Additional scan result of Farbar Recovery Scan Tool (x64) Version:19-11-2015 Ran by Jeff (2015-11-19 12:56:36) Running from C:\Users\Jeff\Desktop Windows 7 Professional Service Pack 1 (X64) (2015-05-20 17:56:06) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-930720502-52916992-2161620378-500 - Administrator - Disabled) Guest (S-1-5-21-930720502-52916992-2161620378-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-930720502-52916992-2161620378-1005 - Limited - Enabled) Jeff (S-1-5-21-930720502-52916992-2161620378-1002 - Administrator - Enabled) => C:\Users\Jeff ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-930720502-52916992-2161620378-1002\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.) Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Creative Suite 4 Web Premium (HKLM-x32\...\Adobe_4db064343401efd6449f33f8411c14b) (Version: 4.0 - Adobe Systems Incorporated) Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.160 - Adobe Systems Incorporated) Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Reader X (10.1.16) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.16 - Adobe Systems Incorporated) Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) AlienAutopsy (HKLM\...\AlienAutopsy) (Version: 3.1.5907.16 - Dell Inc.) AlienAutopsy (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Alienware) AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Alienware) Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.33.0.6C - ) Alienware On-Screen Display (x32 Version: 0.33.0.6C - ) Hidden AMD Catalyst Install Manager (HKLM\...\{F1EDDCBA-609A-678D-87C4-4F5E6B93301C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6176 - AVG Technologies) AVG 2015 (Version: 15.0.4460 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6176 - AVG Technologies) Hidden AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.8.599 - AVG Technologies) calibre (HKLM-x32\...\{B4B62C79-A41D-47C6-B689-0416BEA6678F}) (Version: 2.35.0 - Kovid Goyal) Camtasia Studio 7 (HKLM-x32\...\{37B03AA0-B125-4649-900C-F26E1081F163}) (Version: 7.0.1 - TechSmith Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.40.05 - Creative Technology Ltd) DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden EMSC (x32 Version: 0.0.0.24C - Compal Electronics, Inc.) Hidden FileZilla Client 3.13.1 (HKLM-x32\...\FileZilla Client) (Version: 3.13.1 - Tim Kosse) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HP Envy 100 D410 series Basic Device Software (HKLM\...\{EA36CD8F-FEC5-46F9-954D-310631F19C27}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Envy 100 D410 series Help (HKLM-x32\...\{749EC8D6-EE79-47FA-B13D-E87A6E3855E8}) (Version: 140.0.32.32 - Hewlett Packard) HP Envy 100 D410 series Product Improvement Study (HKLM\...\{89EDD29E-D13E-4231-80EE-2C0EC43EC75B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3071 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.7.1002 - Intel Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.7.0 - Mozilla) Mozilla Thunderbird 38.3.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 en-US)) (Version: 38.3.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden PowerXpressHybrid (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6876 - Realtek Semiconductor Corp.) Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio) Roxio File Backup (Version: 1.3.2 - Roxio) Hidden SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0040 - ST Microelectronics) Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.8.62 - Synaptics Incorporated) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240ED}) (Version: 19.5.11532 - WinZip Computing, S.L. ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-930720502-52916992-2161620378-1002_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () ==================== Restore Points ========================= 18-11-2015 19:12:31 Scheduled Checkpoint ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {138FB59D-ADBB-4B37-814A-82FDB12069C8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {30E763B0-89E2-4C06-8246-9343940CBAFF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.) Task: {32FCB5E6-506F-4614-B911-CB602460DDE0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-20] (Google Inc.) Task: {51E5706C-193C-4AE7-A4FB-3D40E59717EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {58AD9DAC-6854-458B-B483-20CBC2889336} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {76A52351-4B51-4DC3-8685-1E79BBB83D0E} - System32\Tasks\PCDEventLauncher => C:\Program Files\AlienAutopsy\sessionchecker.exe [2011-12-13] (PC-Doctor, Inc.) Task: {8A264952-0910-42AD-AD9C-118D96B35DDC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard) Task: {ABEAA7E2-08BF-4EC5-8813-4985A2C30ED7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company) Task: {BA791AA1-A2DF-46A1-B370-B0DEC4658A2C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company) Task: {DD10FE3D-9D0F-46A3-A2DF-B5E87D74F972} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {E0F0E0DC-00CB-4DAF-869C-7FC52023EF7A} - System32\Tasks\HPCustParticipation HP Envy 100 D410 series => C:\Program Files\HP\HP Envy 100 D410 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {FAFFB42F-D614-4129-B1B9-D6823AFF2BDC} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-16 06:56 - 2015-10-05 05:13 - 01205136 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe 2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2015-08-24 05:56 - 2015-08-24 05:56 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-10-05 05:14 - 2015-10-05 05:13 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\loggingserver.exe 2014-11-06 10:35 - 2012-01-26 19:49 - 02751808 ____N () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE 2015-05-29 18:07 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-05-29 18:07 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-05-29 18:07 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-10-05 05:14 - 2015-10-05 05:13 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.1.8\log4cplusU.dll 2015-05-29 18:07 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-05-29 18:07 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2015-08-24 05:56 - 2015-08-24 05:56 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-930720502-52916992-2161620378-1002\Control Panel\Desktop\\Wallpaper -> DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk => C:\Windows\pss\FAH.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe" MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe" MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AlienwareOn-ScreenDisplay => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: BingSvc => C:\Users\Jeff\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Dell Webcam Central => "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2 MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" MSCONFIG\startupreg: DptfPolicyLpmServiceHelper => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: PDVD9LanguageShortcut => "C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe" MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" MSCONFIG\startupreg: RtHDVBg_Dolby => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 MSCONFIG\startupreg: RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /IM MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{77C1727B-BF8B-4ABD-A7A3-425AA0CAD55D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{09FC67DA-BD86-40F6-AC41-97F1E3D35B4D}] => (Allow) LPort=2869 FirewallRules: [{5371CBFB-9839-4AED-87F5-F54B47045F98}] => (Allow) LPort=1900 FirewallRules: [{A0C7A233-BE55-425A-ADB1-CF0C6AF0D928}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{CEA3F2A7-9583-48FF-BC1E-FAB8D9740CB8}] => (Allow) C:\Users\Jeff\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E05D08B4-85AE-4415-BE49-BC1040570761}] => (Allow) C:\Users\Jeff\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D331BE43-E9BC-46E7-9275-72EE3DF400E4}] => (Allow) LPort=5353 FirewallRules: [{8081E189-D511-43E4-8A61-E259FCCC10EC}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe FirewallRules: [{D7B739E0-75F2-4DCF-B77F-A48BDE20F6E4}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe FirewallRules: [{939DEA47-DC59-4D56-97AE-DB924F6125FB}] => (Allow) C:\Program Files\HP\HP Envy 100 D410 series\Bin\DeviceSetup.exe FirewallRules: [{50A96D28-C833-43A6-A8D0-C2EA774A1E73}] => (Allow) C:\Program Files\HP\HP Envy 100 D410 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{1F911FF3-D97F-4B9B-8367-0745217E296A}] => (Allow) C:\Program Files\HP\HP Envy 100 D410 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{24BDFD9C-1472-4ACD-A09B-322F3BBF3FBA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C6718668-4202-40D7-9483-1FC6A898BA28}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{2A54632A-025A-4102-9360-444C1AFC5231}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{0D512352-A830-4115-A4AB-7726DA88E2F2}] => (Allow) C:\Users\Jeff\AppData\Local\Temp\7zS52C9\HPDiagnosticCoreUI.exe FirewallRules: [{3A3DF2A0-7E6B-4C51-808F-34D466F05036}] => (Allow) C:\Users\Jeff\AppData\Local\Temp\7zS52C9\HPDiagnosticCoreUI.exe FirewallRules: [{87281EF3-3CD9-40C3-A59D-6AA61391A8F1}] => (Allow) C:\Users\Jeff\AppData\Local\Temp\7zS3B83\HPDiagnosticCoreUI.exe FirewallRules: [{722B9A4A-1C1C-422F-B471-1D1E97CE6425}] => (Allow) C:\Users\Jeff\AppData\Local\Temp\7zS3B83\HPDiagnosticCoreUI.exe FirewallRules: [{EC546298-A828-4273-94B7-21970AF6F420}] => (Allow) C:\Users\Jeff\AppData\Local\Temp\7zS7D12\HPDiagnosticCoreUI.exe FirewallRules: [{3CE15C7F-040D-44FD-9CDA-1DE35DC1A245}] => (Allow) C:\Users\Jeff\AppData\Local\Temp\7zS7D12\HPDiagnosticCoreUI.exe FirewallRules: [{32AA55D1-EB0B-49B5-9C61-D0F9BBDFFE3E}] => (Allow) C:\Users\Jeff\AppData\Local\Temp\7zS4DCD\HPDiagnosticCoreUI.exe FirewallRules: [{C727AD76-DF60-4F95-9517-2470A759993C}] => (Allow) C:\Users\Jeff\AppData\Local\Temp\7zS4DCD\HPDiagnosticCoreUI.exe FirewallRules: [{ACAE7C2C-2147-4F22-B84E-2658997DE6D2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{61AE2A1A-1024-4DC8-B820-5533393541E1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{794A34AB-33DD-42FD-93BE-DA5BDE616422}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{97B694CE-0C4A-46C5-8C5B-0AA3C090BC45}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{9516DA4A-1CFE-4C64-A0AE-98CAE8A264B8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{87151B62-1BAE-4CEA-9304-8D66797CD180}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{9C157BC8-6352-4FDB-86E6-654175D46CB3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Faulty Device Manager Devices ============= Name: High Definition Audio Controller Description: High Definition Audio Controller Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: HDAudBus Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/19/2015 07:54:00 AM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (11/17/2015 07:46:58 PM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.Session ID = 1 Error: (11/17/2015 07:46:58 PM) (Source: DptfEvent) (EventID: 3) (User: ) Description: DptfPolicyLpmServiceHelperCreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failedLast error = [0x00000102]Session ID = 1 Error: (11/17/2015 07:41:11 PM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (11/17/2015 07:25:51 PM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.Session ID = 1 Error: (11/17/2015 07:25:51 PM) (Source: DptfEvent) (EventID: 3) (User: ) Description: DptfPolicyLpmServiceHelperCreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failedLast error = [0x00000102]Session ID = 1 Error: (11/17/2015 07:20:32 PM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start Error: (11/17/2015 06:57:46 PM) (Source: DptfEvent) (EventID: 2) (User: ) Description: DptfPolicyLpmServiceHelperWinMain: CreateSharedMemory() failed.Session ID = 1 Error: (11/17/2015 06:57:46 PM) (Source: DptfEvent) (EventID: 3) (User: ) Description: DptfPolicyLpmServiceHelperCreateSharedMemory: WaitForSingleObject() with g_pkeLpmSharedMemoryCreated failedLast error = [0x00000102]Session ID = 1 Error: (11/17/2015 06:52:27 PM) (Source: ATIeRecord) (EventID: 16386) (User: ) Description: ATI EEU Client has failed to start System errors: ============= Error: (11/19/2015 00:39:54 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 00:39:53 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 00:03:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 00:03:03 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 00:02:23 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 00:02:22 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 00:00:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 00:00:47 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 11:56:37 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. Error: (11/19/2015 11:56:37 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY) Description: The following fatal alert was generated: 10. The internal error state is 10. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz Percentage of memory in use: 28% Total physical RAM: 16269.06 MB Available physical RAM: 11575.6 MB Total Virtual: 32536.33 MB Available Virtual: 26136.29 MB ==================== Drives ================================ Drive c: (OSDisk) (Fixed) (Total:917.84 GB) (Free:837.88 GB) NTFS Drive f: (DATAPART1) (Fixed) (Total:74.53 GB) (Free:74.43 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2E8C9E16) Partition 1: (Not Active) - (Size=917.8 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=13.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: EACBFBBA) Partition 1: (Not Active) - (Size=74.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================