324-07AE61FEC6D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-08-27] (Hewlett-Packard)
Task: {98637FC5-1338-41E1-8E97-51AA9AB34DF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9F3BEA8B-E7A8-436A-9409-7535BB273C84} - System32\Tasks\AdobeAAMUpdater-1.0-IONGRAPHX-Roberts Family => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {A3CDDDF2-6C33-44F3-AAF9-5CD6B1BB2BCD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A7319C59-6135-493A-9CAB-21266F8313E8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-26] (Dropbox, Inc.)
Task: {CC295274-F2DD-4DF9-BEF6-514C9B924E66} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-26] (Dropbox, Inc.)
Task: {D191A647-4CC9-439C-BB0C-D3FBA9ECE6C3} - System32\Tasks\HPCeeScheduleForRoberts Family => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {DD02294F-0274-4BCA-A38E-A1B4A697F459} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP SoftPaq Installer => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe [2013-11-04] (Hewlett-Packard Company)
Task: {F3548499-6DEF-4119-9907-AFE2AD813FAE} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-08-19] (RockMelt Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIONGRAPHX$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRoberts Family.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-08-12 14:32 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-10-13 15:44 - 2011-10-13 15:44 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-07 23:10 - 2012-11-07 22:26 - 00377800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2010-02-03 09:36 - 2010-02-03 09:36 - 00087488 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2011-10-13 15:44 - 2011-10-13 15:44 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-10-13 16:01 - 2011-10-13 16:01 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-02 14:03 - 2011-11-02 14:03 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2009-06-17 11:40 - 2009-06-17 11:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 11:40 - 2009-06-17 11:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 11:40 - 2009-06-17 11:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-09 18:21 - 2015-09-09 18:21 - 00071168 ____N () c:\Users\Roberts Family\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphfumtw.dll
2015-08-26 08:40 - 2015-08-05 01:26 - 00012800 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-08-26 08:40 - 2015-08-05 01:26 - 00779776 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-26 08:40 - 2015-08-05 01:26 - 00056320 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-26 08:40 - 2015-08-05 01:26 - 00012288 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2012-02-09 22:46 - 2010-06-23 21:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2012-02-09 22:46 - 2010-07-13 09:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2012-02-09 22:46 - 2010-06-01 22:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2012-02-09 22:46 - 2010-06-01 22:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2012-11-07 23:10 - 2012-08-06 05:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2012-02-09 22:46 - 2010-06-01 22:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2012-02-09 22:46 - 2010-06-01 22:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2012-02-09 22:46 - 2010-07-05 05:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2012-02-09 22:46 - 2010-11-11 05:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2012-02-09 22:46 - 2010-06-02 01:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2011-08-28 17:19 - 2011-08-28 17:19 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2002-05-14 18:26 - 2002-05-14 18:26 - 00158208 _____ () C:\Program Files (x86)\CDisplay\UNRAR.DLL
2015-09-04 09:08 - 2015-08-27 20:17 - 01501512 _____ () C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-04 09:08 - 2015-08-27 20:17 - 00081224 _____ () C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-04 09:08 - 2015-08-27 20:17 - 16393032 _____ () C:\Users\Roberts Family\AppData\Local\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.59.247.45 - 208.59.247.46
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{83042AF0-5A5E-4CC3-B9FB-B5198A7E4DB8}] => (Allow) LPort=9322
FirewallRules: [{2782CFDE-CF11-4D6C-904E-7814F24F4753}] => (Allow) LPort=5353
FirewallRules: [TCP Query User{23D5A6B2-AF24-49B8-B930-94EEA0D7CC8C}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [UDP Query User{369CBD84-5416-4292-A2E5-F9A0B5F32C5B}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [TCP Query User{5B795AA6-6680-433F-BB6A-8CACD6B5189B}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{6EBFCC0E-599D-40F9-A978-BB5977239ADF}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [{2D2085EC-541E-4E41-91F1-0792C0F67C0B}] => (Allow) C:\Users\Roberts Family\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{8697E4C8-C6AD-4A90-8D5B-E90FD646A2D3}] => (Allow) C:\Users\Roberts Family\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{86A65A69-2AA0-4C31-B82F-6F3D1D5CA217}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EFF13437-5EBB-406F-990D-9BC956DB8694}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0BE3D82C-D0FF-4D34-AE76-8C4CA54F36A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{139FED09-7609-476D-AF95-16148EA4CFBB}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{AC5723B3-B969-4F1B-ACD5-72292C73AFB3}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{33FC73BB-D5F0-456F-9514-4053F2ED49FB}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{128A2D79-6662-4369-8CF8-7A7BB143BC7F}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47A69025-E1D3-444B-96F9-77A27B14A6EF}] => (Allow) LPort=5353
FirewallRules: [{960F7A65-D619-47CF-946A-2EF400DAA473}] => (Allow) LPort=9322
FirewallRules: [{5B4023D7-8E86-47C6-9AB0-70C12C9CFF75}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{0E3E83D1-8874-4A1C-96E9-1344B26B0DCF}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{4408FA2D-8C95-46DA-B0B0-77F993C76227}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{A0277DB0-1EF8-4668-9BC7-9A9A03EDB635}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{A4A8C19B-DBD4-4ABA-A2F8-E7884146F71C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{DA9CA7E7-5B4D-49C0-8C93-3573AF6315E3}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{64053710-C725-4204-8A60-B86934C9FA58}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{ADF0AB6D-A59A-41F1-97C7-82DD230F1F9F}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{58A89EFA-5A99-47B8-AC2B-C33E45E0C202}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{8E55F0BD-E9FF-424C-A37D-9DC02D11FADA}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [TCP Query User{BC7AE3A4-6545-4F5B-AEB9-123BC89404B9}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [UDP Query User{A7D80A96-C334-40F5-8C85-0B7E4AC688A8}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [TCP Query User{A4B5F6A5-1864-41AC-823E-D7EC670D75CF}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{08AEA3B2-FF02-4C5B-9900-E78BC068E7B5}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E1CEE0E8-83D9-4E42-BB4B-B4C2135423E5}C:\users\roberts family\downloads\pct\popcorn-time.exe] => (Allow) C:\users\roberts family\downloads\pct\popcorn-time.exe
FirewallRules: [UDP Query User{C11855E1-F790-4C58-AFF8-FB1CBAC7C687}C:\users\roberts family\downloads\pct\popcorn-time.exe] => (Allow) C:\users\roberts family\downloads\pct\popcorn-time.exe
FirewallRules: [{7183E2C6-04EC-48F1-AD52-1D44FE51F9DB}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2A5F1AD5-7543-44CD-900B-D9094B381ACA}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{18577929-7015-4F66-BCD2-0289B2486B55}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{D19BF8C7-4FC0-40B3-88F2-930575DFBBE8}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{0B134501-0508-46CE-834F-4AE89E53FBB8}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
FirewallRules: [{F35C6DB5-45CD-40E4-8A24-3B7C8E599CF4}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
FirewallRules: [{82FD62D0-F2A4-470A-964F-2557A49B6AC5}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{0D18EB4F-EBF2-4E9B-A399-F83A51011021}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [TCP Query User{0415A473-1E75-4683-93C9-114FC4A5B343}C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2792CDF3-A264-4A79-BA23-14367D869D07}C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F2D06F68-3E70-4334-858D-902A25A585BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0FC7D48E-7FEC-43C0-AF8E-D8D320C3C205}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{96033908-FE7A-4E6C-9D9C-898697ECCE64}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BC8A0CE6-5864-4442-A035-B81A360CFDA4}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0AF6F949-3E49-424A-9DE1-026F345B2DAF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BA7CAC52-158D-4DDA-9637-39715342C9DE}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/15/2015 08:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 07:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 06:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 05:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 04:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 03:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 02:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 01:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 12:05:14 PM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
Error: (09/15/2015 11:05:14 AM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
System errors:
=============
Error: (09/13/2015 02:33:42 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer LINKSYS31859
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BD87AFBD-6DA4-4C77-95F7-A56E0B2AAB7E}.
The master browser is stopping or an election is being forced.
Error: (09/13/2015 01:27:49 AM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer LINKSYS31859
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{BD87AFBD-6DA4-4C77-95F7-A56E0B2AAB7E}.
The master browser is stopping or an election is being forced.
Error: (09/09/2015 07:47:09 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
Error: (09/09/2015 06:19:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Media Center Extender Service service failed to start due to the following error:
%%1079
Error: (09/09/2015 06:19:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update service service failed to start due to the following error:
%%1053
Error: (09/09/2015 06:19:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Update service service to connect.
Error: (09/09/2015 06:19:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.
Error: (08/28/2015 05:19:00 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.
Error: (08/28/2015 05:19:00 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.
Error: (08/28/2015 05:19:00 PM) (Source: NetBT) (EventID: 4319) (User: )
Description: A duplicate name has been detected on the TCP network. The IP address of
the computer that sent the message is in the data. Use nbtstat -n in a
command window to see which name is in the Conflict state.
CodeIntegrity:
===================================
Date: 2011-07-26 10:54:02.180
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 15:19:56.811
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 14:46:11.599
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 13:41:13.199
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 13:25:39.086
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 13:08:11.866
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 12:48:12.826
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 10:57:17.998
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 10:14:06.341
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2011-07-25 09:41:19.989
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon II X4 645 Processor
Percentage of memory in use: 57%
Total physical RAM: 5887.29 MB
Available physical RAM: 2526.22 MB
Total Virtual: 11772.75 MB
Available Virtual: 5488.6 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:920.27 GB) (Free:286.92 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.15 GB) (Free:1.36 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive j: (ROBERTS HD) (Fixed) (Total:1863.01 GB) (Free:1461.69 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 2DE1A8EB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=920.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: F36F89A7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Edited by BIGROD, 16 September 2015 - 05:56 AM.