Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:27-09-2015 01
Ran by Tom (administrator) on TOM-PC (29-09-2015 22:28:31)
Running from C:\Users\Tom\Desktop
Loaded Profiles: Tom (Available Profiles: Tom)
Platform: Windows 10 Pro (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TosTogKeyMon.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Intuit Inc.) C:\Program Files (x86)\Quicken\bagent.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-09-2015 01
Ran by Tom (2015-09-29 22:29:31)
Running from C:\Users\Tom\Desktop
Windows 10 Pro (X64) (2015-08-12 02:36:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2395183170-2378603555-2842505502-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2395183170-2378603555-2842505502-503 - Limited - Disabled)
Guest (S-1-5-21-2395183170-2378603555-2842505502-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2395183170-2378603555-2842505502-1009 - Limited - Enabled)
Tom (S-1-5-21-2395183170-2378603555-2842505502-1000 - Administrator - Enabled) => C:\Users\Tom
wurco_000 (S-1-5-21-2395183170-2378603555-2842505502-1005 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.2.43 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6140 - AVG Technologies)
AVG 2015 (Version: 15.0.4419 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6140 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.0.444 - AVG Technologies)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Better Homes and Gardens Home Designer 7.0 (HKLM-x32\...\{0D503B8E-97E3-45B7-96CB-4936269B902C}) (Version: 7.0 - Chief Architect Inc)
Better Homes and Gardens Home Designer 7.0 Training Videos (HKLM-x32\...\{3419BF10-127A-42EB-9723-9A611AEBE853}) (Version: 1.00.000 - ART Inc)
Bing Maps 3D (HKLM\...\{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}) (Version: 4.0.903.16005 - Microsoft Corporation)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.12(T) - TOSHIBA CORPORATION)
Canon MF4320-4350 (HKLM\...\{99A5569D-9F86-4f32-A227-1538B731DA42}) (Version: - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CIR Tool Kit (HKLM-x32\...\{2FAECEAF-0EBE-48FF-B60A-B4577C0EFDAB}) (Version: 2.2.2011.128 - Nuvoton Technology Corp)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Corel WordPerfect Office - iFilter 64 Bit (HKLM\...\{1B45B85C-99E8-4523-8FB3-0248B3DECFC8}) (Version: 1.01.000 - Corel Corporation)
CyberLink PowerCinema for TOSHIBA (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 7.1.5608 - CyberLink Corp.)
CyberLink YouPaint (HKLM-x32\...\InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}) (Version: 1.2.3021 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeltaCad (HKLM-x32\...\DeltaCad) (Version: 8.0.20140328 - Midnight Software, Inc.)
Document Express DjVu Plug-in (HKLM-x32\...\{2E8C03EC-E09F-4868-A4AC-02B9285D3E09}) (Version: 6.1.31831 - Caminova, Inc.)
Dropbox (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.135.908 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.0.722 - Foxit Software Inc.)
Garmin BlueChart Americas v9 (HKLM-x32\...\{254A2683-4128-47B1-85DF-7690E6119EC6}) (Version: 9.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin BlueChart Pacific v9 (HKLM-x32\...\{A9BD2245-D38A-4645-8C60-BB141176ADDF}) (Version: 9.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{510D2239-6C2E-457B-9590-485EC552D94D}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Apps Migration For Microsoft Outlook® 3.4.27.52 (HKLM-x32\...\{65960C6E-BFA2-4FE7-A1BC-8028F3072566}) (Version: 3.4.27.52 - Google, Inc.)
Google Apps Sync™ for Microsoft Outlook® 3.7.410.1100 (HKLM-x32\...\{799A7E2B-388F-4BDE-B55B-47AF42C6440A}) (Version: 3.7.410.1100 - Google, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech)
HP Officejet Pro 6830 Basic Device Software (HKLM\...\{98040AB6-D667-409C-81E7-DB65836B3EE0}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
HP Officejet Pro 6830 Help (HKLM-x32\...\{28693307-6F99-4B5D-9FA3-4D9132DDA716}) (Version: 34.0.0 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.81 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iSEEK AnswerWorks English Runtime (HKLM-x32\...\{18A8E78B-9EF2-496E-B310-BCD8E4C1DAB3}) (Version: 010.000.0101 - Vantage Linguistics)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java(TM) 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
MC782ML_MC582ML (HKLM\...\{CEA241FD-11FF-442B-BDCA-DAB9E7AE2109}) (Version: 6.111.16 - YUAN)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.)
Media Go (HKLM-x32\...\{8D92969D-A6A3-44C8-9D63-D377E94F44B5}) (Version: 2.6.205 - Sony)
Media Go Video Playback Engine 2.0.106.08290 (HKLM-x32\...\{49D9CE9D-C8B7-B941-90E1-608044A0FC8D}) (Version: 2.0.106.08290 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Photo Premium 10 (HKLM-x32\...\PictureItPrem_v10) (Version: 10.0.0706 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\MyFreeCodec) (Version: - )
MyHarmony (HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
NextWindow DesktopTouch Driver Package (HKLM\...\{77DBAEBC-6068-4524-BA13-030DB378C871}) (Version: 1.1.017 - NextWindow)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)
nRoute (HKLM-x32\...\{AE97D691-DB7D-4735-8D6D-0E0164F75B94}) (Version: 2.6.1 - )
OpenCPN 4.0.0 (HKLM-x32\...\OpenCPN 4.0.0) (Version: 4.0.0 - opencpn.org)
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.14 - Nikon)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation(R)Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.18.0.15698 - Sony Computer Entertainment Inc.)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Product Improvement Study for HP Officejet Pro 6830 (HKLM\...\{96ABEAD3-67AE-4BF7-8A16-F745352049B3}) (Version: 33.1.73.49987 - Hewlett-Packard Co.)
Quicken 2011 (HKLM-x32\...\{5FE545A1-D215-4216-9189-E7B39C9D1CC1}) (Version: 20.1.8.6 - Intuit)
Quicken 2014 (HKLM-x32\...\{0877F595-254F-45F4-991D-3F72E86B17CE}) (Version: 23.1.8.8 - Intuit)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.82 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.1 - Renesas Electronics Corporation) Hidden
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Short Movie Creator (HKLM-x32\...\{B2817391-97C2-4A88-A952-14920594BD62}) (Version: 1.3.1 - Nikon)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SkyShellEx(x86) (HKLM-x32\...\{044D80FE-E0C3-4DDB-851A-9AD72CBC1CB1}) (Version: 1.0.1 - Coronox)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.0.15082.16 - Samsung Electronics Co., Ltd.) Hidden
Sony PC Companion 2.10.281 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony)
SYNC Volume Control v1.0.81 (HKLM-x32\...\SYNC Volume Control_is1) (Version: - Ford Motor Company)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
ThreatFire (HKLM-x32\...\3554AA4B-9B0B-451a-A269-2B5F53982209_is1) (Version: - PC Tools)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{B1DC5682-7B85-400C-BB47-7DA0E1E9CAAA}) (Version: 1.3.6.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.9 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.5.6.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Remote Control Manager (HKLM-x32\...\{FEB650EB-7639-444E-9FC2-C33EE6ED1A37}) (Version: 3.0.1009.3 - TOSHIBA CORPORATION)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.2.9 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.3.64WW2 - TOSHIBA Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{27C3DB42-A9C1-4B44-A164-93849D160D12}) (Version: 5.3.49.124 - Toshiba Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.29 - TOSHIBA Corporation)
Toshiba Wireless HID driver (HKLM-x32\...\{A190562C-BD9C-49CD-8C52-944A5256062E}) (Version: 1.00.006 - TOSHIBA Corporation)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.9 - TOSHIBA)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
VersaCheck Platinum 2007 (HKLM-x32\...\{7AA8968B-E188-4F38-A718-A954BE3DDBCE}) (Version: 9.0.17.1 - G7 Productivity Systems, Inc.)
VesselLog (HKLM-x32\...\{7A2C8626-8F9A-4E57-AC10-EBB1A261F849}) (Version: 1.02.5000 - Oso Software)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.1 - Nikon)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.13 - WildTangent) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Phone Engineering Flashing Tool (HKLM\...\{47135C88-5123-46AF-B9AF-26F4287A6401}) (Version: 04.08.2134.00 - Microsoft Corporation)
WordPerfect Lightning - IPM (x32 Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - Messages (x32 Version: 1.0 - Corel Corporation) Hidden
WordPerfect Lightning - MSOM (x32 Version: 1.1 - Corel Corporation) Hidden
WordPerfect Lightning (x32 Version: 2.0 - Corel Corporation) Hidden
WordPerfect Office X5 - Common (x32 Version: 15.1 - Corel Corporation) Hidden
Wordperfect Office X5 - EN (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Filters (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Graphics (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - IPM (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - LegalTools (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Migration Manager (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Oxford (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - PerfectExperts EN (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - PR (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - QP (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Setup Files (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Sharepoint (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - Skins (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - System EN (x32 Version: 15.0 - Corel Corporation) Hidden
WordPerfect Office X5 - Templates (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - WP (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 - WT (x32 Version: 15.1 - Corel Corporation) Hidden
WordPerfect Office X5 (HKLM-x32\...\_{DE6DE4A1-0343-4DBE-9DC2-E667AA03F579}) (Version: 15.0.0.431 - Corel Corporation)
WordPerfect Office X5 (x32 Version: 15.1 - Corel Corporation) Hidden
Xmarks for IE (HKLM-x32\...\{F0FEA296-3D00-4B6F-A70B-B73F0F305EA2}) (Version: 127.0.176 - Xmarks)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2395183170-2378603555-2842505502-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Tom\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Restore Points =========================
17-09-2015 09:32:45 Windows Update
21-09-2015 19:00:21 Windows Update
29-09-2015 08:31:16 Windows Update
29-09-2015 08:31:52 Windows Update
29-09-2015 15:54:37 Restore Operation
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 06:25 - 2015-09-05 01:38 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03D94218-A034-415D-BC28-DC730D07DC9A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {059F428C-6201-4480-B633-3154F47249AE} - System32\Tasks\START SKYDRIVE => C:\WINDOWS\System32\SkyDrive.exe
Task: {063A2B88-1EC7-4D8B-A198-E2CC7D444608} - System32\Tasks\{1FDA97D9-C5C7-4DC7-AEB6-BFF961B0B1CF} => pcalua.exe -a "C:\Program Files (x86)\Canon\MF Toolbox Ver4.9\Uninst.exe"
Task: {07BD9D02-0E91-4045-8B68-15CCCAB108B4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {0AD34D34-373A-4E60-8A8F-56F7F42FB364} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {193B42C4-FF7D-4634-A3B2-7E2180FE033D} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2015-07-10] (Microsoft Corporation)
Task: {1A6815B2-1FCE-47A0-83F9-627025D40FC0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {1F39C24D-3BD7-46C8-9CC6-1EE3360C8180} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-29] (Adobe Systems Incorporated)
Task: {207A6DA4-EA7A-47CD-AC97-D9C55101EDC2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {241B40A3-FEDE-4239-9474-59539C8668F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2668C326-4B35-4E0D-9E61-22BFD8B71169} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {26A082B9-B2A8-487D-A850-CCF48E1AFCAC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-07] (Dropbox, Inc.)
Task: {2ABD43E7-9D0B-4057-8D84-BBD5B3338944} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {2C2B0FC0-0415-48E6-B8C8-797418A4162C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {2DA97C99-AD05-42F0-9327-B7D3BB06E60D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {3E3BB8C5-0434-4846-B370-A88E7A6820D4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {4F21BA03-688D-47F8-AFA1-8979196F443B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {5492D24F-EEBC-4598-B339-B17D4731580C} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {56F12978-AA2B-4E93-8122-2EDE98922D98} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {5AC9D130-7033-4AFC-8A4C-7068660D3377} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {62D75334-0429-4050-A1A9-9A4110E8072E} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {651F15A4-0FEC-4447-B3BB-8A153534BA92} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {67E7D53B-4CC3-43BC-90B5-3D2FAC55DA68} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {6C19620D-B929-4D97-AC88-38BD5C67604D} - System32\Tasks\HP AR Program Upload - a73ab8b3d315444f89a4ec6a229687b0b7927a66769946dc9b7edd3d8ae37e55 => C:\Program Files\HP\HP Officejet Pro 6830\bin\HPRewards.exe [2014-07-18] (TODO: <Company name>)
Task: {6D306FF6-D47B-443B-884C-5A267DC91B71} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7AC4C1A9-C836-4367-B543-5DB06BBF2EEE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2015-07-11] (Hewlett-Packard Company)
Task: {7AD6A013-58A1-4AAD-A945-D399540B6586} - System32\Tasks\{137E5E92-1F2E-4FF6-A51C-1E3E08E6C9B7} => pcalua.exe -a C:\Users\Tom\Desktop\ToolBox_4911mf16_Win_EN\Setup.exe -d C:\Users\Tom\Desktop\ToolBox_4911mf16_Win_EN
Task: {7FFA5F5B-2F0F-4CEF-893E-8FE982E31A28} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {80012D4E-64AB-4A1C-9AB6-31C6AB5C1050} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {823384EE-1933-4ADD-B3B1-3FD9058E2DE2} - System32\Tasks\{F552A0C9-CDD4-489C-BB2E-775D5F13EB6C} => pcalua.exe -a D:\setup.exe -d D:\
Task: {82B51EF5-7466-4714-BB39-FEB35F628E4E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {82E24CC3-C7F7-4472-A507-477C801E4D7C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {86EB4252-1117-4DE6-BB01-FFE88C7CF533} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {8DE5FB7D-4110-4512-B5FF-B1AE064FBD84} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {995B9208-9A1D-4D01-AADE-6EAFD0ED667F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A350CF7A-7C8D-4B00-8DD3-06E7709D535C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {A4BA8CDE-C519-48D2-B259-F7B9B87FEE47} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {A62ADFB8-C0D3-497B-85A8-A1CAAF0F6ADC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-07] (Dropbox, Inc.)
Task: {A815EEE1-7439-4F95-8CA6-D6D3E53EC550} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A9B40EC1-2387-4DCA-BDFF-D1F050CBBB3C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A9FA280A-D96C-426F-B76C-2BBFD7C017E4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {AA6B5C00-DD2D-4741-969F-328387928864} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {AAF2F022-796B-44A1-A391-840A88AAC962} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {AFA6DD93-1AA6-4880-9843-36C2C73D7A92} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {B47B6B1E-1461-4608-A375-D1CA8C2E7414} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B71BD0EA-ECD1-4AA3-97A9-E53BF9AE2DD6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {C498B8B9-3E6F-4330-BDE0-271B76884A42} - System32\Tasks\HPCustParticipation HP Officejet Pro 6830 => C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPCustPartic.exe [2014-07-18] (Hewlett-Packard Development Company, LP)
Task: {CCB6E1C4-05D8-48C9-AB9A-E22B5BA0CFB3} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D092317C-4C1F-4C08-8FDF-2BA7691D26BF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {DEA12AD2-7C36-47F4-92A5-788DB03B849B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EE456DE2-194E-42AC-850B-59089279192E} - System32\Tasks\{C6C04AAB-D9B4-4ABD-82AC-952EA5296AA7} => pcalua.exe -a "C:\Users\Tom\Desktop\Printer Driver\ToolBox_4911mf16_Win_EN\Setup.exe" -d "C:\Users\Tom\Desktop\Printer Driver\ToolBox_4911mf16_Win_EN"
Task: {F477E358-C01E-4284-94D3-D3D17DFE8B9C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {FA2B30AF-C20C-481B-A38B-4DA7470AC239} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000Core.job => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2395183170-2378603555-2842505502-1000UA.job => C:\Users\Tom\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 04:00 - 2015-07-10 04:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-11 19:29 - 2015-08-11 19:29 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-19 11:03 - 2015-08-11 02:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2014-04-27 14:10 - 2014-04-27 14:10 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2015-08-29 06:48 - 2015-08-18 00:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 06:48 - 2015-08-18 00:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2010-12-15 15:19 - 2010-12-15 15:19 - 00124320 _____ () C:\Program Files\TOSHIBA\TECO\MUIHelp.dll
2015-06-01 21:00 - 2015-08-12 22:08 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-30 08:19 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2011-06-09 21:09 - 2011-06-09 21:09 - 00079784 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-08-12 22:05 - 2015-08-02 18:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 04:00 - 2015-07-10 06:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 11:03 - 2015-08-11 01:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 22:05 - 2015-08-02 18:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 04:00 - 2015-07-10 06:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-08-12 22:04 - 2015-08-02 18:09 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-08-12 22:05 - 2015-08-02 18:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-08-11 19:29 - 2015-08-11 19:29 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-07-10 06:17 - 2015-07-10 06:17 - 07897088 _____ () C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.0_1.0.22929.0_x64__8wekyb3d8bbwe\SharedLibrary.dll
2015-08-11 20:39 - 2015-08-11 20:39 - 00115712 _____ () C:\Program Files\WindowsApps\Microsoft.People_1.10241.0.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2015-08-11 20:39 - 2015-08-11 20:39 - 02787328 _____ () C:\Program Files\WindowsApps\Microsoft.People_1.10241.0.0_x64__8wekyb3d8bbwe\ContactCardDataRT.Windows.dll
2015-08-11 20:39 - 2015-08-11 20:39 - 00972800 _____ () C:\Program Files\WindowsApps\Microsoft.People_1.10241.0.0_x64__8wekyb3d8bbwe\Microsoft.Apps.People.BackgroundTasks.dll
2015-08-11 20:39 - 2015-08-11 20:39 - 00324608 _____ () C:\Program Files\WindowsApps\Microsoft.People_1.10241.0.0_x64__8wekyb3d8bbwe\Microsoft.People.Controls.dll
2015-07-10 03:59 - 2015-07-10 03:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 03:59 - 2015-07-10 03:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2014-04-27 14:10 - 2014-04-27 14:10 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll
2014-01-30 08:19 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-01-30 08:19 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-07-09 11:49 - 2015-06-30 16:21 - 00915968 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\deviceupdate_dll.dll
2013-06-11 09:31 - 2013-06-11 09:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2011-01-05 15:01 - 2011-01-05 15:01 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PimNotes.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2014-01-30 08:19 - 2015-04-21 13:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2014-01-30 08:19 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2014-09-15 16:20 - 2014-09-15 16:20 - 00645120 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2014-06-27 15:36 - 2014-06-27 15:36 - 00107520 _____ () C:\Program Files (x86)\Xmarks\IE Extension\zlib1.dll
2015-09-29 22:22 - 2015-09-29 22:22 - 00011264 _____ () C:\Users\Tom\AppData\Local\Temp\nsaE246.tmp\System.dll
2015-09-29 22:22 - 2015-09-29 22:22 - 00004096 _____ () C:\Users\Tom\AppData\Local\Temp\nsaE246.tmp\Banner.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Tom\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Bob.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Desktop\Cavity 2.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Tom\Downloads\FW Catholic Coffee Morning In Rome.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Best Selfie ever.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Dating Memories.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy (1).eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy (2).eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Fwd Man's fantasy.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Hurth rebuild.eml:OECustomProperty
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:SummaryInformation
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:Updt_SummaryInformation
AlternateDataStreams: C:\Users\Tom\Downloads\Pool 1.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Tom\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\thunderball 7.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2395183170-2378603555-2842505502-1000\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{22F13FBC-47F9-460B-8B39-0E1CA7963CD0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS010F\HPDiagnosticCoreUI.exe
FirewallRules: [{A5F0CE45-E7AE-4EEC-8169-84622CD1B5FA}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS010F\HPDiagnosticCoreUI.exe
FirewallRules: [{8B75CB1D-8CD1-4F71-ABFC-D9C903E5960F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{39C4F690-F3F7-4F06-B012-823E14FB2EAF}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{30347C0A-8126-4C48-9900-9201DF70E34F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{633681AB-B94B-442B-B004-2AEA64DC1501}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{379CF5E3-1EFD-43FD-A2E4-ABD8B7DF7F84}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{DF1E0079-6259-4571-A211-2411F59564DA}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{DBDBE194-D09D-467B-923F-B377C89BACF8}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D3E\HPDiagnosticCoreUI.exe
FirewallRules: [{3426872E-35E8-4218-8FC5-03ABA8219A88}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D3E\HPDiagnosticCoreUI.exe
FirewallRules: [{171372CD-012E-4415-AA0E-3E32ACD805C6}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D00\HPDiagnosticCoreUI.exe
FirewallRules: [{B0673230-CD76-452D-8EAE-4153D4D8040D}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1D00\HPDiagnosticCoreUI.exe
FirewallRules: [{BD0F028A-6256-4E76-9B75-FC2DCB492396}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS40AA\HPDiagnosticCoreUI.exe
FirewallRules: [{3F555789-6F7B-44F1-B632-58717069BA30}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS40AA\HPDiagnosticCoreUI.exe
FirewallRules: [{8C97AD49-008C-4CC7-BEDC-D146D0F8145A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS763B\HPDiagnosticCoreUI.exe
FirewallRules: [{16C7A288-1543-4FC3-9A60-5A8589CC87A0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS763B\HPDiagnosticCoreUI.exe
FirewallRules: [{4EC70903-65B9-4071-A35E-9B3AEE6C7255}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS717F\HPDiagnosticCoreUI.exe
FirewallRules: [{B77EC497-A153-4690-A39C-DF7826DB3823}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS717F\HPDiagnosticCoreUI.exe
FirewallRules: [{83F61A6C-83A4-4F77-8635-DA9788D814DE}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS70C5\HPDiagnosticCoreUI.exe
FirewallRules: [{3B631803-DBB4-4934-87F9-B0041ADF697A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS70C5\HPDiagnosticCoreUI.exe
FirewallRules: [{5354B881-56BF-41B1-B73B-0AB94DC07C0E}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS708B\HPDiagnosticCoreUI.exe
FirewallRules: [{9913B209-9284-471B-AE76-C7099E707E01}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS708B\HPDiagnosticCoreUI.exe
FirewallRules: [{F2F11E43-D3B3-424F-9178-BD95B5479415}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0EB0\HPDiagnosticCoreUI.exe
FirewallRules: [{56BAD894-4296-4A9C-B232-A7B85B2DFBCB}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0EB0\HPDiagnosticCoreUI.exe
FirewallRules: [{0C1421A8-C162-4A73-9B9B-518BAC5D4B7D}] => (Allow) LPort=26675
FirewallRules: [{FD1AF33E-55CE-4C83-8630-160C354EEE74}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{BF747F2E-B3A6-439C-BB67-8211AA6EDFE5}] => (Allow) %systemroot%\WindowsMobile\wmdHost.exe
FirewallRules: [{C9170C16-7EA9-4AD3-B509-1FD4B9A15EAF}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS5C1D\HPDiagnosticCoreUI.exe
FirewallRules: [{A3D34E91-3022-4CD1-9F75-35A3F191AAF0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS5C1D\HPDiagnosticCoreUI.exe
FirewallRules: [{4175B015-973F-44DB-9B6C-A66318C1762A}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS48E2\HPDiagnosticCoreUI.exe
FirewallRules: [{F5EF40BE-20FE-40B2-A8AE-C02E16E155FA}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS48E2\HPDiagnosticCoreUI.exe
FirewallRules: [{4DD95162-8F7C-4565-A116-B6A0AC84B763}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0B09\HPDiagnosticCoreUI.exe
FirewallRules: [{EA1B006C-3B88-42B3-B417-45E792E951B1}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS0B09\HPDiagnosticCoreUI.exe
FirewallRules: [{26E2EDE2-151D-496B-A63C-CB8573BC9CD0}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS3F77\HPDiagnosticCoreUI.exe
FirewallRules: [{6C680EBF-6259-48CA-A804-6E6A7455F49B}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS3F77\HPDiagnosticCoreUI.exe
FirewallRules: [{DF10A9D3-E6CD-4EE1-9DC5-1EC309DAD6F1}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS33B8\HPDiagnosticCoreUI.exe
FirewallRules: [{A5979010-A95C-4677-9B55-F18DE03DE5BE}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS33B8\HPDiagnosticCoreUI.exe
FirewallRules: [{1F53FFB4-86AC-4E7D-9485-CD36018F2D86}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1C18\HPDiagnosticCoreUI.exe
FirewallRules: [{0B49D48E-3779-4663-90A4-1C958EF650D5}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS1C18\HPDiagnosticCoreUI.exe
FirewallRules: [{5E6597CD-CF20-4088-85A7-2A23563CEF26}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CC74F88F-CECF-489B-8808-6D49EEF9AF40}] => (Allow) LPort=5357
FirewallRules: [{D5D2CB5B-F563-4267-99DA-4CB29EECFC1E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\Bin\DeviceSetup.exe
FirewallRules: [{8AA05DDD-9A82-43EE-B0BB-7E3CEE8263CA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\SendAFax.exe
FirewallRules: [{96A071A9-643C-4FE0-A167-767A9D61CFA9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\DigitalWizards.exe
FirewallRules: [{648BC6A5-9A71-4485-9AD9-5A06A87D2D6E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 6830\bin\FaxApplications.exe
FirewallRules: [{2772F598-3FA3-449D-AC5E-A01F593418A7}] => (Allow) C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{4353DDFA-39FC-4B8F-B83A-6CF1D9A8C8F6}] => (Allow) C:\Users\Tom\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{24E5F326-32DB-41C3-BC50-6270FC9F656E}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{EB1469D1-3425-4E61-BD81-7C23F9E7655F}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{4663A039-A918-4685-9F89-7B2DC5E59E3B}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{110F8F09-B795-4E18-8601-EDAF855F64AC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FB2BA749-83D8-47F8-ACAD-85E449E51F52}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{FAAC4BF9-0125-462E-93AB-F06AFAB37AE4}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A1CBBA93-744F-4F2B-A0EC-FE768859C323}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{BD13DB9D-E607-479C-98B2-77767D280E05}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{11347CE2-0EEE-4FE1-97D0-6ECAEEBE2826}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{05187881-50DD-4B24-8D0A-B1DC6A0E8AC1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\DMS\CLMSService.exe
FirewallRules: [{A30E54C2-FF0A-4DB3-84C9-3D9496A52C1D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\Kernel\DMP\CLBrowserEngine.exe
FirewallRules: [{4DCA5F35-5A11-4356-8F09-32EED13BAA05}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\PCMService.exe
FirewallRules: [{B2A81AFC-008E-4D98-8D0E-F3502F769487}] => (Allow) C:\Program Files (x86)\CyberLink\PowerCinema\PowerCinema.exe
FirewallRules: [{B3A2BCDE-85F5-4C80-AF5D-AAA369EFFE21}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{65772AA5-1492-4D50-B62D-342D2170CA85}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7EF2027C-BC1B-4891-9BE3-9EBB31C2D0D4}] => (Allow) LPort=1900
FirewallRules: [{7B538319-96E3-4FE0-A5C8-028F16A68612}] => (Allow) LPort=2869
FirewallRules: [{1014BD7D-3480-43F8-B517-61100DCE988F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4DC63B66-19DD-4EEF-A990-7361E5737828}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{DB54F1B5-9B76-4FD6-A2DF-C80A96A7C43E}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{10251F7B-9EA5-426E-9DA8-D02EFB067289}] => (Allow) C:\Windows\System32\migwiz\migwiz.exe
FirewallRules: [{AA65C126-B417-4AB1-A59A-1DAAC9BCF4AA}] => (Allow) LPort=7000
FirewallRules: [{40087D0B-AADF-4151-A81E-956A7D6BEB43}] => (Allow) LPort=7000
FirewallRules: [{42ECEC91-7FBC-4ADF-8D3B-71AC8BCE30BC}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [TCP Query User{3116646A-20EF-49D1-BBE2-4F70F878EEB0}C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DFB32837-BDB1-46F1-BEA0-2C0B0A585890}C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\tom\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{8FBAAF33-CCC2-429B-AAE7-9BB854FD28C5}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{71D14E7B-5A24-4E38-BBAF-482DE652A6F8}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{6CD1AE6C-C267-4AF5-92D6-52F34EEDEF98}] => (Allow) C:\Users\Tom\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{730AE53B-511E-48BD-BB0D-A250C65F205A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{DD8D9B2D-8517-456D-B129-F374859B818E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{205E089A-2D80-43C2-8B60-5D7CAEF70870}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{13549FB7-3717-447E-AD66-1976199BAB1C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{20497D5B-8C1A-4C7C-880A-4AB906C09F8A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3250C1A7-5C07-46CB-9A64-29B3D34B94AE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{DB412C68-59A9-4240-87FE-8EC79DACD8B5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{FD3A6970-7B99-448B-8585-A066C70FB7DA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{B563D9CD-A1B5-4176-A987-27D703AC5454}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS78F7\HPDiagnosticCoreUI.exe
FirewallRules: [{EAEBE1EC-9523-43CE-A270-E2DE5381D351}] => (Allow) C:\Users\Tom\AppData\Local\Temp\7zS78F7\HPDiagnosticCoreUI.exe
FirewallRules: [{F71CAA0F-402A-43A6-B80C-EECD23EBC70D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2B6ADDAA-605B-402E-A6B8-6505317302D6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{7A63B44B-A36B-4CA6-8145-17A9077A0B0E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{A1A75A66-B5BC-4E23-8BD7-43EF7D84AE66}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{051EC500-3EDB-415A-9D76-BCB26FEFFD05}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{63D7E9AA-558B-487F-BE01-E2FDEBA09BA9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{CB2EC0DA-83AD-457B-871F-99604D416DB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/29/2015 08:42:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 45.0.2454.93 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 1cd0
Start Time: 01d0fb0d7b67127e
Termination Time: 4294967295
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Report Id: 4fbf7554-6725-11e5-bf3e-9cb70de5025c
Faulting package full name:
Faulting package-relative application ID:
Error: (09/29/2015 07:01:33 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (09/29/2015 07:01:33 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6704) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (09/29/2015 07:01:23 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (09/29/2015 07:01:23 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6704) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (09/29/2015 07:01:13 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (09/29/2015 07:01:13 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6704) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (09/29/2015 07:01:02 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (09/29/2015 07:01:02 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (6704) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (09/29/2015 07:00:52 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (6704) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
System errors:
=============
Error: (09/29/2015 09:23:23 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 09:13:19 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 09:04:58 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 08:57:15 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 08:56:16 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 08:56:13 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 08:55:15 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 08:55:12 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 08:55:09 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
Error: (09/29/2015 08:54:04 PM) (Source: disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
CodeIntegrity:
===================================
Date: 2015-08-11 19:47:26.425
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\athwbx.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 30%
Total physical RAM: 8139.84 MB
Available physical RAM: 5675.17 MB
Total Virtual: 13896.84 MB
Available Virtual: 11112.48 MB
==================== Drives ================================
Drive c: (TI106328W0C) (Fixed) (Total:914.47 GB) (Free:718.62 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (KINGSTON) (Removable) (Total:3.77 GB) (Free:2.66 GB) FAT32
Drive f: (HP_RECOVERY) (Fixed) (Total:4.86 GB) (Free:4.75 GB) NTFS
Drive g: (Toshiba AIO) (Fixed) (Total:181.44 GB) (Free:160.66 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 2CC908DC)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=914.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.1 GB) - (Type=17)
========================================================
Disk: 1 (Size: 3.8 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 186.3 GB) (Disk ID: DD5BDD5B)
Partition 1: (Not Active) - (Size=4.9 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=181.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================