Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Google Chrome Freezing/Crashing

Started by BIGROD , Feb 09 2016 07:43 AM
Chrome crashing malware Google

  • Please log in to reply

#16
BIGROD
Posted 23 February 2016 - 10:47 AM

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by Roberts Family (administrator) on IONGRAPHX (23-02-2016 11:44:00)
Running from C:\Users\Roberts Family\Desktop
Loaded Profiles: Roberts Family (Available Profiles: Roberts Family)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Octoshape ApS) C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe
(Spotify Ltd) C:\Users\Roberts Family\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(RockMelt Inc.) C:\Users\Roberts Family\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
() C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nike) C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe
(Dropbox, Inc.) C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Roxio) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXUX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(David Ayton) C:\Program Files (x86)\CDisplay\CDisplay.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [656920 2011-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [NBAgent] => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-11-20] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [377800 2012-11-07] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-01-15] (Eastman Kodak Company)
HKLM-x32\...\Run: [Nike+ Connect] => C:\Program Files (x86)\Nike\Nike+ Connect\Nike+ Connect daemon.exe [71680 2015-02-01] (Nike)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-06-17] (Hewlett-Packard Company)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Octoshape Streaming Services] => C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe [107800 2011-03-24] (Octoshape ApS)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [RockMelt Update] => C:\Users\Roberts Family\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [136336 2011-08-19] (RockMelt Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Spotify Web Helper] => C:\Users\Roberts Family\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-12-17] (Spotify Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [6983768 2013-03-22] (SlySoft, Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [uTorrent] => C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe [2065944 2016-02-11] (BitTorrent Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [CmTray] => C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Dropbox Update] => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-26] (Dropbox, Inc.)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [Spotify] => C:\Users\Roberts Family\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-12-17] (Spotify Ltd)
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Run: [GoogleChromeAutoLaunch_404CB0ED4D5342B49CBD6BAE6FC58785] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [746648 2016-02-17] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [KodakHomeCenter] => C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe [2236792 2013-03-15] (Eastman Kodak Company)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.)
Startup: C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-02-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
Tcpip\..\Interfaces\{BD87AFBD-6DA4-4C77-95F7-A56E0B2AAB7E}: [DhcpNameServer] 208.59.247.45 208.59.247.46 192.168.1.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://g.msn.com/HPDSK/1
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> DefaultScope {4D643B2B-B043-4F6D-B426-1E10B87328F6} URL = 
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {522055EF-C496-444D-9574-B78AE8C3575D} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {9B97950D-482C-1D79-568F-FC7B9D40C785} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z192&form=ZGAIDF&install_date=20110812&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-4190836313-3339163880-859448109-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
BHO-x32: Freemake.YoutubeButton -> {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {36103610-3232-3610-3610-323236103610} hxxps://sharecenter.myngc.com/im7/webdav/otdavview361.cab
 
FireFox:
========
FF ProfilePath: C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default
FF DefaultSearchEngine.US: Google
FF SearchEngineOrder.3: Bing 
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-09] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @hulu.com/Hulu Desktop -> C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll [2010-04-09] (Hulu LLC)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @octoshape.com/Octoshape Streaming Services,version=1.0 -> C:\Users\Roberts Family\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1312180-0-npoctoshape.dll [2013-12-18] (Octoshape ApS)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @talk.google.com/O1DPlugin -> C:\Users\Roberts Family\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: @us-w1.rockmelt.com/RockMelt Update;version=8 -> C:\Users\Roberts Family\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll [2011-08-19] (RockMelt Inc.)
FF Plugin HKU\S-1-5-21-4190836313-3339163880-859448109-1001: revtrax.com/RevTraxPrintMyCoupon -> C:\Users\Roberts Family\AppData\Roaming\RevTrax\RevTraxPrintMyCoupon\1.0.0.0\npRevTraxPrintMyCoupon.dll [2014-10-15] (RevTrax)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll [2009-05-01] (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2011-09-10] (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll [2009-05-12] (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-09-14] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll [2009-05-01] (The OpenSSL Project, http://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Roberts Family\AppData\Roaming\mozilla\plugins\npoctoshape.dll [2014-06-15] (Octoshape ApS)
FF Extension: DivX Web Player - C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\extensions\[email protected] [2011-07-26] [not signed]
FF Extension: Greasemonkey - C:\Users\Roberts Family\AppData\Roaming\Mozilla\Firefox\Profiles\4kqza45f.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781} [2012-08-05] [not signed]
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected] [2014-02-04] [not signed]
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected] [2014-02-04] [not signed]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-10-07] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\[email protected]
 
Chrome: 
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Dropbox for Gmail) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2015-12-17]
CHR Extension: (Empty New Tab Page) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2016-02-10]
CHR Extension: (Avira Browser Safety) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-02-18]
CHR Extension: (AdBlock) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-16]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Roberts Family\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2014-02-04]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2014-02-04]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2011-10-13] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249120 2016-01-05] (Avira Operations GmbH & Co. KG)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-02-04] (Ellora Assets Corp.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-06-17] (Hewlett-Packard Company) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-02-04] (Nalpeiron Ltd.) [File not signed]
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1127448 2011-02-01] (PDF Complete Inc)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RaRegistry.exe [372736 2012-07-04] (Ralink Technology, Corp.) [File not signed]
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe [447488 2012-07-04] (Ralink Technology, Corp.) [File not signed]
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1863680 2012-07-06] (Ralink) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-08] (Realtek Semiconductor)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-01-13] (Enigma Software Group USA, LLC.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [142424 2013-03-18] (SlySoft, Inc.)
S3 AODDriver4.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [55424 2011-06-24] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-14] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-09-18] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-09-18] ()
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2486416 2014-12-31] (MediaTek Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-23 11:33 - 2016-02-23 11:38 - 00017659 _____ C:\VEW.txt
2016-02-23 11:31 - 2016-02-23 11:31 - 00061440 _____ ( ) C:\Users\Roberts Family\Desktop\VEW.exe
2016-02-22 17:26 - 2016-02-22 19:17 - 906681890 _____ C:\Users\Roberts Family\Downloads\Inent.2015.720p.BluRay.x264.YIFY.mp4
2016-02-22 17:24 - 2016-02-22 18:23 - 977272262 _____ C:\Users\Roberts Family\Downloads\Divergent.2014.720p.BluRay.x264.YIFY.mp4
2016-02-22 09:06 - 2016-02-22 09:06 - 00002027 _____ C:\Users\Roberts Family\Desktop\aswMBR.txt
2016-02-22 09:06 - 2016-02-22 09:06 - 00000512 _____ C:\Users\Roberts Family\Desktop\MBR.dat
2016-02-22 08:42 - 2016-02-22 08:42 - 05200384 _____ (AVAST Software) C:\Users\Roberts Family\Downloads\aswmbr.exe
2016-02-22 08:42 - 2016-02-22 08:42 - 01609216 _____ (Malwarebytes) C:\Users\Roberts Family\Desktop\JRT.exe
2016-02-22 08:34 - 2016-02-22 08:34 - 00000000 ____D C:\Users\Roberts Family\Desktop\FRST-OlderVersion
2016-02-21 10:21 - 2016-02-21 10:21 - 00061325 _____ C:\Users\Roberts Family\Downloads\Signed 2016 Notice of Rules - Booth Sales -Nation's Cap.pdf
2016-02-18 14:11 - 2016-02-18 14:11 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-02-18 00:02 - 2016-02-18 00:02 - 53081757 _____ C:\Users\Roberts Family\Downloads\Snowfall 001 (2016) (Digital) (Zone-Empire).cbr
2016-02-17 23:59 - 2016-02-17 23:59 - 51066291 _____ C:\Users\Roberts Family\Downloads\Huck 004 (2016) (Digital) (Zone-Empire).cbr
2016-02-16 09:22 - 2016-02-23 10:01 - 00003240 _____ C:\Windows\System32\Tasks\HPCeeScheduleForRoberts Family
2016-02-16 09:22 - 2016-02-23 10:01 - 00000368 _____ C:\Windows\Tasks\HPCeeScheduleForRoberts Family.job
2016-02-15 15:00 - 2016-02-15 15:00 - 00171128 _____ C:\Users\Roberts Family\Downloads\primetime.zip
2016-02-15 14:10 - 2016-02-15 14:10 - 00471401 _____ C:\Users\Roberts Family\Downloads\all-silhouettes-825.zip
2016-02-13 23:06 - 2016-02-13 23:06 - 00001188 _____ C:\Users\Roberts Family\Downloads\vector-clip-art-heart-clip-art.zip
2016-02-12 17:18 - 2016-02-12 17:26 - 1506490897 ____R C:\Users\Roberts Family\Downloads\Wreck.it.Ralph.2012.1080p.BrRip.x264.BOKUTOX.YIFY.mp4
2016-02-12 10:28 - 2016-02-12 10:28 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\{90140011-0066-0409-0000-0000000FF1CE}
2016-02-12 10:28 - 2016-02-12 10:28 - 00000000 ____D C:\ProgramData\Virtualized Applications
2016-02-11 11:46 - 2016-02-11 13:03 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\PMB Files
2016-02-10 20:44 - 2016-02-22 08:46 - 00019692 _____ C:\Users\Roberts Family\Desktop\Fixlog.txt
2016-02-10 14:34 - 2016-02-10 14:35 - 45692424 _____ C:\Users\Roberts Family\Downloads\Batman v2 049 (2016) (Webrip) (The Last Kryptonian-DCP).cbr
2016-02-09 14:56 - 2016-02-09 14:56 - 18347328 _____ C:\Users\Roberts Family\Downloads\IMG_1947.MOV.mov
2016-02-09 08:28 - 2016-02-23 11:33 - 00000914 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-09 08:28 - 2016-02-23 08:33 - 00000910 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-09 08:28 - 2016-02-19 19:35 - 00002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-09 08:28 - 2016-02-19 19:35 - 00002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-09 08:28 - 2016-02-09 08:28 - 00003910 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-09 08:28 - 2016-02-09 08:28 - 00003658 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-08 10:50 - 2016-02-08 10:50 - 00001068 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-02-08 10:50 - 2016-02-08 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-02-08 10:49 - 2016-02-08 10:49 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2016-02-08 10:38 - 2016-02-08 10:38 - 00347816 _____ (Microsoft Corporation) C:\Users\Roberts Family\Downloads\MicrosoftFixit.WinMediaPlayer.RNP.Run.exe
2016-02-05 19:18 - 2016-02-05 19:31 - 365433572 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E07.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:31 - 365348576 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E09.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:31 - 365137178 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E06.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:31 - 364692524 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E04.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:30 - 365403626 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E05.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:18 - 2016-02-05 19:30 - 365361612 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E08.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:17 - 2016-02-05 19:32 - 365439056 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E03.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:17 - 2016-02-05 19:32 - 365406764 ____R C:\Users\Roberts Family\Downloads\The.Flash.2014.S02E02.HDTV.XviD-FUM[ettv].avi
2016-02-05 19:17 - 2016-02-05 19:31 - 269859594 ____R C:\Users\Roberts Family\Downloads\the.flash.2014.201.hdtv-lol[ettv].mp4
2016-02-04 20:08 - 2016-02-04 22:41 - 927814042 _____ C:\Users\Roberts Family\Downloads\BONTONMK15.mkv
2016-02-02 15:44 - 2016-02-02 15:44 - 00127885 _____ C:\Users\Roberts Family\Desktop\2015 Real Estate Tax Receipt.pdf
2016-01-29 12:26 - 2016-02-08 12:33 - 00000000 ____D C:\Users\Roberts Family\Downloads\VIBE and MAGNUM EVENTS
2016-01-28 13:26 - 2016-01-28 13:26 - 00208778 _____ C:\Users\Roberts Family\Downloads\RCN Statement 3901-0410807-02.2016-01-14.8937 (1).pdf
2016-01-28 13:23 - 2016-01-28 13:23 - 00208778 _____ C:\Users\Roberts Family\Downloads\RCN Statement 3901-0410807-02.2016-01-14.8937.pdf
2016-01-28 10:06 - 2016-01-28 10:06 - 00104184 _____ C:\Users\Roberts Family\Downloads\Annual Statement 2015.pdf
2016-01-28 10:04 - 2016-01-28 10:04 - 00012297 _____ C:\Users\Roberts Family\Downloads\2015 Year End Tax Package_01_22_2016.pdf
2016-01-27 11:46 - 2016-01-27 11:46 - 36837842 _____ C:\Users\Roberts Family\Downloads\Jupiter's Circle Vol. 2 03 (of 06) (2016) (digital) (Minutemen-Spaztastic).cbr
2016-01-27 11:46 - 2016-01-27 11:46 - 27506000 _____ C:\Users\Roberts Family\Downloads\Saga 033 (2016) (digital) (Minutemen-Spaztastic).cbr
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-02-23 11:44 - 2015-09-15 19:47 - 00035911 _____ C:\Users\Roberts Family\Desktop\FRST.txt
2016-02-23 11:44 - 2015-09-15 19:46 - 00000000 ____D C:\FRST
2016-02-23 11:41 - 2015-08-26 07:36 - 00000954 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job
2016-02-23 11:31 - 2012-04-22 17:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-23 11:12 - 2011-04-02 00:38 - 00000000 ____D C:\ProgramData\PDFC
2016-02-23 08:40 - 2015-08-26 07:35 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job
2016-02-23 02:00 - 2011-08-14 19:26 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\Adobe
2016-02-23 00:13 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-23 00:13 - 2009-07-13 23:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-22 19:16 - 2012-11-15 10:55 - 00000000 ____D C:\ProgramData\Kodak
2016-02-22 11:25 - 2012-11-15 23:18 - 00000000 ____D C:\Users\Roberts Family\Desktop\KODAK scans
2016-02-22 10:14 - 2012-10-08 17:03 - 00000000 ___RD C:\Users\Roberts Family\Dropbox
2016-02-22 10:14 - 2012-10-08 16:59 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Dropbox
2016-02-22 10:14 - 2012-08-07 20:28 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Skype
2016-02-22 10:14 - 2011-08-17 10:44 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\Spotify
2016-02-22 10:13 - 2011-07-28 08:18 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\uTorrent
2016-02-22 10:11 - 2011-08-17 10:44 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Spotify
2016-02-22 10:09 - 2013-06-23 12:48 - 00000040 ___SH C:\ProgramData\.zreglib
2016-02-22 10:08 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-22 08:51 - 2009-07-13 23:45 - 11127544 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-22 08:47 - 2011-07-29 20:08 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\SoftGrid Client
2016-02-22 08:34 - 2015-09-15 19:45 - 02371072 _____ (Farbar) C:\Users\Roberts Family\Desktop\FRST64.exe
2016-02-21 21:33 - 2012-11-17 20:29 - 00003220 _____ C:\Windows\System32\Tasks\HPCeeScheduleForIONGRAPHX$
2016-02-21 21:33 - 2012-11-17 20:29 - 00000344 _____ C:\Windows\Tasks\HPCeeScheduleForIONGRAPHX$.job
2016-02-18 02:44 - 2013-01-12 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-18 02:43 - 2013-03-28 21:41 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-02-15 19:11 - 2011-07-24 11:12 - 00355024 _____ C:\Users\Roberts Family\AppData\Local\GDIPFONTCACHEV1.DAT
2016-02-15 14:26 - 2013-10-07 09:01 - 00002319 _____ C:\Users\Roberts Family\Downloads\Heart_clip_art.svg
2016-02-12 12:20 - 2014-07-21 15:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-12 10:28 - 2011-07-29 20:08 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\SoftGrid Client
2016-02-11 12:57 - 2015-12-27 17:15 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-11 12:57 - 2015-12-15 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-02-11 12:57 - 2015-07-29 17:52 - 00000000 ____D C:\Program Files\McAfee Security Scan
2016-02-11 12:57 - 2014-03-23 18:54 - 00000000 ____D C:\ProgramData\Oracle
2016-02-11 12:57 - 2014-03-22 15:45 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2016-02-11 12:57 - 2014-03-22 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-11 12:57 - 2012-11-25 15:31 - 00000000 ____D C:\ProgramData\PMB Files
2016-02-11 12:57 - 2012-11-25 15:30 - 00000000 ____D C:\Program Files (x86)\Pando Networks
2016-02-11 12:57 - 2012-06-27 08:35 - 00000000 ____D C:\Program Files (x86)\Oracle
2016-02-11 12:57 - 2011-08-19 11:02 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RockMelt
2016-02-11 12:57 - 2011-08-19 11:00 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\RockMelt
2016-02-11 12:57 - 2011-08-15 19:25 - 00000000 ____D C:\Program Files (x86)\Java
2016-02-11 12:57 - 2011-04-02 00:30 - 00000000 ____D C:\ProgramData\Symantec
2016-02-11 12:57 - 2011-04-02 00:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Online Backup
2016-02-11 12:57 - 2011-04-02 00:30 - 00000000 ____D C:\Program Files (x86)\Symantec
2016-02-11 12:57 - 2011-04-02 00:28 - 00000000 ____D C:\ProgramData\RoxioNow
2016-02-11 12:57 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\registration
2016-02-11 12:32 - 2014-08-12 15:53 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-11 11:44 - 2011-07-24 11:07 - 00000000 ____D C:\Users\Roberts Family
2016-02-10 13:31 - 2012-04-22 17:07 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 13:31 - 2012-04-22 17:07 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 13:31 - 2011-07-26 09:32 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-10 10:18 - 2012-05-20 11:41 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\vlc
2016-02-09 10:51 - 2015-09-15 19:49 - 00079527 _____ C:\Users\Roberts Family\Desktop\Addition.txt
2016-02-09 08:28 - 2011-07-26 11:20 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-09 08:25 - 2015-08-06 16:50 - 00000000 __SHD C:\Users\Roberts Family\AppData\LocalLow\EmieBrowserModeList
2016-02-09 08:25 - 2015-08-06 16:50 - 00000000 __SHD C:\Users\Roberts Family\AppData\Local\EmieBrowserModeList
2016-02-09 08:25 - 2014-06-16 13:59 - 00000000 __SHD C:\Users\Roberts Family\AppData\LocalLow\EmieUserList
2016-02-09 08:25 - 2014-06-16 13:59 - 00000000 __SHD C:\Users\Roberts Family\AppData\LocalLow\EmieSiteList
2016-02-09 08:25 - 2014-06-16 13:59 - 00000000 __SHD C:\Users\Roberts Family\AppData\Local\EmieUserList
2016-02-09 08:25 - 2014-06-16 13:59 - 00000000 __SHD C:\Users\Roberts Family\AppData\Local\EmieSiteList
2016-02-09 07:41 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2016-02-08 14:11 - 2011-07-25 14:51 - 00000000 ____D C:\Windows\Minidump
2016-02-08 14:11 - 2011-07-24 13:35 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\CrashDumps
2016-02-08 10:42 - 2011-07-24 12:32 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\ElevatedDiagnostics
2016-01-29 13:16 - 2011-08-08 10:37 - 00000000 ____D C:\Users\Roberts Family\AppData\Roaming\DC++
2016-01-29 13:16 - 2011-08-08 10:37 - 00000000 ____D C:\Users\Roberts Family\AppData\Local\DC++
 
==================== Files in the root of some directories =======
 
2012-05-23 22:28 - 2012-05-23 22:32 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe GIF Format CS5 Prefs
2013-03-02 08:40 - 2013-03-02 08:41 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe GIF Format CS6 Prefs
2013-12-19 13:22 - 2013-12-19 13:22 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2011-08-31 10:36 - 2012-09-16 23:21 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-10-22 15:08 - 2015-04-23 16:44 - 0000132 _____ () C:\Users\Roberts Family\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-12-18 15:04 - 2012-12-21 20:11 - 0000580 _____ () C:\Users\Roberts Family\AppData\Local\cookies.ini
2012-11-15 22:55 - 2013-10-17 21:39 - 0029876 _____ () C:\Users\Roberts Family\AppData\Local\installer.log
2013-06-23 12:48 - 2016-02-22 10:09 - 0000040 ___SH () C:\ProgramData\.zreglib
 
Some files in TEMP:
====================
C:\Users\Roberts Family\AppData\Local\Temp\avgnt.exe
 
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-02-18 05:34
 
==================== End of FRST.txt ============================

  • 0

Advertisements

#17
BIGROD
Posted 23 February 2016 - 10:48 AM

BIGROD

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
Ran by Roberts Family (2016-02-23 11:45:15)
Running from C:\Users\Roberts Family\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-07-24 16:06:53)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4190836313-3339163880-859448109-500 - Administrator - Disabled)
Guest (S-1-5-21-4190836313-3339163880-859448109-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4190836313-3339163880-859448109-1002 - Limited - Enabled)
Roberts Family (S-1-5-21-4190836313-3339163880-859448109-1001 - Administrator - Enabled) => C:\Users\Roberts Family
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.3.0.3670 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
AMD Catalyst Install Manager (HKLM\...\{6F483F38-6162-7606-1D0B-054852C8E011}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.1.7.0 - SlySoft)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.141 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{ccdc9cfe-8ba7-4c6c-ac5f-b2d6cfa49efc}) (Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.54.24924 - Avira Operations GmbH & Co. KG) Hidden
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
C4USelfUpdater (x32 Version: 1.00.0000 - Your Company Name) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
center (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Content Manager (HKLM-x32\...\{B64BC516-2406-43AE-A21A-1E387A2343B1}) (Version: 2.70 - Magellan)
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC++ 0.782 (HKLM-x32\...\DC++) (Version: 0.782 - Jacek Sieka)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Dropbox (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.)
essentials (x32 Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
FileZilla Client 3.5.1 (HKLM-x32\...\FileZilla Client) (Version: 3.5.1 - FileZilla Project)
FormatFactory 2.95 (HKLM-x32\...\FormatFactory) (Version: 2.95 - Free Time)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google SketchUp 8 (HKLM-x32\...\{3544DED1-07DB-40C0-98F3-435A6DA195C7}) (Version: 3.0.14346 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Hawken (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Hawken) (Version:  - Meteor Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0 - Nero AG) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent)
HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard)
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BB760C1D-98F4-4E38-8CC4-3B67329AA981}) (Version: 1.0.6.0 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard)
Hulu Desktop (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\HuluDesktop) (Version: 0.9.13 - Hulu LLC)
HydraVision (x32 Version: 4.2.218.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 1.6 - Kobo Inc.)
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company)
Kodak AiO Software Patch (HKLM-x32\...\{A2879F30-135D-4744-97C0-9D5FCD3E8D34}) (Version: 7.6.12.20 - Eastman Kodak Company)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden
Learning Lodge Navigator (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LightScribe System Software (HKLM-x32\...\{82EF29B1-9B60-4142-A155-0599216DD053}) (Version: 1.18.6.1 - LightScribe)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPublisher (HKLM-x32\...\MyPublisher) (Version:  - MyPublisher, Inc.)
Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.11600.19.100 - Nero AG)
Nero Burning ROM 10 (HKLM-x32\...\{7A5D731D-B4B3-490E-B339-75685712BAAB}) (Version: 10.0.11100.10.100 - Nero AG)
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11000.12.100 - Nero AG)
Nero CoverDesigner 10 (HKLM-x32\...\{FCF00A6E-FB58-477A-ABE9-232907105521}) (Version: 5.0.10900.11.100 - Nero AG)
Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.0.10800.7.100 - Nero AG)
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.11000.10.100 - Nero AG)
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.10800.8.100 - Nero AG)
Nero MediaHub 10 (HKLM-x32\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.13400.11.100 - Nero AG)
Nero Multimedia Suite 10 (HKLM-x32\...\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}) (Version: 10.0.13100 - Nero AG)
Nero Recode 10 (HKLM-x32\...\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}) (Version: 4.6.10900.4.100 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.10900.9.100 - Nero AG)
Nero SoundTrax 10 (HKLM-x32\...\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}) (Version: 4.6.10600.2.100 - Nero AG)
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.11200.12.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0017 - Nero AG)
Nero Vision 10 (HKLM-x32\...\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}) (Version: 7.0.11100.8.100 - Nero AG)
Nero WaveEditor 10 (HKLM-x32\...\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}) (Version: 5.6.10600.2.100 - Nero AG)
Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.6.32 - Nike)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
Octoshape Streaming Services (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Octoshape Streaming Services) (Version:  - Octoshape ApS)
P@H-Protocol (HKLM-x32\...\{CF594DB8-CFB0-45B4-86DA-8BB4AC0941F8}) (Version: 3.0.7.0 - Valassis)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.35 - PDF Complete, Inc)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Perfect Resize 7.0.1 Professional Edition (HKLM-x32\...\{FCADA4FF-142C-42A8-B73C-0A54A7F83345}) (Version: 7.0.1 - onOne Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Ralink 802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.53.0 - Mediatek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RockMelt (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\RockMelt) (Version: 0.16.91.483 - RockMelt, Inc.)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Shutterfly Express Uploader (HKLM-x32\...\com.Shutterfly.ExpressUploader) (Version: 1.0.0.4 - Shutterfly, Inc.)
Shutterfly Express Uploader (x32 Version: 1.0.0 - Shutterfly, Inc.) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKLM-x32\...\Spotify) (Version: 0.5.2 - )
Spotify (HKU\S-1-5-21-4190836313-3339163880-859448109-1001\...\Spotify) (Version: 0.8.3.222.g317ab79d - Spotify AB)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 1.6.1 - Tweaking.com)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Center Add-in for Flash (HKLM-x32\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.3184 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.3184 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Roberts Family\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4190836313-3339163880-859448109-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\DropboxExt64.33.dll (Dropbox, Inc.)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {080AD066-1532-4BC6-B584-32A3DF72750D} - System32\Tasks\HPCeeScheduleForIONGRAPHX$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {0FAC4C45-7793-42C2-81CE-71830EBFDE29} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {0FE88D3A-9B16-4A7E-A213-D5AB7BF063D9} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2010-12-21] (CyberLink)
Task: {28E37816-19FE-4064-8FB5-A30CB502430D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {2972E87A-4577-4122-9B51-1CE61D151706} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {5FD37514-4B10-4F76-A40A-F7F6156F59B3} - System32\Tasks\HPCeeScheduleForRoberts Family => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {674506B8-98AE-4A2C-B6CF-8A28070F35FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {8998E8B3-DB39-4213-B7BB-53A7E96C130B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {902FF9A5-503B-4C1C-BCD2-08F4871A726F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {9F3BEA8B-E7A8-436A-9409-7535BB273C84} - System32\Tasks\AdobeAAMUpdater-1.0-IONGRAPHX-Roberts Family => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {A1B1E3CE-05BB-4951-9D58-4D5E9D0B41F7} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-01-13] (Enigma Software Group USA, LLC.)
Task: {A7319C59-6135-493A-9CAB-21266F8313E8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-26] (Dropbox, Inc.)
Task: {CC295274-F2DD-4DF9-BEF6-514C9B924E66} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-26] (Dropbox, Inc.)
Task: {D3533798-4BE1-489A-ADBA-AA293195D945} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {DD79761E-359B-4CE2-ACC3-1882A5B738A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-09] (Google Inc.)
Task: {EB679145-4CD4-4765-8D85-82C5A9AE83FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {F3E541B1-51BE-41E3-971E-F270B3A6BE02} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-09] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001Core.job => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4190836313-3339163880-859448109-1001UA.job => C:\Users\Roberts Family\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForIONGRAPHX$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\HPCeeScheduleForRoberts Family.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-01-02 09:42 - 2010-01-02 09:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-08-12 13:32 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2011-10-13 14:44 - 2011-10-13 14:44 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2010-02-03 08:36 - 2010-02-03 08:36 - 00087488 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe
2012-11-07 22:10 - 2012-11-07 21:26 - 00377800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2011-10-13 14:44 - 2011-10-13 14:44 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-10-13 15:01 - 2011-10-13 15:01 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-02 13:03 - 2011-11-02 13:03 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-06-17 10:40 - 2009-06-17 10:40 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2009-06-17 10:40 - 2009-06-17 10:40 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2009-06-17 10:40 - 2009-06-17 10:40 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2012-02-09 21:46 - 2010-06-23 20:16 - 02150400 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtCore4.dll
2012-02-09 21:46 - 2010-07-13 08:07 - 07826432 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtGui4.dll
2012-02-09 21:46 - 2010-06-01 21:29 - 00934912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtNetwork4.dll
2012-02-09 21:46 - 2010-06-01 21:28 - 00335360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXml4.dll
2012-11-07 22:10 - 2012-08-06 04:54 - 09843640 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtWebKit4.dll
2012-02-09 21:46 - 2010-06-01 21:56 - 00232960 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\phonon4.dll
2012-02-09 21:46 - 2010-06-01 21:54 - 02530816 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtXmlPatterns4.dll
2012-02-09 21:46 - 2010-07-05 04:19 - 00116736 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2012-02-09 21:46 - 2010-11-11 04:24 - 00028160 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\DACommCenter.dll
2012-02-09 21:46 - 2010-06-02 00:05 - 00119808 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\imageformats\qjpeg4.dll
2015-12-12 10:44 - 2016-01-12 13:44 - 00034768 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-18 14:10 - 2016-01-12 13:45 - 00019408 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-12 10:44 - 2016-01-12 13:44 - 00116688 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-12 10:44 - 2016-01-12 13:44 - 00093640 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 10:44 - 2016-01-12 13:44 - 00018376 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00019760 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 10:44 - 2016-01-12 13:46 - 00105928 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-12 10:44 - 2016-01-12 13:44 - 00392144 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2015-12-12 10:44 - 2016-02-16 13:39 - 00381752 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 10:44 - 2016-01-12 13:44 - 00692688 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-18 14:10 - 2016-02-16 13:38 - 00020816 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-12 10:44 - 2016-01-12 13:45 - 00112592 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-18 14:10 - 2016-02-16 13:38 - 01682760 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-18 14:10 - 2016-02-16 13:38 - 00020808 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00021840 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-18 14:10 - 2016-02-16 13:39 - 00038696 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-12 10:44 - 2016-01-12 13:46 - 00020936 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 10:44 - 2016-01-12 13:46 - 00024528 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 10:44 - 2016-01-12 13:47 - 00114640 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 10:44 - 2016-01-12 13:46 - 00124880 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-18 14:11 - 2016-02-16 13:39 - 00021832 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2015-12-12 10:44 - 2016-01-12 13:46 - 00024016 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 10:44 - 2016-01-12 13:46 - 00175560 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 10:44 - 2016-01-12 13:47 - 00030160 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 10:44 - 2016-01-12 13:47 - 00043472 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 10:44 - 2016-01-12 13:47 - 00028616 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32ts.pyd
2015-12-12 10:44 - 2016-01-12 13:47 - 00048592 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-18 14:10 - 2016-02-16 13:39 - 00026456 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 10:44 - 2016-01-12 13:46 - 00057808 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 10:44 - 2016-01-12 13:47 - 00024016 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-18 14:10 - 2016-02-16 13:38 - 00117056 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00024392 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-18 14:10 - 2016-01-12 13:47 - 00036296 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\librsync.dll
2015-12-12 10:44 - 2016-02-16 13:39 - 00023376 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-12 10:44 - 2016-01-12 13:44 - 00134608 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2015-12-12 10:44 - 2016-01-12 13:44 - 00134088 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-18 14:10 - 2016-01-12 13:45 - 00240584 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00052024 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-18 14:11 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-18 14:11 - 2016-02-16 13:39 - 00021824 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-18 14:11 - 2016-02-16 13:39 - 00019776 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-18 14:11 - 2016-02-16 13:39 - 00020800 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-18 14:10 - 2016-02-16 13:38 - 00020280 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-12 10:44 - 2016-01-12 13:47 - 00350152 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-18 14:11 - 2016-02-16 13:39 - 00022352 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-18 14:10 - 2016-02-16 13:39 - 00084792 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-12 10:44 - 2016-02-16 13:39 - 01826096 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 10:44 - 2016-01-12 13:45 - 00083912 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 03928880 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 01971504 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00531248 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00132912 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00223544 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00207672 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-18 14:10 - 2016-02-16 13:39 - 00158008 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-18 14:10 - 2016-02-16 13:39 - 00042808 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-18 14:10 - 2016-01-12 13:49 - 00017864 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-18 14:10 - 2016-01-12 13:49 - 01631184 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-12-12 10:44 - 2016-02-16 13:39 - 00024904 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00546096 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-12 10:44 - 2016-02-16 13:39 - 00357680 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-08-26 07:40 - 2016-01-12 13:52 - 00697304 _____ () C:\Users\Roberts Family\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2011-08-28 16:19 - 2011-08-28 16:19 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2016-02-19 19:35 - 2016-02-17 23:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 19:35 - 2016-02-17 23:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2001-06-12 07:00 - 2001-06-12 07:00 - 00117760 _____ () C:\Program Files (x86)\CDisplay\UNZDLL.DLL
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\Roberts Family\Downloads\Force Awakens (Star Wars), The - Alan Dean Foster.epub:com.dropbox.attributes
AlternateDataStreams: C:\Users\Roberts Family\Downloads\Greg Rucka - Star Wars; The Force Awakens - Before the Awakening [Delshady Digital].epub:com.dropbox.attributes
AlternateDataStreams: C:\Users\Roberts Family\Downloads\Journey to Star Wars_ The Force Awakens Lost Stars - Claudia Gray & Phil Noto.epub:com.dropbox.attributes
AlternateDataStreams: C:\Users\Roberts Family\Downloads\Star Wars Journey to the Force Awakens - The Perfect Weapon.epub:com.dropbox.attributes
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2016-02-22 08:45 - 00000035 ____N C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4190836313-3339163880-859448109-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roberts Family\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 208.59.247.45 - 208.59.247.46
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{83042AF0-5A5E-4CC3-B9FB-B5198A7E4DB8}] => (Allow) LPort=9322
FirewallRules: [{2782CFDE-CF11-4D6C-904E-7814F24F4753}] => (Allow) LPort=5353
FirewallRules: [TCP Query User{23D5A6B2-AF24-49B8-B930-94EEA0D7CC8C}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [UDP Query User{369CBD84-5416-4292-A2E5-F9A0B5F32C5B}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [TCP Query User{5B795AA6-6680-433F-BB6A-8CACD6B5189B}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [UDP Query User{6EBFCC0E-599D-40F9-A978-BB5977239ADF}C:\program files (x86)\dc++\dcplusplus.exe] => (Allow) C:\program files (x86)\dc++\dcplusplus.exe
FirewallRules: [{2D2085EC-541E-4E41-91F1-0792C0F67C0B}] => (Allow) C:\Users\Roberts Family\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{8697E4C8-C6AD-4A90-8D5B-E90FD646A2D3}] => (Allow) C:\Users\Roberts Family\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [TCP Query User{86A65A69-2AA0-4C31-B82F-6F3D1D5CA217}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EFF13437-5EBB-406F-990D-9BC956DB8694}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0BE3D82C-D0FF-4D34-AE76-8C4CA54F36A0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{139FED09-7609-476D-AF95-16148EA4CFBB}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{AC5723B3-B969-4F1B-ACD5-72292C73AFB3}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [{33FC73BB-D5F0-456F-9514-4053F2ED49FB}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{128A2D79-6662-4369-8CF8-7A7BB143BC7F}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{47A69025-E1D3-444B-96F9-77A27B14A6EF}] => (Allow) LPort=5353
FirewallRules: [{960F7A65-D619-47CF-946A-2EF400DAA473}] => (Allow) LPort=9322
FirewallRules: [{5B4023D7-8E86-47C6-9AB0-70C12C9CFF75}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{0E3E83D1-8874-4A1C-96E9-1344B26B0DCF}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{4408FA2D-8C95-46DA-B0B0-77F993C76227}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{A0277DB0-1EF8-4668-9BC7-9A9A03EDB635}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{A4A8C19B-DBD4-4ABA-A2F8-E7884146F71C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{DA9CA7E7-5B4D-49C0-8C93-3573AF6315E3}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{64053710-C725-4204-8A60-B86934C9FA58}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{ADF0AB6D-A59A-41F1-97C7-82DD230F1F9F}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{58A89EFA-5A99-47B8-AC2B-C33E45E0C202}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{8E55F0BD-E9FF-424C-A37D-9DC02D11FADA}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [TCP Query User{BC7AE3A4-6545-4F5B-AEB9-123BC89404B9}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [UDP Query User{A7D80A96-C334-40F5-8C85-0B7E4AC688A8}C:\program files (x86)\pando networks\media booster\pmb.exe] => (Block) C:\program files (x86)\pando networks\media booster\pmb.exe
FirewallRules: [TCP Query User{A4B5F6A5-1864-41AC-823E-D7EC670D75CF}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{08AEA3B2-FF02-4C5B-9900-E78BC068E7B5}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E1CEE0E8-83D9-4E42-BB4B-B4C2135423E5}C:\users\roberts family\downloads\pct\popcorn-time.exe] => (Allow) C:\users\roberts family\downloads\pct\popcorn-time.exe
FirewallRules: [UDP Query User{C11855E1-F790-4C58-AFF8-FB1CBAC7C687}C:\users\roberts family\downloads\pct\popcorn-time.exe] => (Allow) C:\users\roberts family\downloads\pct\popcorn-time.exe
FirewallRules: [{7183E2C6-04EC-48F1-AD52-1D44FE51F9DB}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2A5F1AD5-7543-44CD-900B-D9094B381ACA}] => (Allow) C:\Users\Roberts Family\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0B134501-0508-46CE-834F-4AE89E53FBB8}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
FirewallRules: [{F35C6DB5-45CD-40E4-8A24-3B7C8E599CF4}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
FirewallRules: [{82FD62D0-F2A4-470A-964F-2557A49B6AC5}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [{0D18EB4F-EBF2-4E9B-A399-F83A51011021}] => (Allow) C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe
FirewallRules: [TCP Query User{0415A473-1E75-4683-93C9-114FC4A5B343}C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{2792CDF3-A264-4A79-BA23-14367D869D07}C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\roberts family\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{F2D06F68-3E70-4334-858D-902A25A585BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0FC7D48E-7FEC-43C0-AF8E-D8D320C3C205}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{96033908-FE7A-4E6C-9D9C-898697ECCE64}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BC8A0CE6-5864-4442-A035-B81A360CFDA4}C:\users\roberts family\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\roberts family\appdata\roaming\spotify\spotify.exe
FirewallRules: [{AA496015-9666-40D2-A1DE-B27650801C23}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E649FE0D-9FB2-44C8-B363-842BD7A16679}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{68C4A8D4-A94B-4F3C-9EE4-6E960280CABE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C64055BF-37ED-452D-95F3-3645CEF7A64F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4DE50F88-A372-4864-A982-6B352B3D4748}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{CC7C963E-79E6-452D-9FCF-083E7C444171}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FE599367-3E19-4D20-A130-0C2D6677D463}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{65584391-FC3F-443F-90F7-C20A68100823}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{18577929-7015-4F66-BCD2-0289B2486B55}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{D19BF8C7-4FC0-40B3-88F2-930575DFBBE8}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{9B117375-A3C6-413C-B3FE-14693BC292AA}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{D504A0BA-DC74-40CC-B9F1-C6E3DB148414}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{55ACAC2D-4EFB-47BA-84AD-6C6742415423}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Restore Points =========================
 
18-02-2016 05:41:30 Scheduled Checkpoint
22-02-2016 09:07:27 JRT Pre-Junkware Removal
22-02-2016 09:31:12 JRT Pre-Junkware Removal
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/23/2016 10:02:25 AM) (Source: HP Active Health) (EventID: 91) (User: )
Description: Unhandled Exception. Application will terminate immediately.
Sent from: Name:ActiveHealth.exe
There are no context policies.
 
Is terminating: True
Exception object: System.Text.EncoderFallbackException: Unable to translate Unicode character \uDBB4 at index 92 to specified code page.
   at System.Text.EncoderExceptionFallbackBuffer.Fallback(Char charUnknown, Int32 index)
   at System.Text.EncoderFallbackBuffer.InternalFallback(Char ch, Char*& chars)
   at System.Text.UTF8Encoding.GetBytes(Char* chars, Int32 charCount, Byte* bytes, Int32 byteCount, EncoderNLS baseEncoder)
   at System.Text.EncoderNLS.GetBytes(Char[] chars, Int32 charIndex, Int32 charCount, Byte[] bytes, Int32 byteIndex, Boolean flush)
   at System.IO.StreamWriter.Flush(Boolean flushStream, Boolean flushEncoder)
   at System.IO.StreamWriter.Write(String value)
   at System.IO.File.InternalWriteAllText(String path, String contents, Encoding encoding, Boolean checkHost)
   at HP.ActiveHealth.API.DataGeneration.AgentRunner.DataClassCollector.<>c__DisplayClass16.<SerializeListToFile>b__15()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (02/23/2016 10:02:19 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/23/2016 10:02:11 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/23/2016 10:02:09 AM) (Source: HP Active Health) (EventID: 2800) (User: )
Description: Agent SystemState threw an exception: System.InvalidOperationException: Cannot load Counter Name data because an invalid index '' was read from the registry.
   at System.Diagnostics.PerformanceCounterLib.GetStringTable(Boolean isHelp)
   at System.Diagnostics.PerformanceCounterLib.get_NameTable()
   at System.Diagnostics.PerformanceCounterLib.get_CategoryTable()
   at System.Diagnostics.PerformanceCounterLib.CounterExists(String category, String counter, Boolean& categoryExists)
   at System.Diagnostics.PerformanceCounterLib.CounterExists(String machine, String category, String counter)
   at System.Diagnostics.PerformanceCounter.InitializeImpl()
   at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName, Boolean readOnly)
   at System.Diagnostics.PerformanceCounter..ctor(String categoryName, String counterName, String instanceName)
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CpuUsage()
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.FetchValues()
   at HP.ActiveHealth.Agents.SystemState.SystemStateAgent.CollectNewDataClasses(FileInfo agentStateFile, IDataClassCollector dataClassColector)
   at HP.ActiveHealth.API.DataGeneration.AgentRunner.QueryAgentDelegate(Object agentObj)
 
Error: (02/23/2016 10:02:03 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/23/2016 09:41:53 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 48.0.2564.116 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 330
 
Start Time: 01d16d96b03a74c2
 
Termination Time: 60
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 8e134c6a-da3b-11e5-bb9f-2c27d7386d69
 
Error: (02/22/2016 12:29:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 48.0.2564.116 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 15a8
 
Start Time: 01d16d9244db53c0
 
Termination Time: 15
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 9e717903-d989-11e5-bb9f-2c27d7386d69
 
Error: (02/22/2016 10:19:01 AM) (Source: HP Active Health) (EventID: 91) (User: )
Description: Unhandled Exception. Application will terminate immediately.
Sent from: Name:ActiveHealth.exe
There are no context policies.
 
Is terminating: True
Exception object: System.Text.EncoderFallbackException: Unable to translate Unicode character \uDBB4 at index 203 to specified code page.
   at System.Text.EncoderExceptionFallbackBuffer.Fallback(Char charUnknown, Int32 index)
   at System.Text.EncoderFallbackBuffer.InternalFallback(Char ch, Char*& chars)
   at System.Text.UTF8Encoding.GetBytes(Char* chars, Int32 charCount, Byte* bytes, Int32 byteCount, EncoderNLS baseEncoder)
   at System.Text.EncoderNLS.GetBytes(Char[] chars, Int32 charIndex, Int32 charCount, Byte[] bytes, Int32 byteIndex, Boolean flush)
   at System.IO.StreamWriter.Flush(Boolean flushStream, Boolean flushEncoder)
   at System.IO.StreamWriter.Write(String value)
   at System.IO.File.InternalWriteAllText(String path, String contents, Encoding encoding, Boolean checkHost)
   at HP.ActiveHealth.API.DataGeneration.AgentRunner.DataClassCollector.<>c__DisplayClass16.<SerializeListToFile>b__15()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
   at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
   at System.Threading.ThreadHelper.ThreadStart()
 
Error: (02/22/2016 10:18:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
Error: (02/22/2016 10:18:50 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3002) (User: NT AUTHORITY)
Description: The performance counter explain text string value in the registry is not formatted correctly. The malformed string is . The first DWORD in the Data section contains the index value to the malformed string while the second and third DWORDs in the Data section contain the last valid index values.
 
 
System errors:
=============
Error: (02/23/2016 10:02:22 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/23/2016 10:02:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/23/2016 10:02:06 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/22/2016 10:19:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/22/2016 10:18:53 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/22/2016 10:18:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error: 
%%-2147467259
 
Error: (02/22/2016 10:13:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error: 
%%1053
 
Error: (02/22/2016 10:13:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect.
 
Error: (02/22/2016 10:11:06 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
 
Error: (02/22/2016 10:10:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: 
%%1053
 
 
CodeIntegrity:
===================================
  Date: 2011-07-26 10:54:02.180
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 15:19:56.811
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 14:46:11.599
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 13:41:13.199
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 13:25:39.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 13:08:11.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 12:48:12.826
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 10:57:17.998
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 10:14:06.341
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2011-07-25 09:41:19.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X4 645 Processor
Percentage of memory in use: 67%
Total physical RAM: 5887.29 MB
Available physical RAM: 1905.09 MB
Total Virtual: 11772.78 MB
Available Virtual: 6206.77 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:920.27 GB) (Free:273.07 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:11.15 GB) (Free:1.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive j: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:493.89 GB) NTFS ==>[system with boot components (obtained from drive)]
 
==================== MBR & Partition Table ==================
 
==================== End of Addition.txt ============================

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Chrome, crashing, malware, Google

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP