OK, so the process I ended (which then came back) was Mbamservice.exe *32. I went ahead and ended the other Mbam.exe as well since it came back and I maybe misjudged what was happening. Then FRST hung and the computer was getting slow again. I ended up ending a process that was jumping all over the place in terms of CPU use called Trustedinstaller.exe, as well as another installer process that seemed related. Now things seem to be normal, but I wouldn't be surprised if something happened again I guess. In any case I was able to scan so here are my results.
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
Ran by devin (administrator) on DEVIN-PC (06-08-2016 18:55:37)
Running from C:\Users\devin\Desktop
Loaded Profiles: devin (Available Profiles: devin & mom & Top Dog)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Dropbox, Inc.) C:\Users\devin\AppData\Local\Dropbox\Update\DropboxUpdate.exe
( ) C:\Windows\System32\lxeccoms.exe
(Google Inc.) C:\Users\devin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Google Inc.) C:\Users\devin\AppData\Local\Google\Update\GoogleUpdate.exe
(Google Inc.) C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Dropbox, Inc.) C:\Users\devin\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Google Inc.) C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\ndp461-kb3102433-x86-x64-enu.exe
(Microsoft Corporation) D:\bdd38748b4d8fd3ff6206bf48cc4\Setup.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11474024 2010-10-05] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-26] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-09] (Apple Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-03-10] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-07-21] (Raptr, Inc)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-04-22] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-06] (AVAST Software)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Run: [Dropbox Update] => C:\Users\devin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-12] (Dropbox, Inc.)
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Run: [MusicManager] => C:\Users\devin\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2015-11-17] (Google Inc.)
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Run: [Google Update] => C:\Users\devin\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Run: [GoogleChromeAutoLaunch_90E53751D683971B577ECCEE9D752113] => C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe [941720 2016-06-15] (Google Inc.)
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\MAGENT~1.SCR
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-06] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\Users\devin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-08-05]
ShortcutTarget: Dropbox.lnk -> C:\Users\devin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2A78499E-E19C-40FE-9992-09A7F4DAB577}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-06] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2014-03-16] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2014-03-16] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-07-24] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-06] (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-07-24] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\MP3 Skype Recorder\Skype4COM.dll [2011-09-07] (Skype Technologies)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-15] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2013-04-02] (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> D:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-07-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-09-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3688702354-2117096547-3842074458-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\devin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3688702354-2117096547-3842074458-1000: @talk.google.com/O1DPlugin -> C:\Users\devin\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3688702354-2117096547-3842074458-1000: @tools.google.com/Google Update;version=3 -> C:\Users\devin\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-3688702354-2117096547-3842074458-1000: @tools.google.com/Google Update;version=9 -> C:\Users\devin\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\devin\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\devin\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-06]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-06]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?ctid=CT3306061&octid=EB_ORIGINAL_CTID&SearchSource=61&CUI=UN21798395310090278&UM=2&UP=SP49497951-6663-43F6-9591-64AF001E09E6&SSPV=","hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN21798395310090278&UM=2","hxxp://docs.gresham.k12.or.us","hxxp://homepage-web.com/?s=lenovo&m=start","hxxp://home.lenovo.com"
CHR Session Restore: Default -> is enabled.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.796\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.7.771\_platform_specific\win_x86\widevinecdmadapter.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\devin\AppData\Local\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (Ge.tt) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cdgghbbgmhcpidlmnepkbihehhkmjomc [2013-05-26]
CHR Extension: (OneTab) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-06-10]
CHR Extension: (Mainichi) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfekdjmdikicceaiokcmmchenpilglhn [2016-06-30]
CHR Extension: (Google Calendar) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-16]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2013-07-05]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-07-31]
CHR Extension: (TweetDeck by Twitter) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2015-07-25]
CHR Extension: (rikaikun) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\jipdnfibhldikgcjhfnomkfpcebammhp [2016-06-30]
CHR Extension: (Conceptboard for Google+ Hangouts) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lklieeaongcaklpejdodbkcmbdfpdabj [2013-06-25]
CHR Extension: (Google Hangouts) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2016-01-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-11]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2016-08-06]
CHR Extension: (Chrome Media Router) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-03]
CHR Profile: C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-16]
CHR Extension: (Google Docs) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-16]
CHR Extension: (Google Drive) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-16]
CHR Extension: (YouTube) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-16]
CHR Extension: (Google Search) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-16]
CHR Extension: (Google Sheets) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-16]
CHR Extension: (Avast Online Security) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-16]
CHR Extension: (Connect DLC 5) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil [2015-01-16] [UpdateUrl: hxxp://autoupdate.chromewebtb.conduit-services.com/sb/?productId=CT3306061&extensionData=\u003Cextension_data>] <==== ATTENTION
CHR Extension: (Google Wallet) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-16]
CHR Extension: (Gmail) - C:\Users\devin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-16]
StartMenuInternet: Google Chrome - C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-06] (AVAST Software)
R2 lxec_device; C:\Windows\system32\lxeccoms.exe [1052328 2010-04-14] ( )
R2 lxec_device; C:\Windows\SysWOW64\lxeccoms.exe [598696 2010-04-14] ( )
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-03-10] (Plays.tv, LLC)
S3 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-10] ()
S3 RichVideo64; C:\Program Files\Cyberlink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [183264 2013-01-27] (Soluto)
S3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1239552 2013-01-27] (Soluto) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)
S3 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
S2 wscsvc; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
S2 wscsvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-06] (AVAST Software)
S1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-06] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-06] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-06] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-06] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-06] (AVAST Software)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2012-03-28] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 FSProFilter; C:\Windows\System32\Drivers\FSPFltd.sys [54848 2010-07-22] (FSPro Labs)
R2 hitbliss; C:\Windows\System32\drivers\hitbliss.sys [19928 2014-03-18] (Project Concord, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2012-03-11] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-06] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S3 VSPerfDrv100; D:\Program Files (x86)\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-06 18:49 - 2016-08-06 18:49 - 00003890 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1470534544
2016-08-06 18:49 - 2016-08-06 18:49 - 00001003 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2016-08-06 18:49 - 2016-08-06 18:49 - 00001003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-06 18:48 - 2016-08-06 18:47 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-06 15:03 - 2016-08-06 15:03 - 00003161 _____ C:\junk.txt
2016-08-06 15:01 - 2016-08-06 15:01 - 00004001 _____ C:\Users\devin\Desktop\System Idle Process.txt
2016-08-06 14:57 - 2016-08-06 14:57 - 02694816 _____ (Sysinternals - www.sysinternals.com) C:\Users\devin\Desktop\procexp.exe
2016-08-06 14:10 - 2016-08-06 14:12 - 00001375 _____ C:\VEW.txt
2016-08-06 14:09 - 2016-08-06 14:09 - 00061440 _____ ( ) C:\Users\devin\Desktop\VEW.exe
2016-08-06 14:08 - 2016-08-06 14:08 - 00061440 _____ ( ) C:\Users\devin\Downloads\VEW.exe
2016-08-06 13:25 - 2016-08-06 13:26 - 00316175 _____ C:\Users\devin\Desktop\Fixlog.txt
2016-08-06 13:24 - 2016-08-06 13:24 - 00000448 _____ C:\Users\devin\Desktop\spldr.zip
2016-08-06 11:13 - 2016-08-06 14:17 - 00047703 _____ C:\Users\devin\Desktop\Addition.txt
2016-08-06 11:10 - 2016-08-06 18:55 - 00029582 _____ C:\Users\devin\Desktop\FRST.txt
2016-08-06 11:10 - 2016-08-06 18:55 - 00000000 ____D C:\FRST
2016-08-06 11:10 - 2016-08-06 11:10 - 02393600 _____ (Farbar) C:\Users\devin\Downloads\FRST64 (1).exe
2016-08-06 11:10 - 2016-08-06 11:10 - 02393600 _____ (Farbar) C:\Users\devin\Desktop\FRST64.exe
2016-08-06 11:09 - 2016-08-06 11:10 - 02393600 _____ (Farbar) C:\Users\devin\Downloads\FRST64.exe
2016-08-06 01:06 - 2016-08-06 01:06 - 00000000 ____D C:\Users\devin\AppData\Roaming\AVAST Software
2016-08-06 01:05 - 2016-08-06 01:05 - 00001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-08-06 01:05 - 2016-08-06 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-08-06 01:04 - 2016-08-06 01:05 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-08-06 01:04 - 2016-08-06 01:04 - 00968536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-06 01:04 - 2016-08-06 01:04 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-06 01:04 - 2016-08-06 01:04 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-06 01:04 - 2016-08-06 01:04 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-06 01:04 - 2016-08-06 01:04 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-06 01:04 - 2016-08-06 01:04 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-06 01:04 - 2016-08-06 01:04 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-06 01:04 - 2016-08-06 01:04 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-08-06 01:04 - 2016-08-06 01:04 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-08-06 01:03 - 2016-08-06 18:47 - 00000000 ____D C:\Program Files\AVAST Software
2016-08-06 01:03 - 2016-08-06 01:03 - 06253376 _____ (AVAST Software) C:\Users\devin\Downloads\avast_free_antivirus_setup_online.exe
2016-08-06 00:16 - 2016-08-06 00:16 - 00002603 _____ C:\Users\devin\Desktop\Hkey.reg
2016-08-06 00:13 - 2016-08-06 00:13 - 01239084 _____ C:\Users\devin\Documents\cc_20160806_001330.reg
2016-08-06 00:10 - 2016-08-06 00:10 - 505462110 _____ C:\Users\devin\Desktop\regback.reg
2016-08-05 23:13 - 2016-08-06 17:09 - 00760468 _____ C:\Windows\ntbtlog.txt
2016-08-05 17:28 - 2016-08-05 19:37 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-08-05 15:40 - 2016-08-06 18:38 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-05 15:39 - 2016-08-05 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-05 15:39 - 2016-08-05 15:39 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-08-05 15:39 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-05 15:39 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-05 15:39 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-05 15:36 - 2016-08-05 15:37 - 22851472 _____ (Malwarebytes ) C:\Users\devin\Downloads\mbam-setup-2.2.1.1043.exe
2016-08-05 10:33 - 2016-08-05 10:33 - 00000000 ____D C:\Users\devin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-07-29 18:17 - 2016-07-29 18:17 - 00038842 _____ C:\Users\devin\Downloads\cold-fish-tsumetai-nettaigyo_english-516238.zip
2016-07-24 10:39 - 2016-07-24 10:37 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-07-24 10:36 - 2016-07-24 10:36 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-07-18 19:26 - 2016-07-18 19:26 - 00034450 _____ C:\Users\devin\Downloads\himizu.(2011).eng.1cd.(4626313).zip
2016-07-18 19:26 - 2016-07-18 19:26 - 00016887 _____ C:\Users\devin\Downloads\4626313.htm
2016-07-18 18:21 - 2016-07-18 19:27 - 00000000 ____D C:\Users\devin\Desktop\Himizu.2012.JAP.BDRip.x264.AAC-ADiOS
2016-07-15 10:42 - 2016-06-10 21:48 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-07-15 10:42 - 2016-06-10 14:19 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-07-15 10:42 - 2016-06-10 14:08 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-07-15 10:42 - 2016-06-10 14:03 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-07-15 10:42 - 2016-06-10 13:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-07-15 10:42 - 2016-06-10 13:38 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-07-15 10:42 - 2016-06-10 13:13 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-07-15 10:42 - 2016-06-10 11:53 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-07-15 10:42 - 2016-06-10 11:53 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-07-15 10:42 - 2016-06-10 11:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-07-15 10:42 - 2016-06-10 11:45 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-07-15 10:42 - 2016-06-10 11:42 - 20348928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-07-15 10:42 - 2016-06-10 11:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-07-15 10:42 - 2016-06-10 11:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-07-15 10:42 - 2016-06-10 11:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-07-15 10:42 - 2016-06-10 11:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-07-15 10:42 - 2016-06-10 11:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-07-15 10:42 - 2016-06-10 11:10 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-07-15 10:42 - 2016-06-10 10:41 - 01315840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-07-15 10:41 - 2016-06-25 17:35 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-07-15 10:41 - 2016-06-25 17:27 - 01208320 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-07-15 10:41 - 2016-06-25 17:27 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-15 10:41 - 2016-06-25 17:27 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-15 10:41 - 2016-06-25 17:27 - 00344576 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-15 10:41 - 2016-06-25 17:27 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-15 10:41 - 2016-06-25 17:27 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2016-07-15 10:41 - 2016-06-25 12:54 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-07-15 10:41 - 2016-06-25 12:53 - 00297472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2016-07-15 10:41 - 2016-06-25 12:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-15 10:41 - 2016-06-25 12:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2016-07-15 10:41 - 2016-06-25 12:41 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.exe
2016-07-15 10:41 - 2016-06-22 06:06 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-07-15 10:41 - 2016-06-17 11:24 - 01490432 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-07-15 10:41 - 2016-06-17 11:24 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-07-15 10:41 - 2016-06-17 11:24 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-07-15 10:41 - 2016-06-17 11:24 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-07-15 10:41 - 2016-06-17 11:24 - 00219136 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-07-15 10:41 - 2016-06-17 11:24 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-07-15 10:41 - 2016-06-14 08:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-15 10:41 - 2016-06-10 23:57 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-07-15 10:41 - 2016-06-10 14:38 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-15 10:41 - 2016-06-10 14:38 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-07-15 10:41 - 2016-06-10 14:20 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-07-15 10:41 - 2016-06-10 14:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-15 10:41 - 2016-06-10 14:18 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-15 10:41 - 2016-06-10 14:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-07-15 10:41 - 2016-06-10 14:17 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-15 10:41 - 2016-06-10 14:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-15 10:41 - 2016-06-10 14:05 - 25814016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-15 10:41 - 2016-06-10 14:04 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-15 10:41 - 2016-06-10 14:03 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-15 10:41 - 2016-06-10 14:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-15 10:41 - 2016-06-10 14:02 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-07-15 10:41 - 2016-06-10 13:53 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-07-15 10:41 - 2016-06-10 13:50 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-15 10:41 - 2016-06-10 13:49 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-15 10:41 - 2016-06-10 13:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-07-15 10:41 - 2016-06-10 13:34 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-15 10:41 - 2016-06-10 13:31 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-15 10:41 - 2016-06-10 13:28 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-07-15 10:41 - 2016-06-10 13:15 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-07-15 10:41 - 2016-06-10 13:12 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-15 10:41 - 2016-06-10 13:11 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-07-15 10:41 - 2016-06-10 13:10 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-15 10:41 - 2016-06-10 12:45 - 15409664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-15 10:41 - 2016-06-10 12:44 - 02869248 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-15 10:41 - 2016-06-10 12:30 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-15 10:41 - 2016-06-10 12:21 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-07-15 10:41 - 2016-06-10 12:09 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-07-15 10:41 - 2016-06-10 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-07-15 10:41 - 2016-06-10 11:53 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-07-15 10:41 - 2016-06-10 11:47 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-07-15 10:41 - 2016-06-10 11:46 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-07-15 10:41 - 2016-06-10 11:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-07-15 10:41 - 2016-06-10 11:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-07-15 10:41 - 2016-06-10 11:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-07-15 10:41 - 2016-06-10 11:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-07-15 10:41 - 2016-06-10 11:32 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-07-15 10:41 - 2016-06-10 11:24 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-07-15 10:41 - 2016-06-10 11:14 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-07-15 10:41 - 2016-06-10 11:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-07-15 10:41 - 2016-06-10 11:09 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-07-15 10:41 - 2016-06-10 11:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-07-15 10:41 - 2016-06-10 10:58 - 13806080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-07-15 10:41 - 2016-06-10 10:45 - 02392576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-07-15 10:41 - 2016-06-10 10:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-06 18:52 - 2009-07-13 21:45 - 00023632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-06 18:52 - 2009-07-13 21:45 - 00023632 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-06 18:47 - 2011-12-19 11:39 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-06 18:24 - 2014-07-10 21:37 - 00000000 ____D C:\Users\devin\AppData\Roaming\Raptr
2016-08-06 18:21 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-06 16:55 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\inf
2016-08-06 16:49 - 2013-04-21 10:37 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-08-06 13:25 - 2009-07-13 20:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-08-06 11:49 - 2011-12-10 12:53 - 00000000 ____D C:\Users\devin\AppData\Roaming\Audacity
2016-08-05 23:12 - 2011-11-11 22:22 - 00000000 ____D C:\Users\devin\AppData\Roaming\uTorrent
2016-08-05 15:40 - 2011-11-11 22:20 - 00000000 ____D C:\Program Files (x86)\Steam
2016-08-05 15:39 - 2012-02-18 19:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-05 10:32 - 2011-11-11 22:25 - 00000000 ____D C:\Users\devin\AppData\Roaming\Dropbox
2016-08-05 09:43 - 2011-11-12 19:32 - 00000000 ____D C:\Users\devin\AppData\Local\Adobe
2016-07-31 16:13 - 2014-12-14 12:22 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2016-07-31 15:51 - 2009-07-13 21:45 - 07095608 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-29 22:09 - 2013-04-20 22:48 - 02180776 ____H C:\Users\devin\AppData\Local\IconCache.db.backup
2016-07-29 22:01 - 2011-11-12 15:12 - 00000000 ____D C:\Users\devin\AppData\Roaming\vlc
2016-07-28 15:10 - 2012-08-23 10:59 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-28 15:10 - 2012-08-23 10:59 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-28 14:49 - 2011-11-11 22:18 - 00003882 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3688702354-2117096547-3842074458-1000UA
2016-07-28 14:49 - 2011-11-11 22:18 - 00003486 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3688702354-2117096547-3842074458-1000Core
2016-07-28 10:46 - 2011-11-11 22:09 - 00176152 _____ C:\Users\devin\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-24 11:07 - 2014-05-29 21:25 - 00000000 ____D C:\ProgramData\Oracle
2016-07-24 10:39 - 2014-05-29 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-24 10:39 - 2011-12-16 11:54 - 00000000 ____D C:\Program Files\Java
2016-07-24 10:39 - 2011-11-11 22:22 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-24 10:38 - 2015-10-20 13:35 - 00000000 ____D C:\Users\devin\.oracle_jre_usage
2016-07-24 10:37 - 2015-10-20 13:36 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-07-22 15:40 - 2014-09-04 18:25 - 00000000 ____D C:\Program Files (x86)\Scrivener
2016-07-21 03:01 - 2015-04-05 03:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-07-21 03:01 - 2015-04-05 03:03 - 00000000 ___SD C:\Windows\system32\GWX
2016-07-18 18:24 - 2009-07-13 22:13 - 00782296 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-16 12:09 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-16 12:08 - 2011-11-20 17:30 - 00000000 ____D C:\Users\devin\AppData\Local\ElevatedDiagnostics
2016-07-16 04:14 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2016-07-16 03:20 - 2014-12-10 04:23 - 00000000 ____D C:\Windows\system32\appraiser
2016-07-16 03:20 - 2009-07-14 00:46 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-15 10:12 - 2014-12-21 21:41 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-15 10:12 - 2012-04-08 08:10 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-15 10:12 - 2011-11-11 22:19 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-15 09:12 - 2011-11-11 22:19 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-15 09:12 - 2011-11-11 22:19 - 00000000 ____D C:\Windows\system32\Macromed
==================== Files in the root of some directories =======
2013-01-28 12:25 - 2013-01-28 12:25 - 0000132 _____ () C:\Users\devin\AppData\Roaming\Adobe GIF Format CS6 Prefs
2013-02-14 21:11 - 2015-02-21 19:59 - 0000132 _____ () C:\Users\devin\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-02-25 17:46 - 2014-02-25 16:38 - 0012005 _____ () C:\Users\devin\AppData\Roaming\alsoft.ini
2013-01-28 12:26 - 2015-11-16 17:44 - 0001456 _____ () C:\Users\devin\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-07-19 13:58 - 2016-05-30 16:13 - 0009216 _____ () C:\Users\devin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-02-10 17:08 - 2014-02-10 17:08 - 0009892 _____ () C:\Users\devin\AppData\Local\recently-used.xbel
2012-08-07 09:23 - 2012-08-07 09:23 - 0007597 _____ () C:\Users\devin\AppData\Local\Resmon.ResmonCfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\devin\AppData\Local\setup.txt
2012-01-05 20:14 - 2012-01-05 20:14 - 0000000 _____ () C:\ProgramData\cmn_upld.log
2011-11-12 14:02 - 2011-11-12 14:02 - 0000252 _____ () C:\ProgramData\FastPics.log
2011-12-20 12:37 - 2011-10-21 12:37 - 0000032 ____R () C:\ProgramData\hash.dat
2012-01-05 20:22 - 2012-02-20 14:44 - 0014220 _____ () C:\ProgramData\lxecJSW.log
2011-11-12 12:19 - 2014-04-18 16:48 - 0067623 _____ () C:\ProgramData\lxecscan.log
2012-01-05 20:14 - 2012-01-05 20:14 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log
2011-12-15 21:56 - 2012-01-17 17:12 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2012-05-07 09:25 - 2012-05-07 09:26 - 0000340 _____ () C:\ProgramData\pswx.html
2014-02-05 21:01 - 2014-02-05 21:01 - 5059417 _____ () C:\ProgramData\SPLECB6.tmp
2011-11-12 12:15 - 2011-11-12 12:15 - 0000000 _____ () C:\ProgramData\UpdaterLog.txt
Files to move or delete:
====================
C:\ProgramData\hash.dat
Some files in TEMP:
====================
C:\Users\devin\AppData\Local\Temp\w5ssroxi.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-27 12:15
==================== End of FRST.txt ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Ran by devin (2016-08-06 18:58:20)
Running from C:\Users\devin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2011-11-12 04:39:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3688702354-2117096547-3842074458-500 - Administrator - Disabled)
devin (S-1-5-21-3688702354-2117096547-3842074458-1000 - Administrator - Enabled) => C:\Users\devin
Guest (S-1-5-21-3688702354-2117096547-3842074458-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3688702354-2117096547-3842074458-1004 - Limited - Enabled)
mom (S-1-5-21-3688702354-2117096547-3842074458-1001 - Limited - Enabled) => C:\Users\mom
Top Dog (S-1-5-21-3688702354-2117096547-3842074458-1006 - Limited - Enabled) => C:\Users\Top Dog
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader 9.5.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.3 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Aeon (HKLM-x32\...\Aeon) (Version: 3.4.1 - SoundSpectrum)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.0.1.240 - Amazon)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version: - )
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version: - BestGameEver)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.2.2276 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version: - Rocksteady Studios)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Braid (HKLM-x32\...\Steam App 26800) (Version: - Number None)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
Card Hunter (HKLM-x32\...\Steam App 293260) (Version: - Blue Manchu)
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Crusader Kings II (HKLM\...\Steam App 203770) (Version: - Paradox Development Studio)
Crypt of the NecroDancer (HKLM-x32\...\Steam App 247080) (Version: - Brace Yourself Games)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Dead Space 2 (HKLM-x32\...\Steam App 47780) (Version: - Visceral Games)
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version: - Level Up Labs, LLC)
Desktop Dungeons (HKLM-x32\...\Steam App 226620) (Version: - QCF Design)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
doubleTwist Sync (HKLM-x32\...\doubleTwist) (Version: 4.0.4.19767 - doubleTwist Corporation)
Dropbox (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version: - Gaslamp Games, Inc.)
DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - )
Epic Games Launcher (HKLM-x32\...\{16969EF2-23EA-4BD9-B085-4952D95E8A7D}) (Version: 1.1.48.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Eternal Senia (HKLM-x32\...\Steam App 351640) (Version: - Holy Priest)
FEZ (HKLM-x32\...\Steam App 224760) (Version: - Polytron Corporation)
Final Effects Complete 6.0.0 64Bit (HKLM\...\{D076B586-8F4A-4033-9B6C-A451B6E04611}) (Version: 6.00.0000 - Boris Fx, Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.6.722 - Foxit Corporation)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Google Chrome (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Photos Backup (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Google Photos Backup) (Version: 1.1.2.13 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.06) (Version: 9.06 - Artifex Software Inc.)
Gtk# for .Net 2.12.10 (HKLM-x32\...\{550B72C4-F404-4812-971F-947E835A877E}) (Version: 2.12.10 - Novell, Inc.)
HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - )
Hatoful Boyfriend (HKLM-x32\...\Steam App 310080) (Version: - Mediatonic)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HitBliss (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\HitBliss) (Version: 1.0.0.25740 - Project Concord, Inc.)
Intel® Desktop Utilities (HKLM-x32\...\{F01CBA59-B5BD-4608-A834-1CBE8C292A71}) (Version: 1.0.0 - Intel Corporation)
Intel® Integrator Assistant (HKLM-x32\...\{D1A35687-AEA9-422C-B237-FC4F8136B6F6}) (Version: 1.0.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java SE Development Kit 6 Update 30 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160300}) (Version: 1.6.0.300 - Oracle)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios)
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
Kindle Previewer (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\KindlePreviewer) (Version: 2.9 - Amazon)
Knights of Pen and Paper +1 (HKLM-x32\...\Steam App 231740) (Version: - Behold Studios)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version: - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Lexmark Printable Web (HKLM-x32\...\{D2C5E510-BE6D-42CC-9F61-E4F939078474}) (Version: 1.0.0.0 - )
Lexmark Pro800-Pro900 Series (HKLM\...\Lexmark Pro800-Pro900 Series) (Version: - Lexmark International, Inc.)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}) (Version: 11.4.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.4.2 - Red Giant Software) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McPixel (HKLM-x32\...\Steam App 220860) (Version: - Sos)
Mercenary Kings (HKLM-x32\...\Steam App 218820) (Version: - Tribute Games Inc.)
METAL GEAR SOLID V: GROUND ZEROES (HKLM-x32\...\Steam App 311340) (Version: - Kojima Productions)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Expression Blend 3 SDK (HKLM-x32\...\{256E7DAC-9BE8-494E-8DE7-7857BF96B774}) (Version: 1.0.1343.0 - Microsoft Corporation)
Microsoft Expression Blend 4 (HKLM-x32\...\Blend_4.0.20901.0) (Version: 4.0.20901.0 - Microsoft Corporation)
Microsoft Expression Blend 4 Add-in for Adobe FXG Import (HKLM-x32\...\{A29C5DD5-B21E-474F-AA96-6A7FC0B2B248}) (Version: 1.0.10901.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (HKLM-x32\...\{9B3A1C97-A361-463E-8817-444F9F88CDFE}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Silverlight 4 (HKLM-x32\...\{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}) (Version: 2.0.20525.0 - Microsoft Corporation)
Microsoft Expression Blend SDK for Windows Phone 7 (HKLM-x32\...\{69E11501-75F7-4ACE-8103-52513DDCFE26}) (Version: 2.0.20901.0 - Microsoft Corporation)
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft Silverlight Tools for Visual Studio 2010 (HKLM-x32\...\{558358E5-E4F3-4374-BA1D-26FF39EF87D9}) (Version: 10.0.30319.400 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{EAEBF166-B06A-4D7F-BAF7-6615303D5C7C}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM-x32\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Windows Phone 7 Developer Resources (HKLM-x32\...\{B86149D3-18A2-41FD-A153-60AF944E47FE}) (Version: 7.0.7003.0 - Microsoft Corporation)
Microsoft Windows Phone Developer Tools - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Express for Windows Phone - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 Windows Phone Extensions (HKLM-x32\...\{5DDF31D2-63BB-4268-895B-FB05A82A1C00}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio Platform Tools (HKLM-x32\...\{0666E46E-A860-4353-BE6D-13AA72FABB57}) (Version: 1.3.0.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\MusicManager) (Version: - Google, Inc.)
My Lockbox 2.8.5 (HKLM\...\My Lockbox_is1) (Version: 2.8.5 - )
Network Recording Player (HKLM-x32\...\{CC5BDE4C-A0D2-4DE0-ACB9-1D5CB019C9CF}) (Version: 28.12.2.17378 - Cisco WebEx LLC)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.12.11 - Black Tree Gaming)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9.6.2 - )
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4569.1508 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.0.0 (HKLM-x32\...\{55E61709-D7D4-43C0-B45D-BFAF5C09A02D}) (Version: 4.00.9702 - Apache Software Foundation)
PAC-MAN Championship Edition DX+ (HKLM-x32\...\Steam App 236450) (Version: - Mine Loader Software Co., Ltd.)
Papers, Please (HKLM-x32\...\1207659209_is1) (Version: 2.5.0.11 - GOG.com)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.11-r110387-release - Plays.tv, LLC)
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Portal Stories: Mel (HKLM-x32\...\Steam App 317400) (Version: - Prism Studios)
PowerDirector (Version: 9.00.0000 - CyberLink Corp.) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.3-r114633-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6215 - Realtek Semiconductor Corp.)
Red Giant PlaneSpace (HKLM-x32\...\Red Giant PlaneSpace) (Version: - )
Red Giant Psunami (HKLM-x32\...\InstallShield_{97F381E0-CCC3-4F22-9078-033CBC597391}) (Version: 1.4.0 - Red Giant Software)
Red Giant Psunami (Version: 1.4.0 - Red Giant Software) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version: - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
SafeZone Stable 1.51.2220.47 (x32 Version: 1.51.2220.47 - Avast Software) Hidden
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
Scrivener Update (HKLM-x32\...\Scrivener 1900) (Version: 1950 - Literature and Latte)
Search Protection (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Search Protection) (Version: 9.5.0.3 - Spigot, Inc.) <==== ATTENTION
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.7 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.7 - SmartSound Software Inc.) Hidden
Soluto (HKLM\...\{32F9DBC7-95D1-469F-B7A3-678948D6DA32}) (Version: 1.3.1140.0 - Soluto)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
Transistor (HKLM-x32\...\Steam App 237930) (Version: - Supergiant Games)
Victoria II (HKLM-x32\...\Steam App 42960) (Version: - Paradox Development Studio)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Wallpaper Master v2.16 (HKLM-x32\...\Wallpaper Master_is1) (Version: - James Garton)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\Warcraft III) (Version: - )
WCF RIA Services V1.0 SP1 (HKLM-x32\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
WD Quick View (HKLM-x32\...\{965D28B5-3C86-41FD-994E-D6376815C9B3}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{F6FE3205-7737-4772-9017-C7ACD8A5561C}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{647175e1-9944-4a82-bac1-102c95f0a99a}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebM Project Directshow Filters (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\webmdshow) (Version: 1.0.4.1 - WebM Project)
Widevine Media Optimizer Chrome 6.0.0 (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
WinDirStat 1.1.2 (HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\...\WinDirStat) (Version: - )
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Phone Emulator x64 - ENU (HKLM\...\{0F7861E5-3B24-33CA-AECF-B5477194CEEB}) (Version: 10.0.30319 - Microsoft Corporation)
WPF Toolkit February 2010 (Version 3.5.50211.1) (HKLM-x32\...\{5EE6E987-1B79-4A93-832B-27472C7D1579}) (Version: 3.5.50211.1 - Microsoft Corporation)
XMind (HKLM-x32\...\XMind) (Version: 3.3.0 - XMind Ltd.)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\devin\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\devin\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3688702354-2117096547-3842074458-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\devin\AppData\Roaming\Dropbox\bin\DropboxExt64.38.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01FE1553-6233-4E45-B58B-E465A2CE89E8} - System32\Tasks\SafeZone scheduled Autoupdate 1462581905 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-07-25] (Avast Software)
Task: {0271FFDF-60DF-4D58-B579-6449B3FF049E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3688702354-2117096547-3842074458-1000UA => C:\Users\devin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {0B247A65-5114-4BB7-A8AA-82AB5D260286} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3688702354-2117096547-3842074458-1000UA => C:\Users\devin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {189E30CD-2987-4074-A515-BB6D8A8ED8B7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {337EC0E7-954C-4B7D-BD37-27D1ACFCFE9E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3688702354-2117096547-3842074458-1000Core => C:\Users\devin\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-12] (Dropbox, Inc.)
Task: {3833673B-6656-4CCA-8C6B-AD1277356D75} - System32\Tasks\AdobeAAMUpdater-1.0-devin-PC-devin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {3F622639-4F5B-44EA-A746-412C8F72D1AD} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-06] (AVAST Software)
Task: {447EB743-7879-43E2-896C-3D4E9387CCFF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {56AE0AF9-85AC-4548-8861-E814F0A64AD2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe
Task: {5CE39C32-06A8-45B9-B00F-62919667B38C} - System32\Tasks\{E6EEA09D-7DE1-46BD-843E-DBCA8853D90F} => C:\Riot Games\League of Legends\lol.launcher.exe
Task: {6177EB0D-B4D9-4504-A313-320FE70B6DF6} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {6196102C-6003-44D2-949D-98A458DC5DCB} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.)
Task: {8E3BCAE8-D6F2-4B57-942E-211C9FF8A1C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9FF97AF3-DCB0-44F3-BAE5-BD24E60FBE1D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {AD0B3581-38BC-4513-9837-1283AA62FA26} - System32\Tasks\{D4980C0B-E5EE-4E9C-8901-49046F409D54} => pcalua.exe -a "D:\Steam Library\SteamApps\common\Batman Arkham City GOTY\Setup\vcredist_x86.exe"
Task: {BD194227-E603-4B55-9828-BF74F5EFA807} - System32\Tasks\{5DAFDFE5-6703-4518-BE3C-1B3B527C313B} => pcalua.exe -a "C:\Users\Public\Videos\Dungeons and Dragons 4ed Character Builder\CB_(09)Sep_2009.exe" -d "C:\Users\Public\Videos\Dungeons and Dragons 4ed Character Builder"
Task: {C0B5E7B4-0D7D-44CD-96C7-FD7A6910C323} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3688702354-2117096547-3842074458-1000Core => C:\Users\devin\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {C56AE83D-E3A1-4EB2-AF0B-3AEC8624807C} - System32\Tasks\{24609C97-A20B-468B-9673-EE643B5AF42F} => C:\Riot Games\League of Legends\lol.launcher.exe
Task: {D0C244A7-A9A2-443B-BF27-81D36DB0B3F6} - System32\Tasks\{FDE37696-56DC-495C-9492-4906CA78FC2B} => pcalua.exe -a C:\Users\devin\Downloads\GAP.2.6_win\GAP-installer\Gimp-GAP-2.6.0-Setup2.exe -d C:\Users\devin\Downloads\GAP.2.6_win\GAP-installer
Task: {E303469E-6AF3-42F4-9BBB-E045B49F7A52} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated)
Task: {EC0C6609-787D-4141-B1DD-055B948C4762} - System32\Tasks\SafeZone scheduled Autoupdate 1470534544 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-07-25] (Avast Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\devin\AppData\Local\Microsoft\Windows\GameExplorer\{8D163581-5E78-46F0-AAA3-9A9B792B155F}\SupportTasks\0\Support.lnk -> hxxp://www.activision.com/support/
Shortcut: C:\Users\devin\AppData\Local\Microsoft\Windows\GameExplorer\{7B1EB2E4-703C-4914-B6EC-EEB15B5D0290}\SupportTasks\1\Support.lnk -> hxxp://www.ea.com/tech_support/
Shortcut: C:\Users\devin\AppData\Local\Microsoft\Windows\GameExplorer\{7B1EB2E4-703C-4914-B6EC-EEB15B5D0290}\SupportTasks\0\More Games from Microsoft.lnk -> hxxp://www.totalwar.com/
ShortcutWithArgument: C:\Users\devin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\a3a1d6b8109861c5\Hangouts.lnk -> C:\Users\devin\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=nckgahadagoaajjgafhacjanaoiihapd
==================== Loaded Modules (Whitelisted) ==============
2014-01-14 19:01 - 2014-03-16 08:44 - 08878248 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2011-11-12 12:19 - 2009-11-25 23:09 - 00053760 _____ () C:\Windows\System32\LXECPMON.DLL
2011-11-12 12:18 - 2009-01-13 06:15 - 04485120 _____ () C:\Windows\System32\LXECOEM.DLL
2011-11-12 12:20 - 2009-11-04 06:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxecdrpp.dll
2016-05-11 11:24 - 2016-05-11 11:24 - 01665024 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\eca5df98fa15582baf26daf7b3299f14\PCGPreCompiled.ni.dll
2016-05-11 11:26 - 2016-05-11 11:26 - 00237568 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\9011eb6014c80e3048c7adc8ba46b637\PCGAppControlPluginLoader.ni.dll
2013-01-27 10:00 - 2013-01-27 10:00 - 00091192 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2016-08-06 01:04 - 2016-08-06 01:04 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-06 01:04 - 2016-08-06 01:04 - 03004416 _____ () C:\Program Files\AVAST Software\Avast\defs\16080300\algo.dll
2016-08-06 01:04 - 2016-08-06 01:04 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-08-06 18:48 - 2016-08-06 18:48 - 03012096 _____ () C:\Program Files\AVAST Software\Avast\defs\16080600\algo.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-17 10:44 - 2015-11-17 10:44 - 00117248 _____ () C:\Users\devin\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-11-17 10:45 - 2015-11-17 10:45 - 00234496 _____ () C:\Users\devin\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-11-17 10:45 - 2015-11-17 10:45 - 00253440 _____ () C:\Users\devin\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-11-17 10:44 - 2015-11-17 10:44 - 00344064 _____ () C:\Users\devin\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2016-04-14 19:09 - 2016-06-29 19:25 - 00035792 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-08-05 10:33 - 2016-06-29 19:25 - 00145864 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-08-05 10:33 - 2016-06-29 19:26 - 00019408 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-08-05 10:33 - 2016-06-29 19:25 - 00116688 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-04-14 19:09 - 2016-06-29 19:25 - 00100296 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-12 18:00 - 2016-06-29 19:25 - 00018888 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-12 18:00 - 2016-08-01 14:27 - 00019760 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-12 18:00 - 2016-06-29 19:25 - 00694224 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-08-05 10:33 - 2016-08-01 14:26 - 00020816 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-04-14 19:09 - 2016-06-29 19:26 - 00123856 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-08-05 10:33 - 2016-08-01 14:26 - 01682760 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-08-05 10:33 - 2016-08-01 14:26 - 00020808 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00021312 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00052024 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00038696 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\fastpath.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00105928 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-05 10:33 - 2016-06-29 19:25 - 00392144 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-08-05 10:33 - 2016-06-29 19:27 - 00020936 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00024528 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32event.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00114640 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-12 18:00 - 2016-08-01 14:27 - 00381752 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00124880 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00025424 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00024016 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00175560 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00030160 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00043472 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00048592 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00026456 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00057808 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00024016 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-08-05 10:33 - 2016-08-01 14:26 - 00246592 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00028616 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-04-14 19:09 - 2016-08-01 14:27 - 00020800 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-04-14 19:09 - 2016-08-01 14:27 - 00019776 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-04-14 19:09 - 2016-08-01 14:27 - 00020800 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-04-14 19:09 - 2016-06-29 19:25 - 00144848 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-08-05 10:33 - 2016-06-29 19:26 - 00241104 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2016-08-05 10:33 - 2016-08-01 14:26 - 00020280 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-04-14 19:09 - 2016-08-01 14:27 - 00023376 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-04-14 19:09 - 2016-06-29 19:27 - 00350152 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-04-14 19:09 - 2016-08-01 14:27 - 00022352 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00024392 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-08-05 10:33 - 2016-06-29 19:28 - 00036296 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\librsync.dll
2016-08-05 10:33 - 2016-08-01 14:27 - 00084280 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-08-05 10:33 - 2016-08-01 14:27 - 01826096 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-12 18:00 - 2016-06-29 19:26 - 00083912 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\sip.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 03929392 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 01972016 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00531248 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00132912 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00224056 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00207672 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00020288 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd
2015-12-12 18:00 - 2016-06-29 19:27 - 00060880 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00024904 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00546096 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00357680 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00168248 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-08-05 10:33 - 2016-08-01 14:27 - 00042808 _____ () C:\Users\devin\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-08-06 01:04 - 2016-08-06 01:04 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-17 15:49 - 2016-06-15 02:15 - 01745560 _____ () C:\Users\devin\AppData\Local\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-17 15:49 - 2016-06-15 02:15 - 00091288 _____ () C:\Users\devin\AppData\Local\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-05-11 11:39 - 2016-05-11 11:39 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\22e6307b0cd5955ebf3f8abd9e3ab58d\IsdiInterop.ni.dll
2011-11-11 21:54 - 2010-09-13 19:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\devin\AppData\Local\Temporary Internet Files:HODqZLMEThJuprida [2306]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2012-01-02 14:22 - 2013-04-21 10:33 - 00001458 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 wat.microsoft.com
127.0.0.1 mpa.microsoft.com127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3688702354-2117096547-3842074458-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\devin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
mpsdrv => Firewall Service is not running.
MpsSvc => Firewall Service is not running.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: doubleTwist => C:\Program Files (x86)\doubleTwist\doubleTwist.Light.exe
MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\devin\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
MSCONFIG\startupreg: HitBliss => "C:\Users\devin\AppData\Roaming\HitBliss\Player\HitBliss.exe" --minimize
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: OutfoxTV => C:\Program Files\OutfoxTV\OutfoxTV\DesktopContainer.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\devin\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\devin\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\devin\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
MSCONFIG\startupreg: WallpaperChanger => C:\Program Files (x86)\Wallpaper Master\Wallpaper.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
10-05-2016 23:02:09 Windows Update
12-05-2016 03:00:44 Windows Update
23-05-2016 14:32:39 Scheduled Checkpoint
26-05-2016 03:00:28 Windows Update
02-06-2016 18:16:40 Scheduled Checkpoint
10-06-2016 00:00:01 Scheduled Checkpoint
12-06-2016 13:13:10 Installed iCloud
12-06-2016 13:57:25 Removed iCloud
16-06-2016 03:00:31 Windows Update
23-06-2016 11:11:52 Scheduled Checkpoint
23-06-2016 13:30:09 Windows Update
30-06-2016 15:17:07 Scheduled Checkpoint
15-07-2016 11:06:19 Scheduled Checkpoint
16-07-2016 03:00:46 Windows Update
21-07-2016 03:00:29 Windows Update
29-07-2016 14:42:16 Scheduled Checkpoint
06-08-2016 18:49:22 Windows Update
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/06/2016 06:53:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 3.8.2016.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 16a4
Start Time: 01d1f04d5be8bf81
Termination Time: 60000
Application Path: C:\Users\devin\Desktop\FRST64.exe
Report Id: 90ce971d-5c41-11e6-9617-e069954f6a50
Error: (08/06/2016 06:38:02 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/06/2016 06:38:02 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/06/2016 06:38:02 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/06/2016 06:38:02 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Error: (08/06/2016 06:37:16 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/06/2016 06:37:16 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
Context: Windows Application, SystemIndex Catalog
Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)
Error: (08/06/2016 06:37:16 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/06/2016 06:37:16 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (08/06/2016 06:37:16 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
Details:
0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800))
System errors:
=============
Error: (08/06/2016 07:00:54 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Installer service, but this action failed with the following error:
%%1056 = An instance of the service is already running.
Error: (08/06/2016 06:58:15 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Modules Installer service, but this action failed with the following error:
%%1056 = An instance of the service is already running.
Error: (08/06/2016 06:56:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Microsoft .NET Framework 4.6.1 for Windows 7 for x64 (KB3102433).
Error: (08/06/2016 06:56:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (08/06/2016 06:55:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 300000 milliseconds: Restart the service.
Error: (08/06/2016 06:55:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (08/06/2016 06:48:56 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Security Center service terminated with the following error:
%%2 = The system cannot find the file specified.
Error: (08/06/2016 06:45:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error:
%%-2147024891 = Access is denied.
Error: (08/06/2016 06:45:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
%%-2147024891 = Access is denied.
Error: (08/06/2016 06:45:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly. It has done this 2 time(s).
==================== Memory info ===========================
Processor: Intel® Core i5-2400 CPU @ 3.10GHz
Percentage of memory in use: 32%
Total physical RAM: 8171.96 MB
Available physical RAM: 5509.34 MB
Total Virtual: 16342.1 MB
Available Virtual: 13658.54 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:41.35 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Volume 2) (Fixed) (Total:931.51 GB) (Free:54.41 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9AA4A94C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4B454B44)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Hardware interrupts and DPC's (from Process Explorer)
Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
System Idle Process 95.43 0 K 24 K 0
procexp64.exe 1.88 31,016 K 52,776 K 5664 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
taskmgr.exe 0.53 4,428 K 12,732 K 4052 Windows Task Manager Microsoft Corporation (Verified) Microsoft Windows
AvastSvc.exe 0.45 139,092 K 43,564 K 1444 avast! Service AVAST Software (Verified) AVAST Software a.s.
Interrupts 0.37 0 K 0 K n/a Hardware Interrupts and DPCs
dwm.exe 0.33 32,068 K 40,048 K 1812 Desktop Window Manager Microsoft Corporation (Verified) Microsoft Windows
chrome.exe 0.32 83,520 K 115,872 K 3380 Google Chrome Google Inc. (Verified) Google Inc
csrss.exe 0.17 4,432 K 9,776 K 672 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
System 0.12 2,428 K 112,584 K 4
MusicManager.exe 0.09 19,084 K 31,944 K 2200 Music Manager Google Inc. (No signature was present in the subject) Google Inc.
SolutoService.exe 0.08 55,216 K 65,344 K 3872 Soluto Soluto (Verified) Soluto
chrome.exe 0.06 59,540 K 95,668 K 2344 Google Chrome Google Inc. (Verified) Google Inc
explorer.exe 0.02 28,688 K 54,488 K 1828 Windows Explorer Microsoft Corporation (Verified) Microsoft Windows
IAStorDataMgrSvc.exe 0.02 20,048 K 16,772 K 5536 IAStorDataSvc Intel Corporation (Verified) Intel Corporation
services.exe 0.02 6,172 K 10,348 K 768 Services and Controller app Microsoft Corporation (Verified) Microsoft Windows
LMS.exe 0.02 2,280 K 4,896 K 5884 Local Manageability Service Intel Corporation (Verified) Intel Corporation
svchost.exe 0.02 4,928 K 10,480 K 876 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 0.01 192,160 K 194,796 K 4384 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
wsc_proxy.exe 0.01 1,392 K 5,016 K 4260 Avast remediation exe AVAST Software (Verified) AVAST Software a.s.
wsc_proxy.exe 0.01 1,392 K 5,024 K 5456 Avast remediation exe AVAST Software (Verified) AVAST Software a.s.
svchost.exe 0.01 5,600 K 10,968 K 5244 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
XBoxStat.exe 0.01 2,748 K 6,612 K 1600 XBoxStat.exe Microsoft Corporation (Verified) Microsoft Corporation
Dropbox.exe < 0.01 136,568 K 164,780 K 2656 Dropbox Dropbox, Inc. (Verified) Dropbox
iPodService.exe < 0.01 3,188 K 7,596 K 3688 iPodService Module (64-bit) Apple Inc. (Verified) Apple Inc.
svchost.exe < 0.01 35,000 K 53,592 K 1116 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
avastui.exe < 0.01 31,316 K 17,152 K 2568 avast! Antivirus AVAST Software (Verified) AVAST Software a.s.
svchost.exe < 0.01 8,360 K 15,656 K 1060 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
AppleMobileDeviceService.exe < 0.01 3,476 K 10,640 K 1656 MobileDeviceService Apple Inc. (Verified) Apple Inc.
taskhost.exe < 0.01 8,184 K 11,256 K 1496 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
TiltWheelMouse.exe < 0.01 1,524 K 5,964 K 396 pximouse Pixart Imaging Inc (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe < 0.01 32,436 K 35,452 K 1364 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe < 0.01 9,420 K 19,072 K 1092 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
wmpnetwk.exe < 0.01 15,208 K 8,304 K 5228 Windows Media Player Network Sharing Service Microsoft Corporation (Verified) Microsoft Windows
csrss.exe < 0.01 2,532 K 5,048 K 588 Client Server Runtime Process Microsoft Corporation (Verified) Microsoft Windows
IAStorIcon.exe < 0.01 29,140 K 24,904 K 2620 IAStorIcon Intel Corporation (Verified) Intel Corporation
iTunesHelper.exe < 0.01 4,180 K 12,532 K 2772 iTunesHelper Apple Inc. (Verified) Apple Inc.
lxeccoms.exe < 0.01 2,796 K 6,716 K 2188 Printer Communication System (Verified) Lexmark International
wuauclt.exe 2,284 K 6,984 K 1756 Windows Update Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 2,896 K 6,660 K 3320 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
WmiPrvSE.exe 7,260 K 13,176 K 2732 WMI Provider Host Microsoft Corporation (Verified) Microsoft Windows
winlogon.exe 3,588 K 8,108 K 712 Windows Logon Application Microsoft Corporation (Verified) Microsoft Windows
wininit.exe 1,652 K 4,780 K 664 Windows Start-Up Application Microsoft Corporation (Verified) Microsoft Windows
VSSVC.exe 2,136 K 6,992 K 4796 Microsoft® Volume Shadow Copy Service Microsoft Corporation (Verified) Microsoft Windows
unsecapp.exe 2,172 K 6,096 K 5428 Sink to receive asynchronous callbacks for WMI client application Microsoft Corporation (Verified) Microsoft Windows
TrustedInstaller.exe 17,412 K 20,636 K 2612 Windows Modules Installer Microsoft Corporation (Verified) Microsoft Windows
taskhost.exe 2,156 K 5,240 K 5168 Host Process for Windows Tasks Microsoft Corporation (Verified) Microsoft Windows
taskeng.exe 2,116 K 5,620 K 1996 Task Scheduler Engine Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 4,600 K 8,552 K 1008 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,808 K 8,668 K 1220 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 16,808 K 16,408 K 120 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,804 K 5,372 K 1212 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 1,932 K 5,496 K 4088 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 6,420 K 12,504 K 1436 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
svchost.exe 2,096 K 5,884 K 4352 Host Process for Windows Services Microsoft Corporation (Verified) Microsoft Windows
spoolsv.exe 9,932 K 17,308 K 1984 Spooler SubSystem App Microsoft Corporation (Verified) Microsoft Windows
SolutoLauncherService.exe 1,392 K 3,868 K 3796 Soluto Launcher Service Soluto (Verified) Soluto
smss.exe 584 K 1,260 K 388 Windows Session Manager Microsoft Corporation (Verified) Microsoft Windows
RAVCpl64.exe 10,992 K 12,232 K 1664 Realtek HD Audio Manager Realtek Semiconductor (Verified) Realtek Semiconductor Corp
procexp.exe 2,448 K 7,620 K 4456 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
PresentationFontCache.exe 30,440 K 25,668 K 972 PresentationFontCache.exe Microsoft Corporation (Verified) Microsoft Corporation
nusb3mon.exe 1,752 K 5,448 K 2628 USB 3.0 Monitor Renesas Electronics Corporation (Verified) Renesas Electronics Corporation
msiexec.exe 2,460 K 6,448 K 2336 Windows® installer Microsoft Corporation (Verified) Microsoft Windows
mDNSResponder.exe 2,284 K 5,920 K 1808 Bonjour Service Apple Inc. (Verified) Apple Inc.
mbamscheduler.exe 4,712 K 10,340 K 5152 Malwarebytes Anti-Malware Malwarebytes (Verified) Malwarebytes Corporation
lsm.exe 2,672 K 4,536 K 788 Local Session Manager Service Microsoft Corporation (Verified) Microsoft Windows
lsass.exe 6,804 K 14,264 K 776 Local Security Authority Process Microsoft Corporation (Verified) Microsoft Windows
jusched.exe 2,360 K 5,460 K 3000 Java Update Scheduler Oracle Corporation (Verified) Oracle America
IPROSetMonitor.exe 1,652 K 4,532 K 1704 Intel® PROSet Monitoring Service Intel Corporation (Verified) Intel Corporation
GoogleUpdate.exe 2,252 K 800 K 2304 Google Installer Google Inc. (Verified) Google Inc
GoogleUpdate.exe 2,100 K 824 K 2636 Google Installer Google Inc. (Verified) Google Inc
DropboxUpdate.exe 3,160 K 3,260 K 2156 Dropbox Update Dropbox, Inc. (Verified) Dropbox
chrome.exe 32,540 K 59,824 K 3388 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 33,168 K 28,940 K 3172 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 24,164 K 51,412 K 3368 Google Chrome Google Inc. (Verified) Google Inc
chrome.exe 1,580 K 4,688 K 2448 Google Chrome Google Inc. (Verified) Google Inc
audiodg.exe 18,240 K 17,748 K 2404 Windows Audio Device Graph Isolation Microsoft Corporation (Verified) Microsoft Windows
atiesrxx.exe 1,608 K 4,940 K 756 AMD External Events Service Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher
atieclxx.exe 2,688 K 7,484 K 1464 AMD External Events Client Module AMD (Verified) Microsoft Windows Hardware Compatibility Publisher