Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Google Chrome Freezing/Crashing

Chrome crashing malware Google

  • Please log in to reply

#1
BIGROD

BIGROD

    Member

  • Member
  • PipPip
  • 87 posts

When running the Chrome browser, one or more tabs will freeze when loading another. The browser never recovers and has to be shut down. This happens more when using Facebook and a video runs or auto-plays. I've re-booted, uninstalled/re-installed Chrome, run CCleaner, SpyHunter, etc. All to no avail. Has to be a malware issue, right? Any assistance is greatly appreciated. Thanks in advance.

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
Ran by Roberts Family (administrator) on IONGRAPHX (09-02-2016 10:49:05)
Running from C:\Users\Roberts Family\Desktop
Loaded Profiles: Roberts Family (Available Profiles: Roberts Family)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\TBDA820.tmp
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\TBDA65B.tmp
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Octoshape ApS) C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Spotify Ltd) C:\Users\Roberts Family\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(RockMelt Inc.) C:\Users\Roberts Family\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmprph.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXUX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfvista.exe
(David Ayton) C:\Program Files (x86)\CDisplay\CDisplay.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() Q:\140066.enu\Office14\EXCELC.EXE
() Q:\140066.enu\Office14\OffSpon.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-11-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [377800 2012-11-07] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [Nike+ Connect] => C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2015-02-01] (Nike)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Google Update] => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [RockMelt Update] => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [136336 2011-08-19] (RockMelt Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Spotify Web Helper] => C:\Users\Roberts Family\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-12-17] (Spotify Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-11-25] ()
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [6983768 2013-03-22] (SlySoft, Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [uTorrent] => C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe [2026520 2015-12-15] (BitTorrent Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Dropbox Update] => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-26] (Dropbox, Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Spotify] => C:\Users\Roberts Family\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-12-17] (Spotify Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [GoogleChromeAutoLaunch_404CB0ED4D5342B49CBD6BAE6FC58785] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-03] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-12-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{BD87AFBD-6DA4-4C77-95F7-A56E0B2AAB7E}: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> DefaultScope {4D643B2B-B043-4F6D-B426-1E10B87328F6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {4D643B2B-B043-4F6D-B426-1E10B87328F6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {9B97950D-482C-1D79-568F-FC7B9D40C785} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z192&form=ZGAIDF&install_date=20110812&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {36103610-3232-3610-3610-323236103610} hxxps://sharecenter.myngc.com/im7/webdav/otdavview361.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-25] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu LLC)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @talk.google.com/O1DPlugin -> C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @us-w1.rockmelt.com/RockMelt Update;version=8 -> C:\Users\Roberts Family\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll [2011-08-19] (RockMelt Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-25] (Pando Networks)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: revtrax.com/RevTraxPrintMyCoupon -> C:\Users\Roberts Family\AppData\Roaming\RevTrax\RevTraxPrintMyCoupon\1.0.0.0\npRevTraxPrintMyCoupon.dll [2014-10-15] (RevTrax)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009-05-01] (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-09-10] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009-05-01] (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-06-15] (Octoshape ApS)
FF SearchPlugin: C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\searchplugins\bing-zugo.xml [2011-08-12]
FF Extension: DivX Web Player - C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\extensions\[email protected] [2011-07-26] [not signed]
FF Extension: Greasemonkey - C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-08-05] [not signed]
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected] [2014-02-04] [not signed]
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected] [2014-02-04] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-10-07] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi => not found
 
Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dropbox for Gmail) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-17]
CHR Extension: (Freemake Youtube Download Button) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh [2013-06-22]
CHR Extension: (Avira Browser Safety) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-01-27]
CHR Extension: (AdBlock) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [aaaapoldfpilohhfkhihnhdckpackghi] - C:\Users\Roberts Family\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.29.0.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-02-04]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-02-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-10-13] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-02-04] (Ellora Assets Corp.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-04] (Nalpeiron Ltd.) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-01-13] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)
S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55424 2011-06-24] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-09-18] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-09-18] ()
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2486416 2014-12-31] (MediaTek Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-09 10:47 - 2016-02-09 10:47 - 00000000 ____D C:\Users\Roberts Family\Desktop\FRST-OlderVersion
2016-02-09 08:28 - 2016-02-09 10:33 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-09 08:28 - 2016-02-09 08:33 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-09 08:28 - 2016-02-09 08:28 - 00003910 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-09 08:28 - 2016-02-09 08:28 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-09 08:28 - 2016-02-09 08:28 - 00002286 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-09 08:28 - 2016-02-09 08:28 - 00002257 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-09 07:43 - 2016-02-09 07:43 - 00000000 ____D C:\Windows\LastGood
2016-02-08 10:50 - 2016-02-08 10:50 - 00001068 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-08 10:50 - 2016-02-08 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-02-08 10:49 - 2016-02-08 10:49 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-02-08 10:38 - 2016-02-08 10:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Roberts Family\Downloads\MicrosoftFixit.WinMediaPlayer.RNP.Run.exe
2016-02-05 19:18 - 2016-02-05 19:31 - 365433572 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E07.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:31 - 365348576 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E09.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:31 - 365137178 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E06.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:31 - 364692524 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E04.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:30 - 365403626 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E05.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:30 - 365361612 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E08.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:17 - 2016-02-05 19:32 - 365439056 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E03.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:17 - 2016-02-05 19:32 - 365406764 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E02.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:17 - 2016-02-05 19:31 - 269859594 ____R C:\Users\Roberts Family\Downloads\the.flash.2014.201.hdtv-lol[ettv].mp4
2016-02-04 20:08 - 2016-02-04 22:41 - 927814042 _____ C:\Users\Roberts Family\Downloads\BONTONMK15.mkv
2016-02-02 15:44 - 2016-02-02 15:44 - 00127885 _____ C:\Users\Roberts Family\Desktop\2015 Real Estate Tax Receipt.pdf
2016-01-29 12:26 - 2016-02-08 12:33 - 00000000 ____D C:\Users\Roberts Family\Downloads\VIBE and MAGNUM EVENTS
2016-01-28 13:26 - 2016-01-28 13:26 - 00208778 _____ C:\Users\Roberts Family\Downloads\RCN Statement 3901-0410807-02.2016-01-14.8937 (1).pdf
2016-01-28 13:23 - 2016-01-28 13:23 - 00208778 _____ C:\Users\Roberts Family\Downloads\RCN Statement 3901-0410807-02.2016-01-14.8937.pdf
2016-01-28 10:06 - 2016-01-28 10:06 - 00104184 _____ C:\Users\Roberts Family\Downloads\Annual Statement 2015.pdf
2016-01-28 10:04 - 2016-01-28 10:04 - 00012297 _____ C:\Users\Roberts Family\Downloads\2015 Year End Tax Package_01_22_2016.pdf
2016-01-27 11:46 - 2016-01-27 11:46 - 36837842 _____ C:\Users\Roberts Family\Downloads\Jupiter's Circle Vol. 2 03 (of 06) (2016) (digital) (Minutemen-Spaztastic).cbr
2016-01-27 11:46 - 2016-01-27 11:46 - 27506000 _____ C:\Users\Roberts Family\Downloads\Saga 033 (2016) (digital) (Minutemen-Spaztastic).cbr
2016-01-20 11:53 - 2016-01-20 12:30 - 1151949462 _____ C:\Users\Roberts Family\Downloads\TR.2015.DVDSCR.XviD.AC3-VAiN.mp4
2016-01-19 20:55 - 2016-01-19 20:55 - 00074695 _____ C:\Users\Roberts Family\Downloads\HealthReport-01-20-2016.pdf
2016-01-19 20:55 - 2016-01-19 20:55 - 00074695 _____ C:\Users\Roberts Family\Desktop\HealthReport-01-20-2016 (1).pdf
2016-01-19 08:20 - 2016-01-19 08:24 - 598943599 _____ C:\Users\Roberts Family\Downloads\Batman.Bad.Blood.2016.720p.WEBRip.x264.AAC-ETRG.mp4
2016-01-18 13:09 - 2016-01-18 13:09 - 00000000 ____D C:\Users\Roberts Family\Downloads\testdisk-7.0.win
2016-01-18 13:05 - 2016-01-18 13:05 - 12444088 _____ C:\Users\Roberts Family\Downloads\testdisk-7.0.win.zip
2016-01-18 12:18 - 2016-01-18 12:18 - 00004718 _____ C:\native log.txt
2016-01-14 10:54 - 2016-01-14 11:49 - 1597421206 _____ C:\Users\Roberts Family\Downloads\S-p-e-c-t-r-e.2015.DVDRip.XviD.AC3-EVO.avi
2016-01-14 10:53 - 2016-01-14 19:30 - 1334231156 _____ C:\Users\Roberts Family\Downloads\TR.2015.DVDSCR.XviD.AC3-VAiN (1).avi
2016-01-13 13:21 - 2016-01-13 13:29 - 39217943 _____ C:\Users\Roberts Family\Downloads\Superman - American Alien 003 (2016) (Webrip) (The Last Kryptonian-DCP).cbr
2016-01-13 13:08 - 2016-01-13 13:08 - 00000000 ___HD C:\5DEXdjaJvcSyMIOO
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-09 10:49 - 2015-09-15 19:47 - 00041555 _____ C:\Users\Roberts Family\Desktop\FRST.txt
2016-02-09 10:49 - 2015-09-15 19:46 - 00000000 ____D C:\FRST
2016-02-09 10:47 - 2015-09-15 19:45 - 02370560 _____ (Farbar) C:\Users\Roberts Family\Desktop\FRST64.exe
2016-02-09 10:41 - 2015-08-26 07:36 - 00000954 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job
2016-02-09 10:31 - 2012-04-22 17:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-09 10:27 - 2011-07-26 11:46 - 00000944 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job
2016-02-09 10:05 - 2011-08-19 11:00 - 00000964 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job
2016-02-09 09:26 - 2015-09-29 07:27 - 00003240 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRoberts Family
2016-02-09 09:26 - 2015-09-29 07:27 - 00000368 _____ C:\Windows\Tasks\HPCeeScheduleForRoberts Family.job
2016-02-09 08:40 - 2015-08-26 07:35 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job
2016-02-09 08:33 - 2014-07-21 15:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-09 08:28 - 2011-07-26 11:20 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-09 08:25 - 2015-08-06 16:50 - 00000000 __SHD C:\Users\Roberts Family\AppData\LocalLow\EmieBrowserModeList
2016-02-09 08:25 - 2015-08-06 16:50 - 00000000 __SHD C:\Users\Roberts Family\AppData\Local\EmieBrowserModeList
2016-02-09 08:25 - 2014-06-16 13:59 - 00000000 __SHD C:\Users\Roberts Family\AppData\LocalLow\EmieUserList
2016-02-09 08:25 - 2014-06-16 13:59 - 00000000 __SHD C:\Users\Roberts Family\AppData\LocalLow\EmieSiteList
2016-02-09 08:25 - 2014-06-16 13:59 - 00000000 __SHD C:\Users\Roberts Family\AppData\Local\EmieUserList
2016-02-09 08:25 - 2014-06-16 13:59 - 00000000 __SHD C:\Users\Roberts Family\AppData\Local\EmieSiteList
2016-02-09 07:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-02-09 04:35 - 2011-07-26 11:46 - 00000892 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job
2016-02-09 02:00 - 2011-08-14 19:26 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\Adobe
2016-02-08 21:24 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-08 21:24 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-08 18:55 - 2012-11-15 10:55 - 00000000 ____D C:\ProgramData\Kodak
2016-02-08 14:11 - 2011-07-28 08:18 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\uTorrent
2016-02-08 14:11 - 2011-07-25 14:51 - 00000000 ____D C:\Windows\Minidump
2016-02-08 14:11 - 2011-07-24 13:35 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\CrashDumps
2016-02-08 12:30 - 2012-05-20 11:41 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\vlc
2016-02-08 12:05 - 2011-08-19 11:00 - 00000912 _____ C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job
2016-02-08 10:42 - 2011-07-24 12:32 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\ElevatedDiagnostics
2016-02-07 12:36 - 2011-07-29 20:08 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\SoftGrid Client
2016-02-05 20:46 - 2016-01-06 09:33 - 00432620 _____ C:\Users\Roberts Family\Downloads\~uTorrentPartFile_667ADC52.dat
2016-02-05 20:46 - 2016-01-05 09:36 - 00114928 _____ C:\Users\Roberts Family\Downloads\~uTorrentPartFile_3BA5B8.dat
2016-02-05 20:46 - 2016-01-05 09:35 - 00098460 _____ C:\Users\Roberts Family\Downloads\~uTorrentPartFile_260F83.dat
2016-02-02 15:46 - 2011-04-02 00:38 - 00000000 ____D C:\ProgramData\PDFC
2016-02-02 04:22 - 2011-07-26 11:46 - 00003932 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA
2016-02-02 04:22 - 2011-07-26 11:46 - 00003536 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core
2016-01-29 13:16 - 2011-08-08 10:37 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\DC++
2016-01-29 13:16 - 2011-08-08 10:37 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\DC++
2016-01-22 21:33 - 2012-11-17 20:29 - 00003220 _____ C:\Windows\System32\Tasks\HPCeeScheduleForIONGRAPHX$
2016-01-22 21:33 - 2012-11-17 20:29 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForIONGRAPHX$.job
2016-01-22 12:54 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2016-01-19 14:31 - 2012-04-22 17:07 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-19 14:31 - 2012-04-22 17:07 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-19 14:31 - 2011-07-26 09:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-18 13:50 - 2012-11-25 15:31 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\PMB Files
2016-01-18 13:23 - 2012-10-08 17:03 - 00000000 ___RD C:\Users\Roberts Family\Dropbox
2016-01-18 13:23 - 2012-10-08 16:59 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Dropbox
2016-01-18 13:22 - 2012-08-07 20:28 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Skype
2016-01-18 13:22 - 2011-08-17 10:44 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Spotify
2016-01-18 13:21 - 2011-08-17 10:44 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\Spotify
2016-01-18 13:19 - 2013-06-23 12:48 - 00000040 ___SH C:\ProgramData\.zreglib
2016-01-18 13:19 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-18 12:20 - 2014-08-12 15:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-18 11:31 - 2015-12-29 16:27 - 00011562 _____ C:\Users\Roberts Family\Downloads\~uTorrentPartFile_9F9F7.dat
2016-01-18 11:29 - 2016-01-04 19:21 - 00066473 _____ C:\Users\Roberts Family\Desktop\Roberts_Bingel Upward roster info.xlsx
2016-01-14 09:41 - 2013-01-12 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-01-13 10:10 - 2015-09-18 12:11 - 00003364 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2016-01-13 10:10 - 2015-09-18 12:11 - 00001089 _____ C:\Users\Roberts Family\Desktop\SpyHunter.lnk
 
==================== Files in the root of some directories =======
 
2012-05-23 22:28 - 2012-05-23 22:32 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe GIF Format CS5 Prefs
2013-03-02 08:40 - 2013-03-02 08:41 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe GIF Format CS6 Prefs
2013-12-19 13:22 - 2013-12-19 13:22 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2011-08-31 10:36 - 2012-09-16 23:21 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-10-22 15:08 - 2015-04-23 16:44 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-12-18 15:04 - 2012-12-21 20:11 - 0000580 _____ () C:\Users\Roberts Family\AppData\Local\cookies.ini
2012-11-15 22:55 - 2013-10-17 21:39 - 0029876 _____ () C:\Users\Roberts Family\AppData\Local\installer.log
2013-06-23 12:48 - 2016-01-18 13:19 - 0000040 ___SH () C:\ProgramData\.zreglib
 
Some files in TEMP:
====================
C:\Users\Roberts Family\AppData\Local\Temp\avgnt.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-02-08 00:26
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016
Ran by Roberts Family (2016-02-09 10:49:41)
Running from C:\Users\Roberts Family\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-07-24 16:06:53)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4190836313-3339163880-859448109-500 - Administrator - Disabled)
Guest (S-1-5-21-4190836313-3339163880-859448109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4190836313-3339163880-859448109-1002 - Limited - Enabled)
Roberts Family (S-1-5-21-4190836313-3339163880-859448109-1001 - Administrator - Enabled) => C:\Users\Roberts Family
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
AMD Catalyst Install Manager (HKLM\...\{6F483F38-6162-7606-1D0B-054852C8E011}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.1.7.0 - SlySoft)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC++ 0.782 (HKLM-x32\...\DC++) (Version: 0.782 - Jacek Sieka)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileZilla Client 3.5.1 (HKLM-x32\...\FileZilla Client) (Version: 3.5.1 - FileZilla Project)
FormatFactory 2.95 (HKLM-x32\...\FormatFactory) (Version: 2.95 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hawken (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Hawken) (Version:  - Meteor Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BB760C1D-98F4-4E38-8CC4-3B67329AA981}) (Version: 1.0.6.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
Hulu Desktop (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (x32 Version: 4.2.218.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
Kodak AiO Software Patch (HKLM-x32\...\{A2879F30-135D-4744-97C0-9D5FCD3E8D34}) (Version: 7.6.12.20 - Eastman Kodak Company)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Learning Lodge Navigator (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPublisher (HKLM-x32\...\MyPublisher) (Version:  - MyPublisher, Inc.)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.6.32 - Nike)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Octoshape Streaming Services (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
[email protected] (HKLM-x32\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Perfect Resize 7.0.1 Professional Edition (HKLM-x32\...\{FCADA4FF-142C-42A8-B73C-0A54A7F83345}) (Version: 7.0.1 - onOne Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.53.0 - Mediatek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RockMelt (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\RockMelt) (Version: 0.16.91.483 - RockMelt, Inc.)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.0.0.4 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.0.0 - Shutterfly, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - )
Spotify (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.1 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {080AD066-1532-4BC6-B584-32A3DF72750D} - System32\Tasks\HPCeeScheduleForIONGRAPHX$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {0FAC4C45-7793-42C2-81CE-71830EBFDE29} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {0FE88D3A-9B16-4A7E-A213-D5AB7BF063D9} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-21] (CyberLink)
Task: {1677C084-4E5E-4C41-93C0-385B15C4FB09} - System32\Tasks\HPCeeScheduleForRoberts Family => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {2972E87A-4577-4122-9B51-1CE61D151706} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {2C3B5F51-3E2A-40C5-BFEF-D8FE64807936} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {333B0D89-14F7-43FB-A917-0F06F0DDF448} - System32\Tasks\{60A5FCC0-96EF-4439-840D-FD0AEE7AC45B} => pcalua.exe -a "C:\Users\Roberts Family\Downloads\FirmwareFlashLauncher.exe" -d "C:\Users\Roberts Family\Downloads"
Task: {4009F7F4-7B35-4F4A-A928-8EE725851CED} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-08-19] (RockMelt Inc.)
Task: {62EA48E0-A225-466F-AA22-D50716448004} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {674506B8-98AE-4A2C-B6CF-8A28070F35FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {6F11749F-6893-4B49-8723-80D4B707707D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {762039B2-AE41-49D6-AA4F-A7346762A434} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {792DB1AC-0811-457F-9446-7EC64DFB46EF} - System32\Tasks\{17629013-34CE-48BB-85AE-CFD33CADD85B} => pcalua.exe -a "C:\Users\Roberts Family\Downloads\64bit_Win7_Win8_Win81_R275.exe" -d "C:\Users\Roberts Family\Downloads"
Task: {83FEE5DD-CDD4-4B34-B94D-18C78472848D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {8998E8B3-DB39-4213-B7BB-53A7E96C130B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated)
Task: {902FF9A5-503B-4C1C-BCD2-08F4871A726F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {9F3BEA8B-E7A8-436A-9409-7535BB273C84} - System32\Tasks\AdobeAAMUpdater-1.0-IONGRAPHX-Roberts Family => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {A1B1E3CE-05BB-4951-9D58-4D5E9D0B41F7} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-01-13] (Enigma Software Group USA, LLC.)
Task: {A7319C59-6135-493A-9CAB-21266F8313E8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-26] (Dropbox, Inc.)
Task: {CC295274-F2DD-4DF9-BEF6-514C9B924E66} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-26] (Dropbox, Inc.)
Task: {D3533798-4BE1-489A-ADBA-AA293195D945} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {DD79761E-359B-4CE2-ACC3-1882A5B738A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-09] (Google Inc.)
Task: {EB679145-4CD4-4765-8D85-82C5A9AE83FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {F3548499-6DEF-4119-9907-AFE2AD813FAE} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-08-19] (RockMelt Inc.)
Task: {F3E541B1-51BE-41E3-971E-F270B3A6BE02} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-09] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIONGRAPHX$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRoberts Family.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-08-12 13:32 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-10-13 14:44 - 2011-10-13 14:44 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-02-03 08:36 - 2010-02-03 08:36 - 00087488 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2012-11-07 22:10 - 2012-11-07 21:26 - 00377800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2011-10-13 14:44 - 2011-10-13 14:44 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-10-13 15:01 - 2011-10-13 15:01 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-02 13:03 - 2011-11-02 13:03 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-08-31 11:23 - 2011-05-23 02:49 - 00173568 _____ () C:\Windows\system32\xvid.ax
2011-08-31 11:23 - 2011-05-23 02:45 - 00696832 _____ () C:\Windows\system32\xvidcore.dll
2010-02-28 01:33 - 2010-02-28 01:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2009-06-17 10:40 - 2009-06-17 10:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 10:40 - 2009-06-17 10:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 10:40 - 2009-06-17 10:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2012-02-09 21:46 - 2010-06-23 20:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2012-02-09 21:46 - 2010-07-13 08:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2012-02-09 21:46 - 2010-06-01 21:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2012-02-09 21:46 - 2010-06-01 21:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2012-11-07 22:10 - 2012-08-06 04:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2012-02-09 21:46 - 2010-06-01 21:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2012-02-09 21:46 - 2010-06-01 21:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2012-02-09 21:46 - 2010-07-05 04:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2012-02-09 21:46 - 2010-11-11 04:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2012-02-09 21:46 - 2010-06-02 00:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2015-12-12 10:44 - 2015-10-30 19:59 - 00034768 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00019408 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00022848 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Crypto.Random.OSRNG.winrandom.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00023352 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Crypto.Util._counter.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00042296 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Crypto.Cipher._AES.pyd
2015-12-12 10:44 - 2015-10-30 19:59 - 00116688 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 10:44 - 2015-10-30 19:59 - 00093640 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 10:44 - 2015-10-30 19:59 - 00018376 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00019760 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00105928 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-12 10:44 - 2015-10-30 19:59 - 00392144 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-12 10:44 - 2015-12-08 16:36 - 00381752 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 10:44 - 2015-10-30 19:59 - 00692688 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00020816 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00109520 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 01737032 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00020808 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00020800 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00021840 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00038696 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00024528 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00020936 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00114640 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00021320 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00124880 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32file.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00030160 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00043472 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00175560 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00028616 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00024016 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00048592 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00024392 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00036296 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-12 10:44 - 2015-10-30 20:00 - 00024016 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32profile.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00117056 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00023376 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 10:44 - 2015-10-30 19:59 - 00134608 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-12 10:44 - 2015-10-30 19:59 - 00134088 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00240584 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00020280 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00052024 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00021304 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Crypto.Util.strxor.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00350152 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00084792 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-12 10:44 - 2015-12-08 16:36 - 01826608 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 10:44 - 2015-10-30 20:00 - 00083912 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 03891504 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 01950000 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00519984 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00133936 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00225080 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00207672 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00024904 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00486704 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-12 10:44 - 2015-12-08 16:36 - 00357680 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-08-26 07:40 - 2015-10-30 20:01 - 00019920 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-08-26 07:40 - 2015-10-30 20:00 - 00786904 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-26 07:40 - 2015-10-30 20:00 - 00063448 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-26 07:40 - 2015-10-30 20:00 - 00019408 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2011-08-28 16:19 - 2011-08-28 16:19 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2002-05-14 17:26 - 2002-05-14 17:26 - 00158208 _____ () C:\Program Files (x86)\CDisplay\UNRAR.DLL
2016-01-20 19:00 - 2016-01-20 19:00 - 00144832 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2016-01-20 19:02 - 2016-01-20 19:02 - 02632640 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2016-01-20 19:02 - 2016-01-20 19:02 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2016-01-20 19:02 - 2016-01-20 19:02 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00078272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 02198464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00598464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00334784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 01265600 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00242624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2016-01-20 19:02 - 2016-01-20 19:02 - 11997632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2016-01-20 19:02 - 2016-01-20 19:02 - 00261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2016-01-20 19:02 - 2016-01-20 19:02 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2016-01-20 19:02 - 2016-01-20 19:02 - 00298944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 01291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 02668480 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00370112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 14929344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00789952 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00746432 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00125376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00064448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00030656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 01504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2016-01-20 19:00 - 2016-01-20 19:00 - 00108992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00140224 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00176576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00067520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00029632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2016-01-20 19:01 - 2016-01-20 19:01 - 00034240 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2016-02-09 08:28 - 2016-02-03 02:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-09 08:28 - 2016-02-03 02:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Roberts Family\Downloads\Force Awakens (Star Wars), The - Alan Dean Foster.epub:com.dropbox.attributes
AlternateDataStreams: C:\Users\Roberts Family\Downloads\Greg Rucka - Star Wars; The Force Awakens - Before the Awakening [Delshady Digital].epub:com.dropbox.attributes
AlternateDataStreams: C:\Users\Roberts Family\Downloads\Journey to Star Wars_ The Force Awakens Lost Stars - Claudia Gray & Phil Noto.epub:com.dropbox.attributes
AlternateDataStreams: C:\Users\Roberts Family\Downloads\Star Wars Journey to the Force Awakens - The Perfect Weapon.epub:com.dropbox.attributes
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2015-12-15 21:55 - 00000052 ____N C:\Windows\system32\Drivers\etc\hosts
 
㈱⸷⸰⸰‱†††潬慣桬獯൴㨊ㄺ†††氠捯污潨瑳਍਍
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.59.247.45 - 208.59.247.46
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{83042AF0-5A5E-4CC3-B9FB-B5198A7E4DB8}] => (Allow) LPort=9322
FirewallRules: [{2782CFDE-CF11-4D6C-904E-7814F24F4753}] => (Allow) LPort=5353
FirewallRules: [TCP Query User{23D5A6B2-AF24-49B8-B930-94EEA0D7CC8C}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [UDP Query User{369CBD84-5416-4292-A2E5-F9A0B5F32C5B}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [TCP Query User{5B795AA6-6680-433F-BB6A-8CACD6B5189B}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{6EBFCC0E-599D-40F9-A978-BB5977239ADF}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [{2D2085EC-541E-4E41-91F1-0792C0F67C0B}] => (Allow) C:\Users\Roberts Family\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{8697E4C8-C6AD-4A90-8D5B-E90FD646A2D3}] => (Allow) C:\Users\Roberts Family\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{86A65A69-2AA0-4C31-B82F-6F3D1D5CA217}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EFF13437-5EBB-406F-990D-9BC956DB8694}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0BE3D82C-D0FF-4D34-AE76-8C4CA54F36A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{139FED09-7609-476D-AF95-16148EA4CFBB}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{AC5723B3-B969-4F1B-ACD5-72292C73AFB3}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{33FC73BB-D5F0-456F-9514-4053F2ED49FB}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{128A2D79-6662-4369-8CF8-7A7BB143BC7F}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47A69025-E1D3-444B-96F9-77A27B14A6EF}] => (Allow) LPort=5353
FirewallRules: [{960F7A65-D619-47CF-946A-2EF400DAA473}] => (Allow) LPort=9322
FirewallRules: [{5B4023D7-8E86-47C6-9AB0-70C12C9CFF75}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{0E3E83D1-8874-4A1C-96E9-1344B26B0DCF}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{4408FA2D-8C95-46DA-B0B0-77F993C76227}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{A0277DB0-1EF8-4668-9BC7-9A9A03EDB635}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{A4A8C19B-DBD4-4ABA-A2F8-E7884146F71C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{DA9CA7E7-5B4D-49C0-8C93-3573AF6315E3}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{64053710-C725-4204-8A60-B86934C9FA58}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{ADF0AB6D-A59A-41F1-97C7-82DD230F1F9F}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{58A89EFA-5A99-47B8-AC2B-C33E45E0C202}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{8E55F0BD-E9FF-424C-A37D-9DC02D11FADA}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [TCP Query User{BC7AE3A4-6545-4F5B-AEB9-123BC89404B9}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [UDP Query User{A7D80A96-C334-40F5-8C85-0B7E4AC688A8}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [TCP Query User{A4B5F6A5-1864-41AC-823E-D7EC670D75CF}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{08AEA3B2-FF02-4C5B-9900-E78BC068E7B5}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E1CEE0E8-83D9-4E42-BB4B-B4C2135423E5}C:\users\roberts family\downloads\pct\popcorn-time.exe] => (Allow) C:\users\roberts family\downloads\pct\popcorn-time.exe
FirewallRules: [UDP Query User{C11855E1-F790-4C58-AFF8-FB1CBAC7C687}C:\users\roberts family\downloads\pct\popcorn-time.exe] => (Allow) C:\users\roberts family\downloads\pct\popcorn-time.exe
FirewallRules: [{7183E2C6-04EC-48F1-AD52-1D44FE51F9DB}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2A5F1AD5-7543-44CD-900B-D9094B381ACA}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B134501-0508-46CE-834F-4AE89E53FBB8}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
FirewallRules: [{F35C6DB5-45CD-40E4-8A24-3B7C8E599CF4}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
FirewallRules: [{82FD62D0-F2A4-470A-964F-2557A49B6AC5}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{0D18EB4F-EBF2-4E9B-A399-F83A51011021}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [TCP Query User{0415A473-1E75-4683-93C9-114FC4A5B343}C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2792CDF3-A264-4A79-BA23-14367D869D07}C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F2D06F68-3E70-4334-858D-902A25A585BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0FC7D48E-7FEC-43C0-AF8E-D8D320C3C205}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{96033908-FE7A-4E6C-9D9C-898697ECCE64}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BC8A0CE6-5864-4442-A035-B81A360CFDA4}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [{AA496015-9666-40D2-A1DE-B27650801C23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E649FE0D-9FB2-44C8-B363-842BD7A16679}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{68C4A8D4-A94B-4F3C-9EE4-6E960280CABE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C64055BF-37ED-452D-95F3-3645CEF7A64F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4DE50F88-A372-4864-A982-6B352B3D4748}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{CC7C963E-79E6-452D-9FCF-083E7C444171}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FE599367-3E19-4D20-A130-0C2D6677D463}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{65584391-FC3F-443F-90F7-C20A68100823}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{18577929-7015-4F66-BCD2-0289B2486B55}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{D19BF8C7-4FC0-40B3-88F2-930575DFBBE8}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{9B117375-A3C6-413C-B3FE-14693BC292AA}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{D504A0BA-DC74-40CC-B9F1-C6E3DB148414}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{0186522C-82EC-4169-8644-202809122F56}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
18-01-2016 15:53:55 Scheduled Checkpoint
26-01-2016 02:00:50 Scheduled Checkpoint
02-02-2016 17:51:19 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/09/2016 10:05:14 AM) (Source: Google Update) (EventID: 20) (User: IONGRAPHX)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072
 
Error: (02/09/2016 09:30:54 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/09/2016 09:30:46 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/09/2016 09:30:39 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/09/2016 09:30:32 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/09/2016 09:30:24 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/09/2016 09:30:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/09/2016 09:30:10 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/09/2016 09:30:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/09/2016 09:29:55 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
 
System errors:
=============
Error: (02/09/2016 09:30:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:30:49 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:30:42 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:30:35 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:30:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:30:20 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:30:13 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:30:06 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:29:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/09/2016 09:29:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
 
CodeIntegrity:
===================================
  Date: 2011-07-26 10:54:02.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 15:19:56.811
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 14:46:11.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 13:41:13.199
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 13:25:39.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 13:08:11.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 12:48:12.826
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 10:57:17.998
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 10:14:06.341
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 09:41:19.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X4 645 Processor
Percentage of memory in use: 68%
Total physical RAM: 5887.29 MB
Available physical RAM: 1880.13 MB
Total Virtual: 16988.55 MB
Available Virtual: 8303.96 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.27 GB) (Free:264.45 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.15 GB) (Free:1.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive j: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:521.39 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 6 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1CF30505)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

Edited by BIGROD, 09 February 2016 - 09:54 AM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Try changing the New Tab page to a blank page.

 

http://dottech.org/1...-on-chrome-tip/

 

Sometimes Chrome will pick up a favorite page that causes problems.  Also if you can get the New Tab page to come up once without a problem you can hit the little x in the corner of each page icon and delete them.  If that doesn't help come back and we will run some more scans.


  • 0

#3
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts

Still doing it. Seems to do it mostly in Facebook when a video is played. Don't think it is the Flash Player though. It's not happening with all videos.


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP
You have out of date Java:
 
Java 8 Update 45 
JavaFX 2.1.1 
 
Uninstall then if you know you must have Java you can get the latest at www.java.com.  Make sure you uncheck the "optional" downloads like McAfee Security Scan or yahoo Toolbar.  Most people do not need Java and it has been very vulnerable to malware attacks so we do not recommend you reinstall it.
 
Also uninstall:
 
McAfee Security Scan Plus 
 
Pando Media Booster
 
Rockmelt - a discontinued proprietary social media web browser 
 
Skype Click to Call (This is the annoying thing that changes every random 10 digit number into a telephone number.  Removing it does not hurt Skype.)
 
Yahoo! Detect
 
Are you using Norton Online Backup?
 
If not uninstall it.
 
Have you tried disabling the Freemake stuff in Chrome?
 
Download the attached fixlist file and save it in the same folder where FRST lives.
 
[attachment=80299:fixlist.txt]
 
Right click on FRST and Run as Admin then hit the Fix button.  PC will reboot and create a fixlog.  Please Copy and paste the text into a Reply.
 
 
Save it then right click and Run As Admin.  Says Yes and hit Scan.  If it crashes on you try it again but tell it NO to Virtualization and uncheck the Trace Disk I/O Calls.  It will create a log when it finishes.  Please copy and paste it to a Reply (Separate Replies are fine).
 
 
Get the Junkware Removal Tool from https://www.malwareb...areremovaltool/
Run it by right click and Run As Admin.  
 
Reboot
 
Start, All Programs, Accessories,  right click on Command Prompt and Run As Admin.  Type (with an Enter after the line):
 
sfc  /scannow

Will take about 10 minutes for the prompt to return.  (This will check your critical system files. Does this finish without complaint?  IF it says it couldn't fix everything then:

 
Copy the next two lines:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt 
notepad \windows\logs\cbs\junk.txt 
 
Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)
 
 
In any case do the next steps:
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.
 
 (Second time you run vew it will overwrite the first log so copy it to a reply or rename it first.)
 
Run FRST again (right click and Run As Admin) , check Addition.txt  then SCAN.  Copy and paste both logs.
 
 

 


  • 0

#5
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts

I uninstalled the listed programs, but stopped there. I don't see the attached fixlist file you're referring to.


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

[attachment=80300:fixlist.txt]


  • 0

#7
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Got as far as this:

"Right click on FRST and Run as Admin then hit the Fix button. PC will reboot and create a fixlog. Please Copy and paste the text into a Reply."

PC attempted to reboot. Now I have a "BOOTMGR is missing. Press CTRL+ALT+DEL to restart" prompt. Can't even boot my machine now.
  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Don't see what the fixlist could have done to the bootmanager.  See if anything here helps:

 

http://pcsupport.abo...-is-missing.htm


  • 0

#9
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Fix result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
Ran by Roberts Family (2016-02-22 08:44:57) Run:2
Running from C:\Users\Roberts Family\Desktop
Loaded Profiles: Roberts Family (Available Profiles: Roberts Family)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Google Update] => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-11-25] ()
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [GoogleChromeAutoLaunch_404CB0ED4D5342B49CBD6BAE6FC58785] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-02-03] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-12-15]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe (McAfee, Inc.)
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
earchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> DefaultScope {4D643B2B-B043-4F6D-B426-1E10B87328F6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {4D643B2B-B043-4F6D-B426-1E10B87328F6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-26] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-26] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-25] (Pando Networks)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2012-11-25] (Pando Networks)
FF SearchPlugin: C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\searchplugins\bing-zugo.xml [2011-08-12]
FF HKLM-x32\...\Firefox\Extensions: [{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}] - C:\Program Files (x86)\Coupons.com CouponBar\firefox\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D}\Coupons.com.xpi => not found
CHR HKLM-x32\...\Chrome\Extension: [aaaapoldfpilohhfkhihnhdckpackghi] - C:\Users\Roberts Family\AppData\Local\APN\GoogleCRXs\aaaapoldfpilohhfkhihnhdckpackghi_7.15.29.0.crx <not found>
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.266\McCHSvc.exe [289256 2015-12-02] (McAfee, Inc.)
S2 CouponPrinterService; C:\Program Files (x86)\Coupons\CouponPrinterService.exe [X]
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
Task: {333B0D89-14F7-43FB-A917-0F06F0DDF448} - System32\Tasks\{60A5FCC0-96EF-4439-840D-FD0AEE7AC45B} => pcalua.exe -a "C:\Users\Roberts Family\Downloads\FirmwareFlashLauncher.exe" -d "C:\Users\Roberts Family\Downloads"
Task: {4009F7F4-7B35-4F4A-A928-8EE725851CED} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-08-19] (RockMelt Inc.)
Task: {6F11749F-6893-4B49-8723-80D4B707707D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {792DB1AC-0811-457F-9446-7EC64DFB46EF} - System32\Tasks\{17629013-34CE-48BB-85AE-CFD33CADD85B} => pcalua.exe -a "C:\Users\Roberts Family\Downloads\64bit_Win7_Win8_Win81_R275.exe" -d "C:\Users\Roberts Family\Downloads"
Task: {83FEE5DD-CDD4-4B34-B94D-18C78472848D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {F3548499-6DEF-4119-9907-AFE2AD813FAE} - System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [2011-08-19] (RockMelt Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
Task: C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
2016-01-13 13:08 - 2016-01-13 13:08 - 00000000 ___HD C:\5DEXdjaJvcSyMIOO
Hosts:
EmptyTemp:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
*****************
 
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Google Update => value removed successfully
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Pando Media Booster => value removed successfully
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_404CB0ED4D5342B49CBD6BAE6FC58785 => value removed successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk => moved successfully
C:\Program Files\McAfee Security Scan\3.11.266\SSScheduler.exe => moved successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
earchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> DefaultScope {4D643B2B-B043-4F6D-B426-1E10B87328F6} URL = hxxp://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms} => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4D643B2B-B043-4F6D-B426-1E10B87328F6}" => key removed successfully
HKCR\CLSID\{4D643B2B-B043-4F6D-B426-1E10B87328F6} => key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => key removed successfully
"HKCR\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKCR\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => key not found. 
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.45.2" => key removed successfully
C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.45.2" => key removed successfully
C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll => moved successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => moved successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin" => key removed successfully
C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll => not found.
"C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\searchplugins\bing-zugo.xml" => not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{1C43BAF1-00C2-40A8-A09E-F84CFD79546D} => value removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aaaapoldfpilohhfkhihnhdckpackghi" => key removed successfully
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => service removed successfully
McComponentHostService => service removed successfully
CouponPrinterService => service removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}" => key removed successfully
"HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{333B0D89-14F7-43FB-A917-0F06F0DDF448}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{333B0D89-14F7-43FB-A917-0F06F0DDF448}" => key removed successfully
C:\Windows\System32\Tasks\{60A5FCC0-96EF-4439-840D-FD0AEE7AC45B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{60A5FCC0-96EF-4439-840D-FD0AEE7AC45B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4009F7F4-7B35-4F4A-A928-8EE725851CED}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4009F7F4-7B35-4F4A-A928-8EE725851CED}" => key removed successfully
C:\Windows\System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F11749F-6893-4B49-8723-80D4B707707D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F11749F-6893-4B49-8723-80D4B707707D}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{792DB1AC-0811-457F-9446-7EC64DFB46EF}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{792DB1AC-0811-457F-9446-7EC64DFB46EF}" => key removed successfully
C:\Windows\System32\Tasks\{17629013-34CE-48BB-85AE-CFD33CADD85B} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{17629013-34CE-48BB-85AE-CFD33CADD85B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83FEE5DD-CDD4-4B34-B94D-18C78472848D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83FEE5DD-CDD4-4B34-B94D-18C78472848D}" => key removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3548499-6DEF-4119-9907-AFE2AD813FAE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3548499-6DEF-4119-9907-AFE2AD813FAE}" => key removed successfully
C:\Windows\System32\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core" => key removed successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => moved successfully
C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => moved successfully
C:\Windows\Tasks\RockMeltUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => moved successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\sndappv2" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\vsmon" => key removed successfully
C:\5DEXdjaJvcSyMIOO => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 20 GB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 08:46:07 ====

  • 0

#10
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
aswMBR version 1.0.1.2290 Copyright© 2014 AVAST Software
Run date: 2016-02-22 09:04:16
-----------------------------
09:04:16.633    OS Version: Windows x64 6.1.7601 Service Pack 1
09:04:16.633    Number of processors: 4 586 0x503
09:04:16.634    ComputerName: IONGRAPHX  UserName: 
09:04:19.746    Initialize success
09:04:19.796    VM: initialized successfully
09:04:19.797    VM: Amd CPU BiosDisabled 
09:05:23.377    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000061
09:05:23.379    Disk 0 Vendor:   Size: 0MB BusType: 0
09:05:23.381    Disk 1  \Device\Harddisk1\DR1 -> \Device\0000007e
09:05:23.382    Disk 1 Vendor:   Size: 0MB BusType: 0
09:05:23.474    Disk 0 MBR read successfully
09:05:23.476    Disk 0 MBR scan
09:05:23.478    Disk 0 unknown MBR code
09:05:23.480    Disk 0 MBR hidden
09:05:23.489    Disk 0 Partition 1 80 (A) 07      HPFS/NTFS NTFS          100 MB offset 2048
09:05:23.491    Disk 0 default boot code
09:05:23.497    Disk 0 Partition 2 00     07      HPFS/NTFS NTFS       942352 MB offset 206848
09:05:23.523    Disk 0 Partition 3 00     07      HPFS/NTFS NTFS        11415 MB offset 1930143744
09:05:23.561    Disk 0 scanning C:\Windows\system32\drivers
09:05:31.490    Service scanning
09:05:45.121    Modules scanning
09:05:45.125    Disk 0 trace - called modules:
09:05:45.147    ntoskrnl.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys hal.dll amd_sata.sys 
09:05:45.150    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8005c05790]
09:05:45.153    3 CLASSPNP.SYS[fffff88000c7b43f] -> nt!IofCallDriver -> [0xfffffa8005a79ac0]
09:05:45.158    5 amd_xata.sys[fffff88000fe08b4] -> nt!IofCallDriver -> \Device\00000061[0xfffffa8005a739c0]
09:05:45.162    Disk 0 statistics 102432/0/0 @ 8.36 MB/s
09:05:45.166    Scan finished successfully
09:06:03.941    Disk 0 MBR has been saved successfully to "C:\Users\Roberts Family\Desktop\MBR.dat"
09:06:03.945    The log file has been saved successfully to "C:\Users\Roberts Family\Desktop\aswMBR.txt"

  • 0

Advertisements


#11
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts

 

Get the Junkware Removal Tool from https://www.malwareb...areremovaltool/
Run it by right click and Run As Admin.  
 
Reboot
 

 

 

 

How long should the Junkware Removal Tool take? It gets hung up on "<*       > Processes".

 

After waiting quite a while, I try to close or exit the tool and end up having to do a hard reboot.


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,028 posts
  • MVP

Shouldn't take all that long for JRT to run.

 

Just skip it and the reboot for now and continue with the sfc /scannow command.


  • 0

#13
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
2016-02-23 11:01:03, Info                  CSI    0000000b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:03, Info                  CSI    0000000c [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:05, Info                  CSI    0000000e [SR] Verify complete
2016-02-23 11:01:06, Info                  CSI    0000000f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:06, Info                  CSI    00000010 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:09, Info                  CSI    00000012 [SR] Verify complete
2016-02-23 11:01:10, Info                  CSI    00000013 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:10, Info                  CSI    00000014 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:12, Info                  CSI    00000016 [SR] Verify complete
2016-02-23 11:01:14, Info                  CSI    00000017 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:14, Info                  CSI    00000018 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:16, Info                  CSI    0000001a [SR] Verify complete
2016-02-23 11:01:18, Info                  CSI    0000001b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:18, Info                  CSI    0000001c [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:20, Info                  CSI    0000001e [SR] Verify complete
2016-02-23 11:01:22, Info                  CSI    0000001f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:22, Info                  CSI    00000020 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:23, Info                  CSI    00000022 [SR] Verify complete
2016-02-23 11:01:24, Info                  CSI    00000023 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:24, Info                  CSI    00000024 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:26, Info                  CSI    00000026 [SR] Verify complete
2016-02-23 11:01:28, Info                  CSI    00000027 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:28, Info                  CSI    00000028 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:30, Info                  CSI    0000002a [SR] Verify complete
2016-02-23 11:01:31, Info                  CSI    0000002b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:31, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:33, Info                  CSI    0000002e [SR] Verify complete
2016-02-23 11:01:35, Info                  CSI    0000002f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:35, Info                  CSI    00000030 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:36, Info                  CSI    00000032 [SR] Verify complete
2016-02-23 11:01:37, Info                  CSI    00000033 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:37, Info                  CSI    00000034 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:40, Info                  CSI    00000036 [SR] Verify complete
2016-02-23 11:01:41, Info                  CSI    00000037 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:41, Info                  CSI    00000038 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:42, Info                  CSI    0000003a [SR] Verify complete
2016-02-23 11:01:44, Info                  CSI    0000003b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:44, Info                  CSI    0000003c [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:46, Info                  CSI    0000003e [SR] Verify complete
2016-02-23 11:01:47, Info                  CSI    0000003f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:47, Info                  CSI    00000040 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:50, Info                  CSI    00000042 [SR] Verify complete
2016-02-23 11:01:51, Info                  CSI    00000043 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:51, Info                  CSI    00000044 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:56, Info                  CSI    00000046 [SR] Verify complete
2016-02-23 11:01:57, Info                  CSI    00000047 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:01:57, Info                  CSI    00000048 [SR] Beginning Verify and Repair transaction
2016-02-23 11:01:59, Info                  CSI    0000004a [SR] Verify complete
2016-02-23 11:02:00, Info                  CSI    0000004b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:00, Info                  CSI    0000004c [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:04, Info                  CSI    0000004e [SR] Verify complete
2016-02-23 11:02:05, Info                  CSI    0000004f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:05, Info                  CSI    00000050 [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:08, Info                  CSI    00000052 [SR] Verify complete
2016-02-23 11:02:11, Info                  CSI    00000053 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:11, Info                  CSI    00000054 [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:12, Info                  CSI    00000056 [SR] Verify complete
2016-02-23 11:02:13, Info                  CSI    00000057 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:13, Info                  CSI    00000058 [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:16, Info                  CSI    0000005a [SR] Verify complete
2016-02-23 11:02:17, Info                  CSI    0000005b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:17, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:20, Info                  CSI    0000005e [SR] Verify complete
2016-02-23 11:02:21, Info                  CSI    0000005f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:21, Info                  CSI    00000060 [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:23, Info                  CSI    00000062 [SR] Verify complete
2016-02-23 11:02:23, Info                  CSI    00000063 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:23, Info                  CSI    00000064 [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:28, Info                  CSI    00000066 [SR] Verify complete
2016-02-23 11:02:29, Info                  CSI    00000067 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:29, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:35, Info                  CSI    0000006a [SR] Verify complete
2016-02-23 11:02:35, Info                  CSI    0000006b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:35, Info                  CSI    0000006c [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:39, Info                  CSI    0000006e [SR] Verify complete
2016-02-23 11:02:39, Info                  CSI    0000006f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:39, Info                  CSI    00000070 [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:44, Info                  CSI    00000072 [SR] Verify complete
2016-02-23 11:02:44, Info                  CSI    00000073 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:44, Info                  CSI    00000074 [SR] Beginning Verify and Repair transaction
2016-02-23 11:02:54, Info                  CSI    00000077 [SR] Verify complete
2016-02-23 11:02:54, Info                  CSI    00000078 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:02:54, Info                  CSI    00000079 [SR] Beginning Verify and Repair transaction
2016-02-23 11:03:02, Info                  CSI    0000007e [SR] Verify complete
2016-02-23 11:03:02, Info                  CSI    0000007f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:03:02, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2016-02-23 11:03:10, Info                  CSI    00000083 [SR] Verify complete
2016-02-23 11:03:10, Info                  CSI    00000084 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:03:10, Info                  CSI    00000085 [SR] Beginning Verify and Repair transaction
2016-02-23 11:03:15, Info                  CSI    00000087 [SR] Verify complete
2016-02-23 11:03:16, Info                  CSI    00000088 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:03:16, Info                  CSI    00000089 [SR] Beginning Verify and Repair transaction
2016-02-23 11:03:24, Info                  CSI    000000a5 [SR] Verify complete
2016-02-23 11:03:25, Info                  CSI    000000a6 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:03:25, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2016-02-23 11:03:32, Info                  CSI    000000b2 [SR] Verify complete
2016-02-23 11:03:33, Info                  CSI    000000b3 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:03:33, Info                  CSI    000000b4 [SR] Beginning Verify and Repair transaction
2016-02-23 11:03:42, Info                  CSI    000000b6 [SR] Verify complete
2016-02-23 11:03:43, Info                  CSI    000000b7 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:03:43, Info                  CSI    000000b8 [SR] Beginning Verify and Repair transaction
2016-02-23 11:03:48, Info                  CSI    000000ba [SR] Verify complete
2016-02-23 11:03:49, Info                  CSI    000000bb [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:03:49, Info                  CSI    000000bc [SR] Beginning Verify and Repair transaction
2016-02-23 11:03:56, Info                  CSI    000000be [SR] Verify complete
2016-02-23 11:03:57, Info                  CSI    000000bf [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:03:57, Info                  CSI    000000c0 [SR] Beginning Verify and Repair transaction
2016-02-23 11:04:04, Info                  CSI    000000c2 [SR] Verify complete
2016-02-23 11:04:04, Info                  CSI    000000c3 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:04:04, Info                  CSI    000000c4 [SR] Beginning Verify and Repair transaction
2016-02-23 11:04:12, Info                  CSI    000000c6 [SR] Verify complete
2016-02-23 11:04:13, Info                  CSI    000000c7 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:04:13, Info                  CSI    000000c8 [SR] Beginning Verify and Repair transaction
2016-02-23 11:04:24, Info                  CSI    000000eb [SR] Verify complete
2016-02-23 11:04:24, Info                  CSI    000000ec [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:04:24, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2016-02-23 11:04:33, Info                  CSI    000000ef [SR] Verify complete
2016-02-23 11:04:34, Info                  CSI    000000f0 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:04:34, Info                  CSI    000000f1 [SR] Beginning Verify and Repair transaction
2016-02-23 11:04:48, Info                  CSI    000000f3 [SR] Verify complete
2016-02-23 11:04:49, Info                  CSI    000000f4 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:04:49, Info                  CSI    000000f5 [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:01, Info                  CSI    000000f9 [SR] Verify complete
2016-02-23 11:05:01, Info                  CSI    000000fa [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:01, Info                  CSI    000000fb [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:04, Info                  CSI    000000fd [SR] Verify complete
2016-02-23 11:05:05, Info                  CSI    000000fe [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:05, Info                  CSI    000000ff [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:06, Info                  CSI    00000101 [SR] Verify complete
2016-02-23 11:05:06, Info                  CSI    00000102 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:06, Info                  CSI    00000103 [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:09, Info                  CSI    00000105 [SR] Verify complete
2016-02-23 11:05:10, Info                  CSI    00000106 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:10, Info                  CSI    00000107 [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:19, Info                  CSI    0000011a [SR] Verify complete
2016-02-23 11:05:20, Info                  CSI    0000011b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:20, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:24, Info                  CSI    0000011e [SR] Verify complete
2016-02-23 11:05:24, Info                  CSI    0000011f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:24, Info                  CSI    00000120 [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:30, Info                  CSI    00000122 [SR] Verify complete
2016-02-23 11:05:30, Info                  CSI    00000123 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:30, Info                  CSI    00000124 [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:33, Info                  CSI    00000126 [SR] Verify complete
2016-02-23 11:05:34, Info                  CSI    00000127 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:34, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:43, Info                  CSI    0000012b [SR] Verify complete
2016-02-23 11:05:44, Info                  CSI    0000012c [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:44, Info                  CSI    0000012d [SR] Beginning Verify and Repair transaction
2016-02-23 11:05:57, Info                  CSI    00000130 [SR] Verify complete
2016-02-23 11:05:58, Info                  CSI    00000131 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:05:58, Info                  CSI    00000132 [SR] Beginning Verify and Repair transaction
2016-02-23 11:06:02, Info                  CSI    00000134 [SR] Verify complete
2016-02-23 11:06:02, Info                  CSI    00000135 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:06:02, Info                  CSI    00000136 [SR] Beginning Verify and Repair transaction
2016-02-23 11:06:06, Info                  CSI    00000138 [SR] Verify complete
2016-02-23 11:06:06, Info                  CSI    00000139 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:06:06, Info                  CSI    0000013a [SR] Beginning Verify and Repair transaction
2016-02-23 11:06:16, Info                  CSI    0000013c [SR] Verify complete
2016-02-23 11:06:17, Info                  CSI    0000013d [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:06:17, Info                  CSI    0000013e [SR] Beginning Verify and Repair transaction
2016-02-23 11:06:25, Info                  CSI    00000140 [SR] Verify complete
2016-02-23 11:06:26, Info                  CSI    00000141 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:06:26, Info                  CSI    00000142 [SR] Beginning Verify and Repair transaction
2016-02-23 11:06:36, Info                  CSI    00000144 [SR] Verify complete
2016-02-23 11:06:36, Info                  CSI    00000145 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:06:36, Info                  CSI    00000146 [SR] Beginning Verify and Repair transaction
2016-02-23 11:06:46, Info                  CSI    0000015e [SR] Verify complete
2016-02-23 11:06:47, Info                  CSI    0000015f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:06:47, Info                  CSI    00000160 [SR] Beginning Verify and Repair transaction
2016-02-23 11:06:55, Info                  CSI    00000162 [SR] Verify complete
2016-02-23 11:06:56, Info                  CSI    00000163 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:06:56, Info                  CSI    00000164 [SR] Beginning Verify and Repair transaction
2016-02-23 11:07:14, Info                  CSI    00000166 [SR] Verify complete
2016-02-23 11:07:15, Info                  CSI    00000167 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:07:15, Info                  CSI    00000168 [SR] Beginning Verify and Repair transaction
2016-02-23 11:07:30, Info                  CSI    0000016b [SR] Verify complete
2016-02-23 11:07:30, Info                  CSI    0000016c [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:07:30, Info                  CSI    0000016d [SR] Beginning Verify and Repair transaction
2016-02-23 11:07:40, Info                  CSI    0000016f [SR] Verify complete
2016-02-23 11:07:41, Info                  CSI    00000170 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:07:41, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2016-02-23 11:07:49, Info                  CSI    00000173 [SR] Verify complete
2016-02-23 11:07:50, Info                  CSI    00000174 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:07:50, Info                  CSI    00000175 [SR] Beginning Verify and Repair transaction
2016-02-23 11:07:57, Info                  CSI    00000177 [SR] Verify complete
2016-02-23 11:07:57, Info                  CSI    00000178 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:07:57, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2016-02-23 11:08:04, Info                  CSI    0000017d [SR] Verify complete
2016-02-23 11:08:04, Info                  CSI    0000017e [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:08:04, Info                  CSI    0000017f [SR] Beginning Verify and Repair transaction
2016-02-23 11:08:12, Info                  CSI    00000181 [SR] Verify complete
2016-02-23 11:08:12, Info                  CSI    00000182 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:08:12, Info                  CSI    00000183 [SR] Beginning Verify and Repair transaction
2016-02-23 11:08:29, Info                  CSI    00000185 [SR] Verify complete
2016-02-23 11:08:29, Info                  CSI    00000186 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:08:29, Info                  CSI    00000187 [SR] Beginning Verify and Repair transaction
2016-02-23 11:08:40, Info                  CSI    0000018a [SR] Verify complete
2016-02-23 11:08:40, Info                  CSI    0000018b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:08:40, Info                  CSI    0000018c [SR] Beginning Verify and Repair transaction
2016-02-23 11:08:44, Info                  CSI    0000018f [SR] Verify complete
2016-02-23 11:08:45, Info                  CSI    00000190 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:08:45, Info                  CSI    00000191 [SR] Beginning Verify and Repair transaction
2016-02-23 11:08:54, Info                  CSI    00000193 [SR] Verify complete
2016-02-23 11:08:54, Info                  CSI    00000194 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:08:54, Info                  CSI    00000195 [SR] Beginning Verify and Repair transaction
2016-02-23 11:09:06, Info                  CSI    00000198 [SR] Verify complete
2016-02-23 11:09:07, Info                  CSI    00000199 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:09:07, Info                  CSI    0000019a [SR] Beginning Verify and Repair transaction
2016-02-23 11:09:15, Info                  CSI    0000019c [SR] Verify complete
2016-02-23 11:09:15, Info                  CSI    0000019d [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:09:15, Info                  CSI    0000019e [SR] Beginning Verify and Repair transaction
2016-02-23 11:09:23, Info                  CSI    000001a0 [SR] Verify complete
2016-02-23 11:09:23, Info                  CSI    000001a1 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:09:23, Info                  CSI    000001a2 [SR] Beginning Verify and Repair transaction
2016-02-23 11:09:30, Info                  CSI    000001a4 [SR] Verify complete
2016-02-23 11:09:31, Info                  CSI    000001a5 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:09:31, Info                  CSI    000001a6 [SR] Beginning Verify and Repair transaction
2016-02-23 11:09:43, Info                  CSI    000001a9 [SR] Verify complete
2016-02-23 11:09:44, Info                  CSI    000001aa [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:09:44, Info                  CSI    000001ab [SR] Beginning Verify and Repair transaction
2016-02-23 11:09:48, Info                  CSI    000001ae [SR] Verify complete
2016-02-23 11:09:49, Info                  CSI    000001af [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:09:49, Info                  CSI    000001b0 [SR] Beginning Verify and Repair transaction
2016-02-23 11:09:56, Info                  CSI    000001b3 [SR] Verify complete
2016-02-23 11:09:57, Info                  CSI    000001b4 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:09:57, Info                  CSI    000001b5 [SR] Beginning Verify and Repair transaction
2016-02-23 11:10:05, Info                  CSI    000001b7 [SR] Verify complete
2016-02-23 11:10:05, Info                  CSI    000001b8 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:10:05, Info                  CSI    000001b9 [SR] Beginning Verify and Repair transaction
2016-02-23 11:10:14, Info                  CSI    000001bd [SR] Verify complete
2016-02-23 11:10:15, Info                  CSI    000001be [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:10:15, Info                  CSI    000001bf [SR] Beginning Verify and Repair transaction
2016-02-23 11:10:23, Info                  CSI    000001c1 [SR] Verify complete
2016-02-23 11:10:23, Info                  CSI    000001c2 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:10:23, Info                  CSI    000001c3 [SR] Beginning Verify and Repair transaction
2016-02-23 11:10:32, Info                  CSI    000001c6 [SR] Verify complete
2016-02-23 11:10:33, Info                  CSI    000001c7 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:10:33, Info                  CSI    000001c8 [SR] Beginning Verify and Repair transaction
2016-02-23 11:10:43, Info                  CSI    000001ca [SR] Verify complete
2016-02-23 11:10:44, Info                  CSI    000001cb [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:10:44, Info                  CSI    000001cc [SR] Beginning Verify and Repair transaction
2016-02-23 11:10:47, Info                  CSI    000001ce [SR] Verify complete
2016-02-23 11:10:47, Info                  CSI    000001cf [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:10:47, Info                  CSI    000001d0 [SR] Beginning Verify and Repair transaction
2016-02-23 11:10:53, Info                  CSI    000001d2 [SR] Verify complete
2016-02-23 11:10:54, Info                  CSI    000001d3 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:10:54, Info                  CSI    000001d4 [SR] Beginning Verify and Repair transaction
2016-02-23 11:11:01, Info                  CSI    000001d6 [SR] Verify complete
2016-02-23 11:11:02, Info                  CSI    000001d7 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:11:02, Info                  CSI    000001d8 [SR] Beginning Verify and Repair transaction
2016-02-23 11:11:13, Info                  CSI    000001da [SR] Verify complete
2016-02-23 11:11:14, Info                  CSI    000001db [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:11:14, Info                  CSI    000001dc [SR] Beginning Verify and Repair transaction
2016-02-23 11:11:21, Info                  CSI    000001de [SR] Verify complete
2016-02-23 11:11:22, Info                  CSI    000001df [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:11:22, Info                  CSI    000001e0 [SR] Beginning Verify and Repair transaction
2016-02-23 11:11:28, Info                  CSI    000001e2 [SR] Verify complete
2016-02-23 11:11:29, Info                  CSI    000001e3 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:11:29, Info                  CSI    000001e4 [SR] Beginning Verify and Repair transaction
2016-02-23 11:11:43, Info                  CSI    000001e6 [SR] Verify complete
2016-02-23 11:11:44, Info                  CSI    000001e7 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:11:44, Info                  CSI    000001e8 [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:12, Info                  CSI    000001ea [SR] Verify complete
2016-02-23 11:12:13, Info                  CSI    000001eb [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:13, Info                  CSI    000001ec [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:20, Info                  CSI    000001ee [SR] Verify complete
2016-02-23 11:12:20, Info                  CSI    000001ef [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:20, Info                  CSI    000001f0 [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:27, Info                  CSI    000001f2 [SR] Verify complete
2016-02-23 11:12:27, Info                  CSI    000001f3 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:27, Info                  CSI    000001f4 [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:29, Info                  CSI    000001f6 [SR] Verify complete
2016-02-23 11:12:30, Info                  CSI    000001f7 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:30, Info                  CSI    000001f8 [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:38, Info                  CSI    000001fa [SR] Verify complete
2016-02-23 11:12:38, Info                  CSI    000001fb [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:38, Info                  CSI    000001fc [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:45, Info                  CSI    000001fe [SR] Verify complete
2016-02-23 11:12:45, Info                  CSI    000001ff [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:45, Info                  CSI    00000200 [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:48, Info                  CSI    00000202 [SR] Verify complete
2016-02-23 11:12:48, Info                  CSI    00000203 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:48, Info                  CSI    00000204 [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:49, Info                  CSI    00000206 [SR] Verify complete
2016-02-23 11:12:50, Info                  CSI    00000207 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:50, Info                  CSI    00000208 [SR] Beginning Verify and Repair transaction
2016-02-23 11:12:55, Info                  CSI    00000210 [SR] Verify complete
2016-02-23 11:12:56, Info                  CSI    00000211 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:12:56, Info                  CSI    00000212 [SR] Beginning Verify and Repair transaction
2016-02-23 11:13:04, Info                  CSI    00000214 [SR] Verify complete
2016-02-23 11:13:04, Info                  CSI    00000215 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:13:04, Info                  CSI    00000216 [SR] Beginning Verify and Repair transaction
2016-02-23 11:13:13, Info                  CSI    00000218 [SR] Verify complete
2016-02-23 11:13:13, Info                  CSI    00000219 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:13:13, Info                  CSI    0000021a [SR] Beginning Verify and Repair transaction
2016-02-23 11:13:20, Info                  CSI    0000021c [SR] Verify complete
2016-02-23 11:13:21, Info                  CSI    0000021d [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:13:21, Info                  CSI    0000021e [SR] Beginning Verify and Repair transaction
2016-02-23 11:13:30, Info                  CSI    00000220 [SR] Verify complete
2016-02-23 11:13:30, Info                  CSI    00000221 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:13:30, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2016-02-23 11:13:42, Info                  CSI    00000225 [SR] Verify complete
2016-02-23 11:13:42, Info                  CSI    00000226 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:13:42, Info                  CSI    00000227 [SR] Beginning Verify and Repair transaction
2016-02-23 11:13:52, Info                  CSI    00000229 [SR] Verify complete
2016-02-23 11:13:52, Info                  CSI    0000022a [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:13:52, Info                  CSI    0000022b [SR] Beginning Verify and Repair transaction
2016-02-23 11:13:58, Info                  CSI    0000022d [SR] Verify complete
2016-02-23 11:13:59, Info                  CSI    0000022e [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:13:59, Info                  CSI    0000022f [SR] Beginning Verify and Repair transaction
2016-02-23 11:14:13, Info                  CSI    00000232 [SR] Verify complete
2016-02-23 11:14:14, Info                  CSI    00000233 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:14:14, Info                  CSI    00000234 [SR] Beginning Verify and Repair transaction
2016-02-23 11:14:31, Info                  CSI    00000238 [SR] Verify complete
2016-02-23 11:14:31, Info                  CSI    00000239 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:14:31, Info                  CSI    0000023a [SR] Beginning Verify and Repair transaction
2016-02-23 11:14:44, Info                  CSI    0000023f [SR] Verify complete
2016-02-23 11:14:45, Info                  CSI    00000240 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:14:45, Info                  CSI    00000241 [SR] Beginning Verify and Repair transaction
2016-02-23 11:14:55, Info                  CSI    00000249 [SR] Verify complete
2016-02-23 11:14:56, Info                  CSI    0000024a [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:14:56, Info                  CSI    0000024b [SR] Beginning Verify and Repair transaction
2016-02-23 11:15:09, Info                  CSI    00000252 [SR] Verify complete
2016-02-23 11:15:10, Info                  CSI    00000253 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:15:10, Info                  CSI    00000254 [SR] Beginning Verify and Repair transaction
2016-02-23 11:15:19, Info                  CSI    00000259 [SR] Verify complete
2016-02-23 11:15:20, Info                  CSI    0000025a [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:15:20, Info                  CSI    0000025b [SR] Beginning Verify and Repair transaction
2016-02-23 11:15:28, Info                  CSI    0000025f [SR] Verify complete
2016-02-23 11:15:28, Info                  CSI    00000260 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:15:28, Info                  CSI    00000261 [SR] Beginning Verify and Repair transaction
2016-02-23 11:15:34, Info                  CSI    00000263 [SR] Verify complete
2016-02-23 11:15:35, Info                  CSI    00000264 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:15:35, Info                  CSI    00000265 [SR] Beginning Verify and Repair transaction
2016-02-23 11:15:43, Info                  CSI    0000028a [SR] Verify complete
2016-02-23 11:15:43, Info                  CSI    0000028b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:15:43, Info                  CSI    0000028c [SR] Beginning Verify and Repair transaction
2016-02-23 11:15:51, Info                  CSI    0000028e [SR] Verify complete
2016-02-23 11:15:52, Info                  CSI    0000028f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:15:52, Info                  CSI    00000290 [SR] Beginning Verify and Repair transaction
2016-02-23 11:15:59, Info                  CSI    00000292 [SR] Verify complete
2016-02-23 11:15:59, Info                  CSI    00000293 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:15:59, Info                  CSI    00000294 [SR] Beginning Verify and Repair transaction
2016-02-23 11:16:08, Info                  CSI    00000296 [SR] Verify complete
2016-02-23 11:16:08, Info                  CSI    00000297 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:16:08, Info                  CSI    00000298 [SR] Beginning Verify and Repair transaction
2016-02-23 11:16:16, Info                  CSI    000002a5 [SR] Verify complete
2016-02-23 11:16:16, Info                  CSI    000002a6 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:16:16, Info                  CSI    000002a7 [SR] Beginning Verify and Repair transaction
2016-02-23 11:16:24, Info                  CSI    000002aa [SR] Verify complete
2016-02-23 11:16:24, Info                  CSI    000002ab [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:16:24, Info                  CSI    000002ac [SR] Beginning Verify and Repair transaction
2016-02-23 11:16:34, Info                  CSI    000002b5 [SR] Verify complete
2016-02-23 11:16:34, Info                  CSI    000002b6 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:16:34, Info                  CSI    000002b7 [SR] Beginning Verify and Repair transaction
2016-02-23 11:16:41, Info                  CSI    000002be [SR] Verify complete
2016-02-23 11:16:42, Info                  CSI    000002bf [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:16:42, Info                  CSI    000002c0 [SR] Beginning Verify and Repair transaction
2016-02-23 11:16:49, Info                  CSI    000002c2 [SR] Verify complete
2016-02-23 11:16:50, Info                  CSI    000002c3 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:16:50, Info                  CSI    000002c4 [SR] Beginning Verify and Repair transaction
2016-02-23 11:16:59, Info                  CSI    000002c7 [SR] Verify complete
2016-02-23 11:17:00, Info                  CSI    000002c8 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:17:00, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2016-02-23 11:17:07, Info                  CSI    000002cb [SR] Verify complete
2016-02-23 11:17:08, Info                  CSI    000002cc [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:17:08, Info                  CSI    000002cd [SR] Beginning Verify and Repair transaction
2016-02-23 11:17:16, Info                  CSI    000002cf [SR] Verify complete
2016-02-23 11:17:17, Info                  CSI    000002d0 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:17:17, Info                  CSI    000002d1 [SR] Beginning Verify and Repair transaction
2016-02-23 11:17:24, Info                  CSI    000002d3 [SR] Verify complete
2016-02-23 11:17:24, Info                  CSI    000002d4 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:17:24, Info                  CSI    000002d5 [SR] Beginning Verify and Repair transaction
2016-02-23 11:17:32, Info                  CSI    000002d7 [SR] Verify complete
2016-02-23 11:17:32, Info                  CSI    000002d8 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:17:32, Info                  CSI    000002d9 [SR] Beginning Verify and Repair transaction
2016-02-23 11:17:44, Info                  CSI    000002f3 [SR] Verify complete
2016-02-23 11:17:45, Info                  CSI    000002f4 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:17:45, Info                  CSI    000002f5 [SR] Beginning Verify and Repair transaction
2016-02-23 11:18:04, Info                  CSI    000002f7 [SR] Verify complete
2016-02-23 11:18:04, Info                  CSI    000002f8 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:18:04, Info                  CSI    000002f9 [SR] Beginning Verify and Repair transaction
2016-02-23 11:18:11, Info                  CSI    000002fb [SR] Verify complete
2016-02-23 11:18:12, Info                  CSI    000002fc [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:18:12, Info                  CSI    000002fd [SR] Beginning Verify and Repair transaction
2016-02-23 11:18:19, Info                  CSI    000002ff [SR] Verify complete
2016-02-23 11:18:19, Info                  CSI    00000300 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:18:19, Info                  CSI    00000301 [SR] Beginning Verify and Repair transaction
2016-02-23 11:18:24, Info                  CSI    00000305 [SR] Verify complete
2016-02-23 11:18:25, Info                  CSI    00000306 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:18:25, Info                  CSI    00000307 [SR] Beginning Verify and Repair transaction
2016-02-23 11:18:30, Info                  CSI    00000309 [SR] Verify complete
2016-02-23 11:18:30, Info                  CSI    0000030a [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:18:30, Info                  CSI    0000030b [SR] Beginning Verify and Repair transaction
2016-02-23 11:18:38, Info                  CSI    0000030d [SR] Verify complete
2016-02-23 11:18:38, Info                  CSI    0000030e [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:18:38, Info                  CSI    0000030f [SR] Beginning Verify and Repair transaction
2016-02-23 11:18:47, Info                  CSI    00000311 [SR] Verify complete
2016-02-23 11:18:47, Info                  CSI    00000312 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:18:47, Info                  CSI    00000313 [SR] Beginning Verify and Repair transaction
2016-02-23 11:18:54, Info                  CSI    00000316 [SR] Verify complete
2016-02-23 11:18:54, Info                  CSI    00000317 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:18:54, Info                  CSI    00000318 [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:02, Info                  CSI    0000031a [SR] Verify complete
2016-02-23 11:19:02, Info                  CSI    0000031b [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:19:02, Info                  CSI    0000031c [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:09, Info                  CSI    0000031e [SR] Verify complete
2016-02-23 11:19:10, Info                  CSI    0000031f [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:19:10, Info                  CSI    00000320 [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:18, Info                  CSI    00000322 [SR] Verify complete
2016-02-23 11:19:19, Info                  CSI    00000323 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:19:19, Info                  CSI    00000324 [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:28, Info                  CSI    00000327 [SR] Verify complete
2016-02-23 11:19:28, Info                  CSI    00000328 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:19:28, Info                  CSI    00000329 [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:33, Info                  CSI    0000032b [SR] Verify complete
2016-02-23 11:19:34, Info                  CSI    0000032c [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:19:34, Info                  CSI    0000032d [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:41, Info                  CSI    0000032f [SR] Verify complete
2016-02-23 11:19:42, Info                  CSI    00000330 [SR] Verifying 100 (0x0000000000000064) components
2016-02-23 11:19:42, Info                  CSI    00000331 [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:48, Info                  CSI    00000333 [SR] Verify complete
2016-02-23 11:19:49, Info                  CSI    00000334 [SR] Verifying 97 (0x0000000000000061) components
2016-02-23 11:19:49, Info                  CSI    00000335 [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:55, Info                  CSI    00000337 [SR] Verify complete
2016-02-23 11:19:55, Info                  CSI    00000338 [SR] Repairing 0 components
2016-02-23 11:19:55, Info                  CSI    00000339 [SR] Beginning Verify and Repair transaction
2016-02-23 11:19:55, Info                  CSI    0000033b [SR] Repair complete

  • 0

#14
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 23/02/2016 11:33:01 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 22/02/2016 3:08:23 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 22/02/2016 2:24:22 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 11/02/2016 5:30:41 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 11/02/2016 4:44:14 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 18/01/2016 6:18:38 PM
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/02/2016 3:02:22 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The WMI Performance Adapter service terminated with the following error:  %%-2147467259
 
Log: 'System' Date/Time: 23/02/2016 3:02:14 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The WMI Performance Adapter service terminated with the following error:  %%-2147467259
 
Log: 'System' Date/Time: 23/02/2016 3:02:06 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The WMI Performance Adapter service terminated with the following error:  %%-2147467259
 
Log: 'System' Date/Time: 22/02/2016 3:19:02 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The WMI Performance Adapter service terminated with the following error:  %%-2147467259
 
Log: 'System' Date/Time: 22/02/2016 3:18:53 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The WMI Performance Adapter service terminated with the following error:  %%-2147467259
 
Log: 'System' Date/Time: 22/02/2016 3:18:34 PM
Type: Error Category: 0
Event: 7023 Source: Service Control Manager
The WMI Performance Adapter service terminated with the following error:  %%-2147467259
 
Log: 'System' Date/Time: 22/02/2016 3:13:30 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The HP Support Solutions Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 22/02/2016 3:13:30 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
 
Log: 'System' Date/Time: 22/02/2016 3:11:06 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/02/2016 3:10:53 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 22/02/2016 3:10:34 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Application Virtualization Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 22/02/2016 3:10:34 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.
 
Log: 'System' Date/Time: 22/02/2016 3:09:46 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/02/2016 3:09:36 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Ralink UPnP Media Server service to connect.
 
Log: 'System' Date/Time: 22/02/2016 3:08:43 PM
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 10:04:52 AM on ?2/?22/?2016 was unexpected.
 
Log: 'System' Date/Time: 22/02/2016 2:26:49 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
Log: 'System' Date/Time: 22/02/2016 2:26:22 PM
Type: Error Category: 0
Event: 7001 Source: Service Control Manager
The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 22/02/2016 2:26:22 PM
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Application Virtualization Client service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 22/02/2016 2:26:22 PM
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Application Virtualization Client service to connect.
 
Log: 'System' Date/Time: 22/02/2016 2:25:43 PM
Type: Error Category: 0
Event: 10016 Source: Microsoft-Windows-DistributedCOM
The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID  {C97FCC79-E628-407D-AE68-A06AD6D8B4D1}  and APPID  {344ED43D-D086-4961-86A6-1106F4ACAD9B}  to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/02/2016 9:00:03 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.cable.rcn.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/02/2016 8:59:54 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name teredo.ipv6.microsoft.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/02/2016 8:59:52 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.cable.rcn.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/02/2016 8:59:52 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.cable.rcn.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/02/2016 8:59:51 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.cable.rcn.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 23/02/2016 8:59:47 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.cable.rcn.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 22/02/2016 3:12:14 PM
Type: Warning Category: 0
Event: 18 Source: avgntflt
TIMEOUT<MOM.exe> C:\...0727_64\System.Web\aa5e82ba0882a68ec638bc04d3679a53\System.Web.ni.dll
 
Log: 'System' Date/Time: 22/02/2016 3:12:02 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#.
 
Log: 'System' Date/Time: 22/02/2016 3:11:23 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name bttracker.crunchbanglinux.org timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 22/02/2016 3:08:47 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share Birthday_4 because the directory J:\Geek Squad Data Backup 12-16-12\THE VAULT_Backup\JENNIFER\Photos\Baby Roberts\3-4years\Birthday_4 no longer exists.  Please run "net share Birthday_4 /delete" to delete the share, or recreate the directory J:\Geek Squad Data Backup 12-16-12\THE VAULT_Backup\JENNIFER\Photos\Baby Roberts\3-4years\Birthday_4.
 
Log: 'System' Date/Time: 22/02/2016 2:28:22 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#.
 
Log: 'System' Date/Time: 22/02/2016 2:24:43 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share Birthday_4 because the directory J:\Geek Squad Data Backup 12-16-12\THE VAULT_Backup\JENNIFER\Photos\Baby Roberts\3-4years\Birthday_4 no longer exists.  Please run "net share Birthday_4 /delete" to delete the share, or recreate the directory J:\Geek Squad Data Backup 12-16-12\THE VAULT_Backup\JENNIFER\Photos\Baby Roberts\3-4years\Birthday_4.
 
Log: 'System' Date/Time: 22/02/2016 1:54:17 PM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name bttracker.crunchbanglinux.org timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 22/02/2016 1:52:38 PM
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_GENERIC-&PROD_COMPACT_FLASH&REV_1.01#058F63626476&1#.
 
Log: 'System' Date/Time: 22/02/2016 1:51:21 PM
Type: Warning Category: 0
Event: 2511 Source: Server
The server service was unable to recreate the share Birthday_4 because the directory J:\Geek Squad Data Backup 12-16-12\THE VAULT_Backup\JENNIFER\Photos\Baby Roberts\3-4years\Birthday_4 no longer exists.  Please run "net share Birthday_4 /delete" to delete the share, or recreate the directory J:\Geek Squad Data Backup 12-16-12\THE VAULT_Backup\JENNIFER\Photos\Baby Roberts\3-4years\Birthday_4.
 
Log: 'System' Date/Time: 22/02/2016 1:48:53 PM
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped. 
 
Log: 'System' Date/Time: 22/02/2016 1:48:49 PM
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\system32\RAIHV.dll 
 
Log: 'System' Date/Time: 22/02/2016 9:00:03 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)
 
Log: 'System' Date/Time: 22/02/2016 9:00:03 AM
Type: Warning Category: 0
Event: 134 Source: Microsoft-Windows-Time-Service
NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on ''. NtpClient will try again in 3473457 minutes and double the reattempt interval thereafter. The error was: The requested name is valid, but no data of the requested type was found. (0x80072AFC)
 
Log: 'System' Date/Time: 22/02/2016 9:00:01 AM
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.cable.rcn.com timed out after none of the configured DNS servers responded.

  • 0

#15
BIGROD

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 23/02/2016 11:38:15 AM
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 23/02/2016 3:02:25 PM
Type: Error Category: 0
Event: 91 Source: HP Active Health
Unhandled Exception. Application will terminate immediately.
Sent from: Name:ActiveHealth.exe There are no context policies. 
Is terminating: True
Exception object: System.Text.EncoderFallbackException: Unable to translate Unicode character \uDBB4 at index 92 to specified code page.    at System.Text.EncoderExceptionFallbackBuffer.Fallback(Char charUnknown, Int32 index)    at System.Text.EncoderFallbackBuffer.InternalFallback(Char ch, Char*& chars)    at System.Text.UTF8Encoding.GetBytes(Char* chars, Int32 charCount, Byte* bytes, Int32 byteCount, EncoderNLS baseEncoder)    at System.Text.EncoderNLS.GetBytes(Char[] chars, Int32 charIndex, Int32 charCount, Byte[] bytes, Int32 byteIndex, Boolean flush)    at System.IO.StreamWriter.Flush(Boolean flushStream, Boolean flushEncoder)    at System.IO.StreamWriter.Write(String value)    at System.IO.File.InternalWriteAllText(String path, String contents, Encoding encoding, Boolean checkHost)    at HP.ActiveHealth.API.DataGeneration.AgentRunner.DataClassCollector.<>c__DisplayClass16.<SerializeListToFile>b__15()    at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)    at System.Threading.ThreadHelper.ThreadStart()
 
 
Log: 'Application' Date/Time: 23/02/2016 3:02:19 PM
Type: Error Category: 0
Event: 3002 Source: Microsoft-Windows-LoadPerf
The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Log: 'Application' Date/Time: 23/02/2016 3:02:11 PM
Type: Error Category: 0
Event: 3002 Source: Microsoft-Windows-LoadPerf
The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Log: 'Application' Date/Time: 23/02/2016 3:02:09 PM
Type: Error Category: 0
Event: 2800 Source: HP Active Health
Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.    at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)    at System.Diagnostics.PerformanceCounterLib.get_NameTable()    at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()    at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)    at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)    at System.Diagnostics.PerformanceCounter.InitializeImpl()    at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)    at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)    at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()    at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()    at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)    at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
 
Log: 'Application' Date/Time: 23/02/2016 3:02:03 PM
Type: Error Category: 0
Event: 3002 Source: Microsoft-Windows-LoadPerf
The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Log: 'Application' Date/Time: 23/02/2016 2:41:53 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program chrome.exe version 48.0.2564.116 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: 330  Start Time: 01d16d96b03a74c2  Termination Time: 60  Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  Report Id: 8e134c6a-da3b-11e5-bb9f-2c27d7386d69 
 
Log: 'Application' Date/Time: 22/02/2016 5:29:47 PM
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program chrome.exe version 48.0.2564.116 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: 15a8  Start Time: 01d16d9244db53c0  Termination Time: 15  Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe  Report Id: 9e717903-d989-11e5-bb9f-2c27d7386d69 
 
Log: 'Application' Date/Time: 22/02/2016 3:19:01 PM
Type: Error Category: 0
Event: 91 Source: HP Active Health
Unhandled Exception. Application will terminate immediately.
Sent from: Name:ActiveHealth.exe There are no context policies. 
Is terminating: True
Exception object: System.Text.EncoderFallbackException: Unable to translate Unicode character \uDBB4 at index 203 to specified code page.    at System.Text.EncoderExceptionFallbackBuffer.Fallback(Char charUnknown, Int32 index)    at System.Text.EncoderFallbackBuffer.InternalFallback(Char ch, Char*& chars)    at System.Text.UTF8Encoding.GetBytes(Char* chars, Int32 charCount, Byte* bytes, Int32 byteCount, EncoderNLS baseEncoder)    at System.Text.EncoderNLS.GetBytes(Char[] chars, Int32 charIndex, Int32 charCount, Byte[] bytes, Int32 byteIndex, Boolean flush)    at System.IO.StreamWriter.Flush(Boolean flushStream, Boolean flushEncoder)    at System.IO.StreamWriter.Write(String value)    at System.IO.File.InternalWriteAllText(String path, String contents, Encoding encoding, Boolean checkHost)    at HP.ActiveHealth.API.DataGeneration.AgentRunner.DataClassCollector.<>c__DisplayClass16.<SerializeListToFile>b__15()    at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)    at System.Threading.ThreadHelper.ThreadStart()
 
 
Log: 'Application' Date/Time: 22/02/2016 3:18:59 PM
Type: Error Category: 0
Event: 3002 Source: Microsoft-Windows-LoadPerf
The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Log: 'Application' Date/Time: 22/02/2016 3:18:50 PM
Type: Error Category: 0
Event: 3002 Source: Microsoft-Windows-LoadPerf
The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Log: 'Application' Date/Time: 22/02/2016 3:18:50 PM
Type: Error Category: 0
Event: 2800 Source: HP Active Health
Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.    at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)    at System.Diagnostics.PerformanceCounterLib.get_NameTable()    at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()    at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)    at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)    at System.Diagnostics.PerformanceCounter.InitializeImpl()    at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)    at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)    at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()    at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()    at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)    at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
 
Log: 'Application' Date/Time: 22/02/2016 3:18:31 PM
Type: Error Category: 0
Event: 3002 Source: Microsoft-Windows-LoadPerf
The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Log: 'Application' Date/Time: 22/02/2016 3:13:24 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 22/02/2016 3:11:52 PM
Type: Error Category: 0
Event: 20 Source: Google Update
The event description cannot be found.
 
Log: 'Application' Date/Time: 22/02/2016 3:09:08 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Unexpected conflict discarding   17 100.1.168.192.in-addr.arpa. PTR IONGRAPHX.local.
 
Log: 'Application' Date/Time: 22/02/2016 3:09:08 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Received from 192.168.1.100:5353   19 100.1.168.192.in-addr.arpa. PTR IONGRAPHX-2.local.
 
Log: 'Application' Date/Time: 22/02/2016 2:28:25 PM
Type: Error Category: 0
Event: 20 Source: Google Update
The event description cannot be found.
 
Log: 'Application' Date/Time: 22/02/2016 2:27:53 PM
Type: Error Category: 0
Event: 10 Source: Microsoft-Windows-WMI
Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Log: 'Application' Date/Time: 22/02/2016 2:25:07 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Unexpected conflict discarding   17 100.1.168.192.in-addr.arpa. PTR IONGRAPHX.local.
 
Log: 'Application' Date/Time: 22/02/2016 2:25:07 PM
Type: Error Category: 0
Event: 100 Source: Bonjour Service
mDNSCoreReceiveResponse: Received from 192.168.1.100:5353   19 100.1.168.192.in-addr.arpa. PTR IONGRAPHX-2.local.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 23/02/2016 3:02:22 PM
Type: Warning Category: 0
Event: 27 Source: HP Active Health
Error getting process performance counters
 
Log: 'Application' Date/Time: 23/02/2016 3:02:17 PM
Type: Warning Category: 0
Event: 27 Source: HP Active Health
Error getting process performance counters
 
Log: 'Application' Date/Time: 23/02/2016 3:02:16 PM
Type: Warning Category: 0
Event: 2903 Source: HP Active Health
Unable to get WindowsUpdate information in able time
 
Log: 'Application' Date/Time: 23/02/2016 3:02:11 PM
Type: Warning Category: 0
Event: 0 Source: HP Client Services
The event description cannot be found.
 
Log: 'Application' Date/Time: 23/02/2016 3:02:05 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl EXECUTE Diags.ThermalDiagnostics command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)
 
Log: 'Application' Date/Time: 23/02/2016 3:02:05 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl EXECUTE Diags.ThermalDiagnostics command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)
 
Log: 'Application' Date/Time: 23/02/2016 3:02:05 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl EXECUTE Diags.ThermalDiagnostics command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)
 
Log: 'Application' Date/Time: 23/02/2016 3:02:05 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl EXECUTE Diags.ThermalDiagnostics command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)
 
Log: 'Application' Date/Time: 23/02/2016 3:02:04 PM
Type: Warning Category: 0
Event: 27 Source: HP Active Health
Error getting process performance counters
 
Log: 'Application' Date/Time: 23/02/2016 3:01:22 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl GET EmbeddedController.AuditLog.JSON command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)
 
Log: 'Application' Date/Time: 23/02/2016 3:01:21 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl GET Diags.PostCodeError command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)
 
Log: 'Application' Date/Time: 23/02/2016 3:00:31 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{b9cf6d58-b9ee-11e0-9902-2c27d7386d69}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 23/02/2016 5:00:01 AM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{b9cf6d58-b9ee-11e0-9902-2c27d7386d69}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 22/02/2016 8:14:43 PM
Type: Warning Category: 0
Event: 0 Source: HP Client Services
The event description cannot be found.
 
Log: 'Application' Date/Time: 22/02/2016 8:14:40 PM
Type: Warning Category: 0
Event: 0 Source: HP Client Services
The event description cannot be found.
 
Log: 'Application' Date/Time: 22/02/2016 8:14:38 PM
Type: Warning Category: 0
Event: 12348 Source: VSS
Volume Shadow Copy Service warning: VSS was denied access to the root of volume \\?\Volume{b9cf6d58-b9ee-11e0-9902-2c27d7386d69}\. Denying administrators from accessing volume roots can cause many unexpected failures, and will prevent VSS from functioning properly.  Check security on the volume, and try the operation again. 
 
Operation:
   Removing auto-release shadow copies
   Loading provider
 
Context:
   Execution Context: System Provider
 
Log: 'Application' Date/Time: 22/02/2016 3:18:58 PM
Type: Warning Category: 0
Event: 27 Source: HP Active Health
Error getting process performance counters
 
Log: 'Application' Date/Time: 22/02/2016 3:18:54 PM
Type: Warning Category: 0
Event: 2903 Source: HP Active Health
Unable to get WindowsUpdate information in able time
 
Log: 'Application' Date/Time: 22/02/2016 3:18:52 PM
Type: Warning Category: 0
Event: 0 Source: HP Client Services
The event description cannot be found.
 
Log: 'Application' Date/Time: 22/02/2016 3:18:49 PM
Type: Warning Category: 0
Event: 3 Source: HP Active Health
COM Exception running a Casl EXECUTE Diags.ThermalDiagnostics command = Return value from BIOS indicating invalid data size.: Invalid pointer (Exception from HRESULT: 0x80000005)

  • 0






Similar Topics


Also tagged with one or more of these keywords: Chrome, crashing, malware, Google

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP