Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
help please and thank you
Message
<blockquote data-quote="S Henson" data-source="post: 405893" data-attributes="member: 37603"><p>Ran by Sandra Henson at 2015-07-02 11:39:19</p><p>Running from C:\Users\Sandra Henson\Desktop</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Accounts: =============================</p><p></p><p>Administrator (S-1-5-21-1948824698-2788543327-851348242-500 - Administrator - Disabled)</p><p>Guest (S-1-5-21-1948824698-2788543327-851348242-501 - Limited - Enabled) => C:\Users\Guest</p><p>HomeGroupUser$ (S-1-5-21-1948824698-2788543327-851348242-1007 - Limited - Enabled)</p><p>sandra backup (S-1-5-21-1948824698-2788543327-851348242-1008 - Administrator - Enabled) => C:\Users\sandra backup</p><p>Sandra Henson (S-1-5-21-1948824698-2788543327-851348242-1001 - Administrator - Enabled) => C:\Users\Sandra Henson</p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}</p><p>AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}</p><p>FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA)</p><p>Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)</p><p>Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)</p><p>Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)</p><p>Amazon Music (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\Amazon Amazon Music) (Version: 3.0.0.564 - Amazon Services LLC)</p><p>AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)</p><p>AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.)</p><p>Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)</p><p>Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)</p><p>Coffee Rush 3 (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\CoffeeRush3_MicrosoftVistaXP-SIDR-60_EN_GEN) (Version: - Iplay)</p><p>CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.)</p><p>D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden</p><p>Dream Day Wedding Collector Set (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\DreamDayWeddingCollectorSet_MicrosoftVistaXP-SIDR-60_EN_GEN) (Version: - Iplay)</p><p>Dropbox (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)</p><p>ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)</p><p>Games Manager (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\GamesManager) (Version: 1.1.8.808 - Iplay)</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)</p><p>Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden</p><p>Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden</p><p>HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard)</p><p>HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company)</p><p>HP Documentation (HKLM-x32\...\{BC6CB499-9F29-4B41-8B8B-FA7248525256}) (Version: 1.1.0.0 - Hewlett-Packard)</p><p>HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)</p><p>HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)</p><p>HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company)</p><p>HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)</p><p>HP Photo Creations (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP)</p><p>HP Photosmart 5510 series Basic Device Software (HKLM\...\{424E8E17-A7B7-45B5-8C79-D58F04D9D920}) (Version: 25.0.621.0 - Hewlett-Packard Co.)</p><p>HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)</p><p>HP Photosmart 5510 series Product Improvement Study (HKLM\...\{1AE1848C-D592-4222-8048-AEE1694D2959}) (Version: 25.0.621.0 - Hewlett-Packard Co.)</p><p>HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)</p><p>HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)</p><p>HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company)</p><p>HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company)</p><p>HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company)</p><p>HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company)</p><p>HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)</p><p>HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)</p><p>HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)</p><p>HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden</p><p>IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)</p><p>Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)</p><p>Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)</p><p>Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)</p><p>JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)</p><p>Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden</p><p>LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.1.5.17469 - LeapFrog)</p><p>LeapFrog Connect (x32 Version: 5.1.5.17469 - LeapFrog) Hidden</p><p>LeapFrog LeapPad Explorer Plugin (x32 Version: 5.1.5.17469 - LeapFrog) Hidden</p><p>Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden</p><p>Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)</p><p>Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)</p><p>Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)</p><p>Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)</p><p>NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)</p><p>opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden</p><p>Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)</p><p>PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)</p><p>RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden</p><p>Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)</p><p>Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)</p><p>REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.)</p><p>Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)</p><p>ROBLOX Player for Sandra Henson (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation)</p><p>ROBLOX Studio for Sandra Henson (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation)</p><p>swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden</p><p>Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)</p><p>Typing Instructor for Kids (HKLM-x32\...\{94D3E3CE-CE56-428B-A92D-F06B7723CF9E}) (Version: 5.0.0 - Individual Software)</p><p>Unity Web Player (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)</p><p>UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden</p><p>Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version: - LeapFrog)</p><p>Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)</p><p>Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)</p><p>Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)</p><p>Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)</p><p>Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation)</p><p>Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)</p><p>Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)</p><p>Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )</p><p>Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)</p><p></p><p>==================== Custom CLSID (Whitelisted): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Local\Roblox\Versions\version-957ce0cc47814d39\RobloxProxy64.dll (ROBLOX Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>13-06-2015 17:36:04 Windows Update</p><p>14-06-2015 19:02:43 Windows Backup</p><p>15-06-2015 20:16:11 Removed 3DVIA player 5.0.0.20</p><p>15-06-2015 20:18:07 Removed LEGO® Indiana Jones™ 2</p><p>17-06-2015 17:58:27 Windows Update</p><p>22-06-2015 13:38:24 Windows Backup</p><p>23-06-2015 18:27:32 Windows Update</p><p>27-06-2015 12:38:50 Windows Update</p><p>28-06-2015 19:00:23 Windows Backup</p><p>01-07-2015 09:00:21 Windows Update</p><p></p><p>==================== Hosts content: ===============================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts</p><p></p><p>==================== Scheduled Tasks (Whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>Task: {18145FEC-6E1D-48A3-BA63-BB87594AD175} - System32\Tasks\{7C5644B7-264D-454A-A220-F258ADFA3D98} => Chrome.exe <a href="http://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsMain" target="_blank">http://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsMain</a></p><p>Task: {18984534-B99F-4BAE-965E-552E05336F67} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink)</p><p>Task: {25AFAFD0-160D-4C5A-B1C8-34C806C4ED61} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe</p><p>Task: {27265ABC-7798-4DE4-8BAF-B48E21FEA7E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN2CE252M7 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-08] (Hewlett-Packard)</p><p>Task: {29EEC91B-8191-4188-9B20-A5EA059B9651} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)</p><p>Task: {2DC87F87-C2DE-4079-9D0B-1950B4377F47} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)</p><p>Task: {324118AD-DD15-4A56-9AFE-AB7ED937F13E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1948824698-2788543327-851348242-1001UA => C:\Users\Sandra Henson\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)</p><p>Task: {427CF1C3-8A57-4E9A-B726-8910913F8655} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-08] (Hewlett-Packard)</p><p>Task: {433987AC-2CB2-4D77-BB93-4859293042D1} - System32\Tasks\avastBCLRestartS-1-5-21-1948824698-2788543327-851348242-1001 => Chrome.exe </p><p>Task: {463F214A-92C8-48DB-8CFB-3543C1066CD8} - System32\Tasks\{FB9BF608-9A5D-4DAB-9140-554597946509} => C:\Program Files (x86)\Yahoo! Games\Farm Frenzy 2\Launch.exe</p><p>Task: {4C781786-FECD-433F-AD75-CDEDFF0299D3} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)</p><p>Task: {4DF3B510-C027-4F53-ADB7-02004781E0AB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.)</p><p>Task: {58A411DC-1EED-4BBC-A77B-EA3110D56EFD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe</p><p>Task: {614DE01D-4640-40A7-A0B7-D3432260FC53} - System32\Tasks\avastBCLRestartS-1-5-21-1948824698-2788543327-851348242-1008 => Chrome.exe </p><p>Task: {624512C9-7A5E-422D-B4D7-A34AB1936B13} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)</p><p>Task: {6D1651D8-02B1-4AD6-AB56-A392777851DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)</p><p>Task: {717E11B9-5A83-42AC-A22B-1CAFB2833D7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25] (Google Inc.)</p><p>Task: {7CF778FF-145F-4867-B2B6-5794A1B210D5} - System32\Tasks\Component System\Component => C:\Users\Sandra Henson\AppData\Local\Component\com.exe</p><p>Task: {801C00C2-0939-44A9-A687-F4B575782ADD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe</p><p>Task: {852F9B4B-7F23-4A85-952C-2BA5F500A111} - System32\Tasks\{FA057561-628E-4978-8B12-75117BB52E66} => C:\Program Files (x86)\Yahoo! Games\Coffee Rush\Launch.exe</p><p>Task: {8F4E44D8-026F-43A0-9B8C-6AB9AC89D1F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)</p><p>Task: {934D169E-DE31-4E46-AB10-9958734A4E9A} - System32\Tasks\HPCeeScheduleForSandra Henson => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)</p><p>Task: {95661A34-5AE0-4CED-8383-3CCEF3AE5975} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)</p><p>Task: {A793CA43-671A-4199-A943-D5E183A24748} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe</p><p>Task: {AB1F2302-E5A4-4B4C-8C5C-29D2E705BEAD} - System32\Tasks\{F0925D0D-0399-4DCE-BC49-AD2F832E41D7} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"</p><p>Task: {AB6AAA64-0F50-4293-BE83-8C9F7FFA017B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)</p><p>Task: {BF51E4AE-3BE8-43EA-9D9C-637454169DB4} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.)</p><p>Task: {D051A5CE-3EED-4485-9913-635E2BEDEA1D} - System32\Tasks\{2D1345D6-7968-4A95-A4B9-5E832E4F4D80} => C:\Program Files (x86)\Yahoo! Games\Farm Frenzy 2\Launch.exe</p><p>Task: {D4D8E394-D777-4BC9-BF57-50BC89810851} - System32\Tasks\HPCeeScheduleForSANDRAHENSON-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)</p><p>Task: {D6A10DFB-3EC3-4244-8B1D-4C5A8933F32C} - System32\Tasks\{1D6B4695-6786-4B8E-9597-915385CFF9D8} => pcalua.exe -a "C:\Users\Sandra Henson\Downloads\jre-6u31-windows-i586-iftw.exe" -d "C:\Users\Sandra Henson\Desktop"</p><p>Task: {D9BF28D6-A7BE-4DED-B3C2-CCDDA5502EC3} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe</p><p>Task: {E279B1B0-CD87-4C4A-8D3F-EEE2BF796657} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1948824698-2788543327-851348242-1001Core => C:\Users\Sandra Henson\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)</p><p>Task: {E9E7B969-B63B-4134-851B-B9E2B301AC69} - System32\Tasks\{1683B958-0787-4EF5-9627-8B184236709E} => pcalua.exe -a "C:\Users\Sandra Henson\Downloads\Shockwave_Installer_Slim(1).exe" -d "C:\Users\Sandra Henson\Downloads"</p><p>Task: {F0FD90ED-E2FB-4A50-87B8-602AEDFBC327} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated)</p><p>Task: {F3EE3214-C517-4569-965C-AD245A1F403F} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION</p><p>Task: {F5D2B477-7A30-490E-B5A3-C877F5BD2FC9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.)</p><p>Task: {F7691344-070C-44FB-A1E5-869AC4EFB019} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25] (Google Inc.)</p><p>Task: {FD69CC1C-7BFD-4719-BE66-9D69F11B4344} - System32\Tasks\{B99076F2-8AC9-4292-975F-DC9D0BCBC451} => C:\Program Files (x86)\Yahoo! Games\Farm Frenzy 2\Launch.exe</p><p>Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1948824698-2788543327-851348242-1001Core.job => C:\Users\Sandra Henson\AppData\Local\Dropbox\Update\DropboxUpdate.exe</p><p>Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1948824698-2788543327-851348242-1001UA.job => C:\Users\Sandra Henson\AppData\Local\Dropbox\Update\DropboxUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\Windows\Tasks\HPCeeScheduleForSandra Henson.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe</p><p>Task: C:\Windows\Tasks\HPCeeScheduleForSANDRAHENSON-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe</p><p></p><p>==================== Loaded Modules (Whitelisted) ==============</p><p></p><p>2014-11-20 22:23 - 2014-11-20 22:23 - 00214528 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll</p><p>2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll</p><p>2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll</p><p>2014-11-20 22:23 - 2014-11-20 22:23 - 00127488 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll</p><p>2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 ____C () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe</p><p>2014-10-30 06:41 - 2014-10-30 06:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe</p><p>2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe</p><p>2014-06-17 16:23 - 2014-06-04 15:18 - 03162944 _____ () C:\Users\Sandra Henson\AppData\Local\Amazon Music\Amazon Music Helper.exe</p><p>2014-11-20 22:23 - 2014-11-20 22:23 - 00102400 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll</p><p>2015-04-29 18:57 - 2015-04-29 18:57 - 00104400 ____C () C:\Program Files\AVAST Software\Avast\log.dll</p><p>2015-04-29 18:56 - 2015-04-29 18:56 - 00081728 ____C () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll</p><p>2015-07-01 08:55 - 2015-07-01 08:55 - 02952704 ____C () C:\Program Files\AVAST Software\Avast\defs\15070102\algo.dll</p><p>2015-07-02 08:51 - 2015-07-02 08:51 - 02955264 ____C () C:\Program Files\AVAST Software\Avast\defs\15070202\algo.dll</p><p>2014-10-30 06:41 - 2014-10-30 06:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll</p><p>2014-10-30 06:41 - 2014-10-30 06:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll</p><p>2014-10-30 06:41 - 2014-10-30 06:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll</p><p>2015-07-02 08:48 - 2015-07-02 08:48 - 00043008 _____ () c:\Users\Sandra Henson\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppdxnmi.dll</p><p>2015-03-04 14:45 - 2015-03-19 00:15 - 00750080 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\libGLESv2.dll</p><p>2015-03-04 14:45 - 2015-03-19 00:15 - 00047616 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\libEGL.dll</p><p>2015-03-04 14:45 - 2015-03-19 00:15 - 00865280 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll</p><p>2015-03-04 14:45 - 2015-03-19 00:15 - 00200704 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll</p><p>2015-03-04 14:45 - 2015-03-19 00:15 - 00010240 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll</p><p>2015-03-04 14:45 - 2015-03-19 00:15 - 00726016 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll</p><p>2015-03-04 14:45 - 2015-03-19 00:15 - 00010240 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll</p><p>2015-03-18 08:27 - 2015-03-18 08:27 - 40540672 ____C () C:\Program Files\AVAST Software\Avast\libcef.dll</p><p>2015-06-14 11:33 - 2015-04-25 18:59 - 00061952 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\chrome_elf.dll</p><p>2015-06-14 11:33 - 2015-04-25 18:59 - 00862208 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\libglesv2.dll</p><p>2015-06-14 11:33 - 2015-04-25 18:59 - 00095232 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\libegl.dll</p><p>2015-06-14 11:33 - 2015-04-25 18:59 - 00454144 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\ppGoogleNaClPluginChrome.dll</p><p>2015-06-14 11:33 - 2015-04-25 18:59 - 00888832 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\ffmpegsumo.dll</p><p>2015-06-23 19:27 - 2015-06-23 19:27 - 17321648 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll</p><p></p><p>==================== Alternate Data Streams (Whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the ADS will be removed.)</p><p></p><p>AlternateDataStreams: C:\ProgramData\Temp:00FE3B98</p><p>AlternateDataStreams: C:\ProgramData\Temp:01442FD8</p><p>AlternateDataStreams: C:\ProgramData\Temp:0EFEBFCB</p><p>AlternateDataStreams: C:\ProgramData\Temp:17FF6514</p><p>AlternateDataStreams: C:\ProgramData\Temp:1F9C3D08</p><p>AlternateDataStreams: C:\ProgramData\Temp:29BCDA07</p><p>AlternateDataStreams: C:\ProgramData\Temp:3447AB86</p><p>AlternateDataStreams: C:\ProgramData\Temp:3ABC2192</p><p>AlternateDataStreams: C:\ProgramData\Temp:3B9582E0</p><p>AlternateDataStreams: C:\ProgramData\Temp:54FDCED6</p><p>AlternateDataStreams: C:\ProgramData\Temp:5E3FBF9D</p><p>AlternateDataStreams: C:\ProgramData\Temp:69E7DEDD</p><p>AlternateDataStreams: C:\ProgramData\Temp:79363C4B</p><p>AlternateDataStreams: C:\ProgramData\Temp:7ACF38DE</p><p>AlternateDataStreams: C:\ProgramData\Temp:89952728</p><p>AlternateDataStreams: C:\ProgramData\Temp:8EB63C9D</p><p>AlternateDataStreams: C:\ProgramData\Temp:97CCC404</p><p>AlternateDataStreams: C:\ProgramData\Temp:9A995231</p><p>AlternateDataStreams: C:\ProgramData\Temp:9FF05345</p><p>AlternateDataStreams: C:\ProgramData\Temp:ACA50580</p><p>AlternateDataStreams: C:\ProgramData\Temp:B7B09D45</p><p>AlternateDataStreams: C:\ProgramData\Temp:C6B7DC67</p><p>AlternateDataStreams: C:\ProgramData\Temp:CBEB737E</p><p>AlternateDataStreams: C:\ProgramData\Temp<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite116" alt=":D" title="Big grin :D" loading="lazy" data-shortname=":D" />B0CD29E</p><p>AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D</p><p>AlternateDataStreams: C:\ProgramData\Temp:EC5BDCFF</p><p>AlternateDataStreams: C:\ProgramData\Temp:F306CF14</p><p>AlternateDataStreams: C:\ProgramData\Temp:F5D4C9D5</p><p>AlternateDataStreams: C:\ProgramData\Temp:FA62FF6E</p><p>AlternateDataStreams: C:\ProgramData\Temp:FC5FFC81</p><p></p><p>==================== Safe Mode (Whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p></p><p>==================== EXE Association (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed.)</p><p></p><p></p><p>==================== Internet Explorer trusted/restricted ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry.)</p><p></p><p></p><p>==================== Other Areas ============================</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>HKU\S-1-5-21-1948824698-2788543327-851348242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra Henson\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg</p><p>DNS Servers: 192.168.1.1</p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items ==</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>MSCONFIG\startupreg: (default) => </p><p>MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"</p><p>MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe</p><p>MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe</p><p>MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"</p><p>MSCONFIG\startupreg: NielsenOnline => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe</p><p>MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot</p><p></p><p>==================== FirewallRules (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>FirewallRules: [{F463F9A5-14B5-4963-AD62-E106671621B5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe</p><p>FirewallRules: [{EEB35DCF-F8EC-4ADF-AC93-6DF48813EFA5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe</p><p>FirewallRules: [{307E7DC6-3FE4-4787-884E-55A29CBF151F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe</p><p>FirewallRules: [{72D11655-39F0-4D69-A19D-54B0DDF75587}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe</p><p>FirewallRules: [{D37322CE-74DD-46D2-A71E-782F2C83E146}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe</p><p>FirewallRules: [{9C152CDE-5413-4B4C-B8EE-ECB3A0656758}] => (Allow) LPort=2869</p><p>FirewallRules: [{F77CFD0A-A9B6-4448-B8A1-7FA5479E4D7B}] => (Allow) LPort=1900</p><p>FirewallRules: [{AF66DDF2-FA61-4016-BBA7-9F7FDEFA8165}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe</p><p>FirewallRules: [TCP Query User{38FC4429-CCDB-4743-92EC-86AB4FE872A7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe</p><p>FirewallRules: [UDP Query User{F029CB2D-528C-4E00-A573-A3A637C91642}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe</p><p>FirewallRules: [{198E5CF3-5695-4A88-BD55-287B50319A2B}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe</p><p>FirewallRules: [{52335CF5-F981-4B70-B536-19220CE80E6E}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe</p><p>FirewallRules: [{84F24F92-D0F6-406E-BB41-39DC03A86448}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe</p><p>FirewallRules: [{7F4CB3CE-DC39-4EB9-8521-1072958369BA}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe</p><p>FirewallRules: [{52A8F1F8-BDA4-4F6F-A579-8AA9D7A46FAF}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe</p><p>FirewallRules: [{64C2DB01-E6DB-4160-B18F-542ACC31609C}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe</p><p>FirewallRules: [{A7D2DF0C-BFAA-445B-85C8-3C45043B42A3}] => (Allow) C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\Dropbox.exe</p><p>FirewallRules: [{000E81B3-A061-4D76-BC0A-A8CAD1A99B53}] => (Allow) C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\Dropbox.exe</p><p>FirewallRules: [{205E946C-B171-43FE-9C3E-7C9505FCCF48}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe</p><p>FirewallRules: [{6E9D6C60-8D1A-4507-AD34-B8E79E02B8D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe</p><p>FirewallRules: [{59B362FF-589A-40AC-A8E2-6E19799F2BC1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe</p><p>FirewallRules: [{106866D8-44A7-46D8-84E2-64C7C78B8746}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe</p><p>FirewallRules: [{5183E5F0-C913-4D75-9B53-DB70351A9363}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe</p><p>FirewallRules: [TCP Query User{D594595A-41A9-43A6-A1DD-F7DD2833E1E4}C:\users\sandra henson\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\sandra henson\appdata\roaming\dropbox\bin\dropbox.exe</p><p>FirewallRules: [UDP Query User{4A062A90-D23E-4A03-BD93-D54C30E70D4B}C:\users\sandra henson\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\sandra henson\appdata\roaming\dropbox\bin\dropbox.exe</p><p>FirewallRules: [{20319245-EEEE-48B0-90ED-9279B4F58BE1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe</p><p>FirewallRules: [{C4753B46-D1FD-4639-B16B-AB8EE92B32E9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe</p><p>FirewallRules: [{F94F0C24-777D-46C4-A1DC-E7DE59103CE6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe</p><p>FirewallRules: [{01FD4C1C-2772-44EE-B0D4-A4296AD921BD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe</p><p>FirewallRules: [{8921500F-E7B5-49B2-8E25-8D15F04E89DC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe</p><p>FirewallRules: [{4E760FE5-44EE-430B-92BC-A80E44DB2025}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe</p><p>FirewallRules: [{6E0621B3-3B00-4F57-BD87-A836E9F24E07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p>Name: qknfd</p><p>Description: qknfd</p><p>Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}</p><p>Manufacturer: </p><p>Service: qknfd</p><p>Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)</p><p>Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.</p><p>Devices stay in this state if they have been prepared for removal.</p><p>After you remove the device, this error disappears.Remove the device, and this error should be resolved.</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (07/02/2015 08:47:32 AM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (07/01/2015 09:46:11 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (07/01/2015 06:01:19 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (07/01/2015 08:51:53 AM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/28/2015 07:04:49 PM) (Source: Windows Backup) (EventID: 4104) (User: )</p><p>Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005).</p><p></p><p>Error: (06/28/2015 04:57:38 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/27/2015 05:55:02 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/27/2015 03:53:46 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/27/2015 00:25:52 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/26/2015 08:53:34 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (07/02/2015 08:47:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>qknfd</p><p></p><p>Error: (07/02/2015 08:47:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\Windows\system32\Rtlihvs.dll</p><p>Error Code: 126</p><p></p><p>Error: (07/01/2015 09:45:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>qknfd</p><p></p><p>Error: (07/01/2015 09:45:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\Windows\system32\Rtlihvs.dll</p><p>Error Code: 126</p><p></p><p>Error: (07/01/2015 06:01:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>qknfd</p><p></p><p>Error: (07/01/2015 06:00:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\Windows\system32\Rtlihvs.dll</p><p>Error Code: 126</p><p></p><p>Error: (07/01/2015 09:01:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)</p><p>Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.201.478.0).</p><p></p><p>Error: (07/01/2015 08:51:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>qknfd</p><p></p><p>Error: (07/01/2015 08:51:30 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\Windows\system32\Rtlihvs.dll</p><p>Error Code: 126</p><p></p><p>Error: (06/28/2015 04:57:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load: </p><p>qknfd</p><p></p><p></p><p>Microsoft Office:</p><p>=========================</p><p>Error: (07/02/2015 08:47:32 AM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (07/01/2015 09:46:11 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (07/01/2015 06:01:19 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (07/01/2015 08:51:53 AM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/28/2015 07:04:49 PM) (Source: Windows Backup) (EventID: 4104) (User: )</p><p>Description: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005)</p><p></p><p>Error: (06/28/2015 04:57:38 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/27/2015 05:55:02 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/27/2015 03:53:46 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/27/2015 00:25:52 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p>Error: (06/26/2015 08:53:34 PM) (Source: WinMgmt) (EventID: 10) (User: )</p><p>Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003</p><p></p><p></p><p>CodeIntegrity Errors:</p><p>===================================</p><p> Date: 2015-02-15 17:00:40.465</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2015-02-15 17:00:40.294</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-12-10 05:55:59.395</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-12-10 05:55:59.250</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-11-12 17:14:21.510</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-11-12 17:14:21.510</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-11-12 17:14:21.463</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-11-12 17:14:21.463</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-11-12 17:13:16.083</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p> Date: 2014-11-12 17:13:16.068</p><p> Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.</p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Processor: AMD A6-3420M APU with Radeon(tm) HD Graphics</p><p>Percentage of memory in use: 50%</p><p>Total physical RAM: 3561.41 MB</p><p>Available physical RAM: 1776.73 MB</p><p>Total Pagefile: 7121.02 MB</p><p>Available Pagefile: 4547.17 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.85 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: () (Fixed) (Total:441.65 GB) (Free:368.62 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p>Drive d: (Recovery) (Fixed) (Total:19.95 GB) (Free:2.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p>Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0.01 GB) FAT32</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 895A24CC)</p><p>Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)</p><p>Partition 2: (Not Active) - (Size=441.6 GB) - (Type=07 NTFS)</p></blockquote><p></p>
[QUOTE="S Henson, post: 405893, member: 37603"] Ran by Sandra Henson at 2015-07-02 11:39:19 Running from C:\Users\Sandra Henson\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1948824698-2788543327-851348242-500 - Administrator - Disabled) Guest (S-1-5-21-1948824698-2788543327-851348242-501 - Limited - Enabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-1948824698-2788543327-851348242-1007 - Limited - Enabled) sandra backup (S-1-5-21-1948824698-2788543327-851348242-1008 - Administrator - Enabled) => C:\Users\sandra backup Sandra Henson (S-1-5-21-1948824698-2788543327-851348242-1001 - Administrator - Enabled) => C:\Users\Sandra Henson ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Amazon Music (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\Amazon Amazon Music) (Version: 3.0.0.564 - Amazon Services LLC) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD System Monitor (HKLM-x32\...\{6EFD0C42-4CC1-4716-A0CA-21C1A062CF34}) (Version: 1.0.9 - Advanced Micro Devices, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Coffee Rush 3 (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\CoffeeRush3_MicrosoftVistaXP-SIDR-60_EN_GEN) (Version: - Iplay) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.0.4528 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dream Day Wedding Collector Set (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\DreamDayWeddingCollectorSet_MicrosoftVistaXP-SIDR-60_EN_GEN) (Version: - Iplay) Dropbox (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.) ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard) Games Manager (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\GamesManager) (Version: 1.1.8.808 - Iplay) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Application Assistant (HKLM\...\{0CE7EBAF-157D-4111-9146-057CB2A4023E}) (Version: 1.1.466.3970 - Hewlett-Packard) HP Connection Manager (HKLM-x32\...\{B65FCAA5-F3A6-4B3F-ABEE-CBC2B085796B}) (Version: 4.1.25.1 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{BC6CB499-9F29-4B41-8B8B-FA7248525256}) (Version: 1.1.0.0 - Hewlett-Packard) HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company) HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.1.21091.0 - Hewlett-Packard Company) HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company) HP Photo Creations (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\HP Photo Creations) (Version: 1.0.0.17422 - HP) HP Photosmart 5510 series Basic Device Software (HKLM\...\{424E8E17-A7B7-45B5-8C79-D58F04D9D920}) (Version: 25.0.621.0 - Hewlett-Packard Co.) HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard) HP Photosmart 5510 series Product Improvement Study (HKLM\...\{1AE1848C-D592-4222-8048-AEE1694D2959}) (Version: 25.0.621.0 - Hewlett-Packard Co.) HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company) HP QuickWeb (HKLM-x32\...\{BB4FC2AD-DF12-4EE1-8AA7-2C0A26B5E2FB}) (Version: 3.1.1.10197 - Hewlett-Packard Company) HP Security Assistant (HKLM\...\{ED6CD3AC-616B-4B20-BCF3-6E637B92A5AD}) (Version: 3.0.4 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{F5E7D9AF-60F6-4A30-87E3-4EA94D322CE1}) (Version: 9.0.15076.3891 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.2.14901.3869 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT) Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.1.5.17469 - LeapFrog) LeapFrog Connect (x32 Version: 5.1.5.17469 - LeapFrog) Hidden LeapFrog LeapPad Explorer Plugin (x32 Version: 5.1.5.17469 - LeapFrog) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) RealDownloader (x32 Version: 17.0.15.4 - RealNetworks, Inc.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.11.0706 - REALTEK Semiconductor Corp.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) ROBLOX Player for Sandra Henson (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Studio for Sandra Henson (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated) Typing Instructor for Kids (HKLM-x32\...\{94D3E3CE-CE56-428B-A92D-F06B7723CF9E}) (Version: 5.0.0 - Individual Software) Unity Web Player (HKU\S-1-5-21-1948824698-2788543327-851348242-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version: - LeapFrog) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{5F71448B-88EB-4357-9A98-8658D4C49C48}) (Version: 1.1.2726.0 - Microsoft Corporation) Wizard101 (HKLM-x32\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Local\Roblox\Versions\version-957ce0cc47814d39\RobloxProxy64.dll (ROBLOX Corporation) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1948824698-2788543327-851348242-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) ==================== Restore Points ========================= 13-06-2015 17:36:04 Windows Update 14-06-2015 19:02:43 Windows Backup 15-06-2015 20:16:11 Removed 3DVIA player 5.0.0.20 15-06-2015 20:18:07 Removed LEGO® Indiana Jones™ 2 17-06-2015 17:58:27 Windows Update 22-06-2015 13:38:24 Windows Backup 23-06-2015 18:27:32 Windows Update 27-06-2015 12:38:50 Windows Update 28-06-2015 19:00:23 Windows Backup 01-07-2015 09:00:21 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {18145FEC-6E1D-48A3-BA63-BB87594AD175} - System32\Tasks\{7C5644B7-264D-454A-A220-F258ADFA3D98} => Chrome.exe [URL]http://ui.skype.com/ui/0/6.3.73.105.457/en/abandoninstall?page=tsMain[/URL] Task: {18984534-B99F-4BAE-965E-552E05336F67} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-09-28] (CyberLink) Task: {25AFAFD0-160D-4C5A-B1C8-34C806C4ED61} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {27265ABC-7798-4DE4-8BAF-B48E21FEA7E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN2CE252M7 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-08] (Hewlett-Packard) Task: {29EEC91B-8191-4188-9B20-A5EA059B9651} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {2DC87F87-C2DE-4079-9D0B-1950B4377F47} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.) Task: {324118AD-DD15-4A56-9AFE-AB7ED937F13E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1948824698-2788543327-851348242-1001UA => C:\Users\Sandra Henson\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {427CF1C3-8A57-4E9A-B726-8910913F8655} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-06-08] (Hewlett-Packard) Task: {433987AC-2CB2-4D77-BB93-4859293042D1} - System32\Tasks\avastBCLRestartS-1-5-21-1948824698-2788543327-851348242-1001 => Chrome.exe Task: {463F214A-92C8-48DB-8CFB-3543C1066CD8} - System32\Tasks\{FB9BF608-9A5D-4DAB-9140-554597946509} => C:\Program Files (x86)\Yahoo! Games\Farm Frenzy 2\Launch.exe Task: {4C781786-FECD-433F-AD75-CDEDFF0299D3} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.) Task: {4DF3B510-C027-4F53-ADB7-02004781E0AB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.) Task: {58A411DC-1EED-4BBC-A77B-EA3110D56EFD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {614DE01D-4640-40A7-A0B7-D3432260FC53} - System32\Tasks\avastBCLRestartS-1-5-21-1948824698-2788543327-851348242-1008 => Chrome.exe Task: {624512C9-7A5E-422D-B4D7-A34AB1936B13} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation) Task: {6D1651D8-02B1-4AD6-AB56-A392777851DC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {717E11B9-5A83-42AC-A22B-1CAFB2833D7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25] (Google Inc.) Task: {7CF778FF-145F-4867-B2B6-5794A1B210D5} - System32\Tasks\Component System\Component => C:\Users\Sandra Henson\AppData\Local\Component\com.exe Task: {801C00C2-0939-44A9-A687-F4B575782ADD} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {852F9B4B-7F23-4A85-952C-2BA5F500A111} - System32\Tasks\{FA057561-628E-4978-8B12-75117BB52E66} => C:\Program Files (x86)\Yahoo! Games\Coffee Rush\Launch.exe Task: {8F4E44D8-026F-43A0-9B8C-6AB9AC89D1F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {934D169E-DE31-4E46-AB10-9958734A4E9A} - System32\Tasks\HPCeeScheduleForSandra Henson => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {95661A34-5AE0-4CED-8383-3CCEF3AE5975} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {A793CA43-671A-4199-A943-D5E183A24748} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {AB1F2302-E5A4-4B4C-8C5C-29D2E705BEAD} - System32\Tasks\{F0925D0D-0399-4DCE-BC49-AD2F832E41D7} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller" Task: {AB6AAA64-0F50-4293-BE83-8C9F7FFA017B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {BF51E4AE-3BE8-43EA-9D9C-637454169DB4} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2014-10-27] (RealNetworks, Inc.) Task: {D051A5CE-3EED-4485-9913-635E2BEDEA1D} - System32\Tasks\{2D1345D6-7968-4A95-A4B9-5E832E4F4D80} => C:\Program Files (x86)\Yahoo! Games\Farm Frenzy 2\Launch.exe Task: {D4D8E394-D777-4BC9-BF57-50BC89810851} - System32\Tasks\HPCeeScheduleForSANDRAHENSON-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {D6A10DFB-3EC3-4244-8B1D-4C5A8933F32C} - System32\Tasks\{1D6B4695-6786-4B8E-9597-915385CFF9D8} => pcalua.exe -a "C:\Users\Sandra Henson\Downloads\jre-6u31-windows-i586-iftw.exe" -d "C:\Users\Sandra Henson\Desktop" Task: {D9BF28D6-A7BE-4DED-B3C2-CCDDA5502EC3} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe Task: {E279B1B0-CD87-4C4A-8D3F-EEE2BF796657} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1948824698-2788543327-851348242-1001Core => C:\Users\Sandra Henson\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {E9E7B969-B63B-4134-851B-B9E2B301AC69} - System32\Tasks\{1683B958-0787-4EF5-9627-8B184236709E} => pcalua.exe -a "C:\Users\Sandra Henson\Downloads\Shockwave_Installer_Slim(1).exe" -d "C:\Users\Sandra Henson\Downloads" Task: {F0FD90ED-E2FB-4A50-87B8-602AEDFBC327} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-23] (Adobe Systems Incorporated) Task: {F3EE3214-C517-4569-965C-AD245A1F403F} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION Task: {F5D2B477-7A30-490E-B5A3-C877F5BD2FC9} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1948824698-2788543327-851348242-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-10-26] (RealNetworks, Inc.) Task: {F7691344-070C-44FB-A1E5-869AC4EFB019} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-25] (Google Inc.) Task: {FD69CC1C-7BFD-4719-BE66-9D69F11B4344} - System32\Tasks\{B99076F2-8AC9-4292-975F-DC9D0BCBC451} => C:\Program Files (x86)\Yahoo! Games\Farm Frenzy 2\Launch.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1948824698-2788543327-851348242-1001Core.job => C:\Users\Sandra Henson\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1948824698-2788543327-851348242-1001UA.job => C:\Users\Sandra Henson\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForSandra Henson.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForSANDRAHENSON-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (Whitelisted) ============== 2014-11-20 22:23 - 2014-11-20 22:23 - 00214528 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll 2014-11-20 22:23 - 2014-11-20 22:23 - 00127488 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-10-26 23:59 - 2014-10-26 23:59 - 00039568 ____C () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2014-10-30 06:41 - 2014-10-30 06:41 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe 2014-06-17 16:23 - 2014-06-04 15:18 - 03162944 _____ () C:\Users\Sandra Henson\AppData\Local\Amazon Music\Amazon Music Helper.exe 2014-11-20 22:23 - 2014-11-20 22:23 - 00102400 ____C () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2015-04-29 18:57 - 2015-04-29 18:57 - 00104400 ____C () C:\Program Files\AVAST Software\Avast\log.dll 2015-04-29 18:56 - 2015-04-29 18:56 - 00081728 ____C () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-07-01 08:55 - 2015-07-01 08:55 - 02952704 ____C () C:\Program Files\AVAST Software\Avast\defs\15070102\algo.dll 2015-07-02 08:51 - 2015-07-02 08:51 - 02955264 ____C () C:\Program Files\AVAST Software\Avast\defs\15070202\algo.dll 2014-10-30 06:41 - 2014-10-30 06:41 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2014-10-30 06:41 - 2014-10-30 06:41 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2014-10-30 06:41 - 2014-10-30 06:41 - 00032888 _____ () C:\Program Files (x86)\Real\UpdateService\RPDSUpdatePlugin.dll 2015-07-02 08:48 - 2015-07-02 08:48 - 00043008 _____ () c:\Users\Sandra Henson\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppdxnmi.dll 2015-03-04 14:45 - 2015-03-19 00:15 - 00750080 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 14:45 - 2015-03-19 00:15 - 00047616 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 14:45 - 2015-03-19 00:15 - 00865280 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 14:45 - 2015-03-19 00:15 - 00200704 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-04 14:45 - 2015-03-19 00:15 - 00010240 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 14:45 - 2015-03-19 00:15 - 00726016 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-03-04 14:45 - 2015-03-19 00:15 - 00010240 _____ () C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2015-03-18 08:27 - 2015-03-18 08:27 - 40540672 ____C () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-06-14 11:33 - 2015-04-25 18:59 - 00061952 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\chrome_elf.dll 2015-06-14 11:33 - 2015-04-25 18:59 - 00862208 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\libglesv2.dll 2015-06-14 11:33 - 2015-04-25 18:59 - 00095232 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\libegl.dll 2015-06-14 11:33 - 2015-04-25 18:59 - 00454144 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\ppGoogleNaClPluginChrome.dll 2015-06-14 11:33 - 2015-04-25 18:59 - 00888832 ____C () C:\Program Files (x86)\Fast Browser\Application\34.0.1848.0\ffmpegsumo.dll 2015-06-23 19:27 - 2015-06-23 19:27 - 17321648 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:00FE3B98 AlternateDataStreams: C:\ProgramData\Temp:01442FD8 AlternateDataStreams: C:\ProgramData\Temp:0EFEBFCB AlternateDataStreams: C:\ProgramData\Temp:17FF6514 AlternateDataStreams: C:\ProgramData\Temp:1F9C3D08 AlternateDataStreams: C:\ProgramData\Temp:29BCDA07 AlternateDataStreams: C:\ProgramData\Temp:3447AB86 AlternateDataStreams: C:\ProgramData\Temp:3ABC2192 AlternateDataStreams: C:\ProgramData\Temp:3B9582E0 AlternateDataStreams: C:\ProgramData\Temp:54FDCED6 AlternateDataStreams: C:\ProgramData\Temp:5E3FBF9D AlternateDataStreams: C:\ProgramData\Temp:69E7DEDD AlternateDataStreams: C:\ProgramData\Temp:79363C4B AlternateDataStreams: C:\ProgramData\Temp:7ACF38DE AlternateDataStreams: C:\ProgramData\Temp:89952728 AlternateDataStreams: C:\ProgramData\Temp:8EB63C9D AlternateDataStreams: C:\ProgramData\Temp:97CCC404 AlternateDataStreams: C:\ProgramData\Temp:9A995231 AlternateDataStreams: C:\ProgramData\Temp:9FF05345 AlternateDataStreams: C:\ProgramData\Temp:ACA50580 AlternateDataStreams: C:\ProgramData\Temp:B7B09D45 AlternateDataStreams: C:\ProgramData\Temp:C6B7DC67 AlternateDataStreams: C:\ProgramData\Temp:CBEB737E AlternateDataStreams: C:\ProgramData\Temp:DB0CD29E AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D AlternateDataStreams: C:\ProgramData\Temp:EC5BDCFF AlternateDataStreams: C:\ProgramData\Temp:F306CF14 AlternateDataStreams: C:\ProgramData\Temp:F5D4C9D5 AlternateDataStreams: C:\ProgramData\Temp:FA62FF6E AlternateDataStreams: C:\ProgramData\Temp:FC5FFC81 ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1948824698-2788543327-851348242-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra Henson\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: (default) => MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" MSCONFIG\startupreg: NielsenOnline => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{F463F9A5-14B5-4963-AD62-E106671621B5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe FirewallRules: [{EEB35DCF-F8EC-4ADF-AC93-6DF48813EFA5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\RNow.exe FirewallRules: [{307E7DC6-3FE4-4787-884E-55A29CBF151F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe FirewallRules: [{72D11655-39F0-4D69-A19D-54B0DDF75587}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\RoxioNow\IndivDRM.exe FirewallRules: [{D37322CE-74DD-46D2-A71E-782F2C83E146}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{9C152CDE-5413-4B4C-B8EE-ECB3A0656758}] => (Allow) LPort=2869 FirewallRules: [{F77CFD0A-A9B6-4448-B8A1-7FA5479E4D7B}] => (Allow) LPort=1900 FirewallRules: [{AF66DDF2-FA61-4016-BBA7-9F7FDEFA8165}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [TCP Query User{38FC4429-CCDB-4743-92EC-86AB4FE872A7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{F029CB2D-528C-4E00-A573-A3A637C91642}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{198E5CF3-5695-4A88-BD55-287B50319A2B}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe FirewallRules: [{52335CF5-F981-4B70-B536-19220CE80E6E}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{84F24F92-D0F6-406E-BB41-39DC03A86448}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe FirewallRules: [{7F4CB3CE-DC39-4EB9-8521-1072958369BA}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{52A8F1F8-BDA4-4F6F-A579-8AA9D7A46FAF}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{64C2DB01-E6DB-4160-B18F-542ACC31609C}] => (Allow) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe FirewallRules: [{A7D2DF0C-BFAA-445B-85C8-3C45043B42A3}] => (Allow) C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{000E81B3-A061-4D76-BC0A-A8CAD1A99B53}] => (Allow) C:\Users\Sandra Henson\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{205E946C-B171-43FE-9C3E-7C9505FCCF48}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe FirewallRules: [{6E9D6C60-8D1A-4507-AD34-B8E79E02B8D3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe FirewallRules: [{59B362FF-589A-40AC-A8E2-6E19799F2BC1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{106866D8-44A7-46D8-84E2-64C7C78B8746}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{5183E5F0-C913-4D75-9B53-DB70351A9363}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [TCP Query User{D594595A-41A9-43A6-A1DD-F7DD2833E1E4}C:\users\sandra henson\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\sandra henson\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{4A062A90-D23E-4A03-BD93-D54C30E70D4B}C:\users\sandra henson\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\sandra henson\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{20319245-EEEE-48B0-90ED-9279B4F58BE1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{C4753B46-D1FD-4639-B16B-AB8EE92B32E9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{F94F0C24-777D-46C4-A1DC-E7DE59103CE6}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{01FD4C1C-2772-44EE-B0D4-A4296AD921BD}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{8921500F-E7B5-49B2-8E25-8D15F04E89DC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{4E760FE5-44EE-430B-92BC-A80E44DB2025}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{6E0621B3-3B00-4F57-BD87-A836E9F24E07}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: qknfd Description: qknfd Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: qknfd Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (07/02/2015 08:47:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/01/2015 09:46:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/01/2015 06:01:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/01/2015 08:51:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2015 07:04:49 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: The backup was not successful. The error is: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005). Error: (06/28/2015 04:57:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/27/2015 05:55:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/27/2015 03:53:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/27/2015 00:25:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 08:53:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (07/02/2015 08:47:26 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Error: (07/02/2015 08:47:07 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Error: (07/01/2015 09:45:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Error: (07/01/2015 09:45:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Error: (07/01/2015 06:01:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Error: (07/01/2015 06:00:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Error: (07/01/2015 09:01:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Definition Update for Windows Defender - KB915597 (Definition 1.201.478.0). Error: (07/01/2015 08:51:50 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Error: (07/01/2015 08:51:30 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Error: (06/28/2015 04:57:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: qknfd Microsoft Office: ========================= Error: (07/02/2015 08:47:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/01/2015 09:46:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/01/2015 06:01:19 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/01/2015 08:51:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/28/2015 07:04:49 PM) (Source: Windows Backup) (EventID: 4104) (User: ) Description: There is not enough space on this drive to save the backup. Free up space by deleting older backups and unnecessary data or change your backup settings. (0x81000005) Error: (06/28/2015 04:57:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/27/2015 05:55:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/27/2015 03:53:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/27/2015 00:25:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/26/2015 08:53:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2015-02-15 17:00:40.465 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2015-02-15 17:00:40.294 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-10 05:55:59.395 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-12-10 05:55:59.250 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-12 17:14:21.510 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-12 17:14:21.510 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-12 17:14:21.463 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-12 17:14:21.463 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-12 17:13:16.083 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system. Date: 2014-11-12 17:13:16.068 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD A6-3420M APU with Radeon(tm) HD Graphics Percentage of memory in use: 50% Total physical RAM: 3561.41 MB Available physical RAM: 1776.73 MB Total Pagefile: 7121.02 MB Available Pagefile: 4547.17 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:441.65 GB) (Free:368.62 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (Recovery) (Fixed) (Total:19.95 GB) (Free:2.16 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:0.01 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 895A24CC) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=441.6 GB) - (Type=07 NTFS) [/QUOTE]
Insert quotes…
Verification
Post reply
Top