Jump to content

brownhornet

The SWAT Team
  • Content Count

    5,122
  • Joined

  • Last visited

About brownhornet

  • Rank
    SO WHAT IF I AM A NERD
  • Birthday 01/30/1969

Contact Methods

  • Website URL
    http://yahoo.com
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    las vegas
  • Interests
    computer's and women

Previous Fields

  • System Specifications:
    AMD 8350+Asus sabertooth+Gskill 16gigs @1866+Sapphire 7870 xt+Corsair 850W+Samsung SSD+WD 1TB+Asus 24''
  • TechExpress Link:
    http://www.pcpitstop.com/techexpress.asp?id=H6B0SWX6A4GS3W9G
  • Teams:
    Overclocking Club

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. brownhornet

    Here it is!

    drive it like you stole it CB...
  2. brownhornet

    IntelGuy has passed away

    joined back in 03 and am glad to have met him...he always had the best of the best hardware which made us all strive to better our rigs...be it overclocking or not he taught us all so much...sorry to see him go...RIP brother...
  3. brownhornet

    phone scam

    was there anything left behind by the phone scam guy...just curious..
  4. brownhornet

    phone scam

    hi, forgot to tell ya that i will have the laptop back after thanksgiving..the customers kids want to use it over the school break...happy thanksgiving....
  5. brownhornet

    Slow Internet

    192.168.2.1 for belkin..alot depends on the speed plan you have as well...would also try resetting router and changing channel and see if there is a firmware update. slow speed could also be on comcast's end. would also try unscrewing the coaxial cable and screwing back in..
  6. brownhornet

    phone scam

    ran adw first and it cleaned some stuff...JRT came up witth nothing..MB cleaned some PUP items as well.. # AdwCleaner v6.030 - Logfile created 19/11/2016 at 17:12:06 # Updated on 19/10/2016 by Malwarebytes # Database : 2016-11-19.2 [server] # Operating System : Windows 7 Ultimate Service Pack 1 (X64) # Username : Home - HOME-PC # Running from : C:\Users\Home\Downloads\adwcleaner_6.030.exe # Mode: Clean # Support : hxxps://www.malwarebytes.com/support ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\mallpejgeafdahhflmliiahjdpgbegpk ***** [ Files ] ***** [-] File deleted: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mallpejgeafdahhflmliiahjdpgbegpk_0.localstorage [-] File deleted: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mallpejgeafdahhflmliiahjdpgbegpk_0.localstorage-journal ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** [-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Web data] [search Provider] Deleted: aol.com [-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Web data] [search Provider] Deleted: ask.com [-] [C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: mallpejgeafdahhflmliiahjdpgbegpk ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [1558 Bytes] - [19/11/2016 17:12:06] C:\AdwCleaner\AdwCleaner[s1].txt - [758 Bytes] - [06/04/2016 15:25:15] C:\AdwCleaner\AdwCleaner[s2].txt - [1900 Bytes] - [19/11/2016 17:11:35] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1776 Bytes] ##########
  7. brownhornet

    phone scam

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-11-2016 01 Ran by Home (19-11-2016 17:19:50) Running from C:\Users\Home\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2016-04-05 05:25:24) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2123777662-1516311981-2037243955-500 - Administrator - Disabled) Guest (S-1-5-21-2123777662-1516311981-2037243955-501 - Limited - Disabled) Home (S-1-5-21-2123777662-1516311981-2037243955-1000 - Administrator - Enabled) => C:\Users\Home ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH) Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 6.2.1.0 - Auslogics Labs Pty Ltd) Auslogics Registry Cleaner (HKLM-x32\...\{8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1) (Version: 5.2.1.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Intel® Driver Update Utility 2.4 (x32 Version: 2.4.0.15 - Intel) Hidden Intel® Product Improvement Program (x32 Version: 2.1.27.3 - Intel) Hidden Intel® Driver Update Utility (HKLM-x32\...\{1b09c4de-9cae-4122-b17c-65d395062b50}) (Version: 2.4.0.15 - Intel) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.) ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Studio (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) SafeZone Stable 1.48.2066.44 (x32 Version: 1.48.2066.44 - Avast Software) Hidden Speccy (HKLM\...\Speccy) (Version: 1.29 - Piriform) SpywareBlaster 5.4 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.4.0 - BrightFort LLC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1216 - SUPERAntiSpyware.com) TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C036412-C64E-4501-8457-B34A14635A48} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-30] (AVAST Software) Task: {11E17271-0431-448C-B226-B65BC2847529} - System32\Tasks\AVAST Software\Avast settings backup Task: {1CD36313-6BB8-47B0-B392-C44C10DF2C9B} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation) Task: {215DF1EB-4291-4CDA-A1DF-ABE7C32D39EE} - System32\Tasks\{D088B91B-A5CE-437C-8B1C-275E19432227} => pcalua.exe -a C:\Users\Home\Downloads\sp53707.exe -d C:\Users\Home\Downloads Task: {6A1F60DF-D897-4BC7-8849-AC38A7B77E62} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs" Task: {7285E965-9E3A-4BA2-B71E-FFB02102B93F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-11] (Google Inc.) Task: {9E3EB503-E0C3-436E-A28C-F42204173FBA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-11] (Google Inc.) Task: {D72D5994-6E9B-4E09-9C34-DE96D8BBF1B8} - System32\Tasks\SafeZone scheduled Autoupdate 1459970579 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-03-09 19:43 - 2016-03-09 19:43 - 00118424 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe 2016-03-09 19:43 - 2016-03-09 19:43 - 00256152 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\analyzer.dll 2016-08-30 17:07 - 2016-08-30 17:07 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-11-19 12:21 - 2016-11-19 12:21 - 03129808 _____ () C:\Program Files\AVAST Software\Avast\defs\16111900\algo.dll 2016-08-30 17:07 - 2016-08-30 17:07 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-08-30 17:07 - 2016-08-30 17:07 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [134] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Home\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{18A774E9-AC41-422F-8FC5-5B5A3DB8316B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{92C65A56-1053-4A93-8B92-63ED44831B16}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EB5900B1-2124-4EF8-AD44-F440A2968BA9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 24-10-2016 20:57:44 Scheduled Checkpoint 01-11-2016 14:56:21 Scheduled Checkpoint 09-11-2016 12:22:30 Scheduled Checkpoint 16-11-2016 19:08:25 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/18/2016 03:52:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.269.1.29620, time stamp: 0x582e39f8 Faulting module name: RobloxPlayerBeta.exe, version: 0.269.1.29620, time stamp: 0x582e39f8 Exception code: 0xc0000005 Fault offset: 0x0070f561 Faulting process id: 0xe58 Faulting application start time: 0x01d241f676807570 Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-c2285b6f3d724119\RobloxPlayerBeta.exe Faulting module path: C:\Program Files (x86)\Roblox\Versions\version-c2285b6f3d724119\RobloxPlayerBeta.exe Report Id: 1f06c4ef-adea-11e6-a5ec-2c27d720bee2 Error: (11/07/2016 08:21:03 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.267.0.27338, time stamp: 0x581b8870 Faulting module name: ntdll.dll, version: 6.1.7601.19160, time stamp: 0x56bcd51f Exception code: 0xc0000005 Fault offset: 0x0003485a Faulting process id: 0x99c Faulting application start time: 0x01d239744feb45c3 Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-e2543a4115cb41d6\RobloxPlayerBeta.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: c27ff8cc-a56a-11e6-a29a-2c27d720bee2 Error: (09/23/2016 02:50:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.261.0.21595, time stamp: 0x57e30e6d Faulting module name: ntdll.dll, version: 6.1.7601.19160, time stamp: 0x56bcd51f Exception code: 0xc000041d Fault offset: 0x00022372 Faulting process id: 0xc70 Faulting application start time: 0x01d215eb77264d0e Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-a1718013fcc842b1\RobloxPlayerBeta.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 158bf851-81e0-11e6-9295-2c27d720bee2 Error: (09/11/2016 05:03:03 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program RobloxPlayerBeta.exe version 0.259.0.19981 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: ee0 Start Time: 01d20c88ec541176 Termination Time: 6 Application Path: C:\Program Files (x86)\Roblox\Versions\version-256edf8e82cb478d\RobloxPlayerBeta.exe Report Id: a3e123ba-7884-11e6-8e3c-2c27d720bee2 Error: (09/07/2016 04:34:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.258.0.19508, time stamp: 0x57c870f9 Faulting module name: ntdll.dll, version: 6.1.7601.19160, time stamp: 0x56bcd51f Exception code: 0xc0000005 Fault offset: 0x0002e5a3 Faulting process id: 0xc34 Faulting application start time: 0x01d20968c64f70b0 Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-2a3769b753884f05\RobloxPlayerBeta.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 0836de94-755c-11e6-9e34-2c27d720bee2 Error: (07/24/2016 09:22:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.253.0.14948, time stamp: 0x579001ba Faulting module name: ntdll.dll, version: 6.1.7601.19160, time stamp: 0x56bcd51f Exception code: 0xc000041d Fault offset: 0x00022372 Faulting process id: 0x4b8 Faulting application start time: 0x01d1e63307de4d6f Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-aee78a51139946c2\RobloxPlayerBeta.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: c00c62b7-5227-11e6-9241-2c27d720bee2 Error: (07/15/2016 08:39:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.252.0.14159, time stamp: 0x5786bfc0 Faulting module name: ntdll.dll, version: 6.1.7601.19160, time stamp: 0x56bcd51f Exception code: 0xc0000005 Fault offset: 0x00033306 Faulting process id: 0x674 Faulting application start time: 0x01d1df1c04da2747 Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-23a05f622b7b47a6\RobloxPlayerBeta.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 464e5f4c-4b0f-11e6-923f-2c27d720bee2 Error: (06/20/2016 07:44:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.248.0.11430, time stamp: 0x5761cc7e Faulting module name: ntdll.dll, version: 6.1.7601.19160, time stamp: 0x56bcd51f Exception code: 0xc0000005 Fault offset: 0x0002e546 Faulting process id: 0xa58 Faulting application start time: 0x01d1cb6f1c935224 Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-6675f84c75f246df\RobloxPlayerBeta.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: 68284f0f-3762-11e6-a1b3-2c27d720bee2 Error: (05/25/2016 03:24:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.244.0.9061, time stamp: 0x573bc807 Faulting module name: ntdll.dll, version: 6.1.7601.19160, time stamp: 0x56bcd51f Exception code: 0xc000041d Fault offset: 0x00022372 Faulting process id: 0xd4c Faulting application start time: 0x01d1b6dc924dbf29 Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-3df8ddf7c03c4c87\RobloxPlayerBeta.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: da6f8165-22cf-11e6-a1fb-2c27d720bee2 Error: (05/25/2016 03:24:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: RobloxPlayerBeta.exe, version: 0.244.0.9061, time stamp: 0x573bc807 Faulting module name: ntdll.dll, version: 6.1.7601.19160, time stamp: 0x56bcd51f Exception code: 0xc000041d Fault offset: 0x00022372 Faulting process id: 0xac8 Faulting application start time: 0x01d1b6dc8217baa5 Faulting application path: C:\Program Files (x86)\Roblox\Versions\version-3df8ddf7c03c4c87\RobloxPlayerBeta.exe Faulting module path: C:\Windows\SysWOW64\ntdll.dll Report Id: c9a13246-22cf-11e6-a1fb-2c27d720bee2 System errors: ============= Error: (11/19/2016 05:12:59 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Error: (11/19/2016 05:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/19/2016 05:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (11/19/2016 05:11:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® System Usage Report Service SystemUsageReportSvc_WILLAMETTE service terminated unexpectedly. It has done this 1 time(s). Error: (11/19/2016 05:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The SAS Core Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. Error: (11/19/2016 05:11:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Print Spooler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (11/19/2016 05:02:01 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\Rtlihvs.dll Error Code: 126 Error: (11/03/2016 04:19:31 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 5:17:07 PM on ‎11/‎3/‎2016 was unexpected. Error: (10/24/2016 03:12:11 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. Error: (10/11/2016 12:57:18 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 1:56:27 PM on ‎10/‎11/‎2016 was unexpected. ==================== Memory info =========================== Processor: Pentium® Dual-Core CPU E6700 @ 3.20GHz Percentage of memory in use: 43% Total physical RAM: 3037.24 MB Available physical RAM: 1727.54 MB Total Virtual: 6072.69 MB Available Virtual: 4743.09 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.41 GB) (Free:892.15 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1AEEC0E2) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  8. brownhornet

    phone scam

    a customers wife was greeted with a pop up saying the computer was infected and told to call the # on the screen,,she did(oh no)..they connected to it remotely but the husband told her to hang up when they said it would cost $150 to clean it..he says the computer is slow to start but otherwise ok..here is a scan Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-11-2016 01 Ran by Home (administrator) on HOME-PC (19-11-2016 17:19:19) Running from C:\Users\Home\Downloads Loaded Profiles: Home (Available Profiles: Home) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2010-11-20] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2016-04-04] (Microsoft Corporation) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-30] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{2001734C-F1DA-479A-84FC-96E968B9D23F}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{87F4DB05-5AF7-414D-937F-C05A897E9E8B}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12 Internet Explorer: ================== HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=U206&ocid=U206DHP&osmkt=en-us HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-10-24] (AVAST Software) BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software) BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH) FireFox: ======== FF DefaultProfile: 3tazpmnh.default FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3tazpmnh.default [2016-11-19] FF Homepage: Mozilla\Firefox\Profiles\3tazpmnh.default -> hxxp://www.msn.com/?pc=U206&ocid=U206DHP&osmkt=en-us hxxps://www.yahoo.com/ FF Extension: (Firefox Hotfix) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3tazpmnh.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-10-08] FF Extension: (Adblock Plus) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3tazpmnh.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-10-26] FF Extension: (Navigational Sounds) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3tazpmnh.default\Extensions\{d84a846d-f7cb-4187-a408-b171020e8940}.xpi [2016-10-26] FF Extension: (Youtube Unblocker Remediation) - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\3tazpmnh.default\features\{f01b3a14-d157-44aa-8d59-cdcbf35828f7}\malware-remediation@mozilla.org.xpi [2016-10-08] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-30] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-30] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-13] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-13] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.) FF Plugin HKU\S-1-5-21-2123777662-1516311981-2037243955-1000: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-c2285b6f3d724119\\NPRobloxProxy.dll [2013-01-01] ( ROBLOX Corporation) FF Plugin HKU\S-1-5-21-2123777662-1516311981-2037243955-1000: @nsroblox.roblox.com/launcher64 -> C:\Program Files (x86)\Roblox\Versions\version-c2285b6f3d724119\\NPRobloxProxy64.dll [2013-01-01] ( ROBLOX Corporation) Chrome: ======= CHR HomePage: Default -> msn.com/?pc=__PARAM__&ocid=__PARAM__DHP&osmkt=en-us CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default [2016-11-19] CHR Extension: (Google Slides) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-11] CHR Extension: (Google Docs) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-11] CHR Extension: (Google Drive) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-11] CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-11] CHR Extension: (Avast SafePrice) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-14] CHR Extension: (Google Sheets) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-11] CHR Extension: (Google Docs Offline) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-11] CHR Extension: (Avast Online Security) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-31] CHR Extension: (Chrome Web Store Payments) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-11] CHR Extension: (Gmail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-11] CHR Extension: (Chrome Media Router) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-25] CHR HKU\S-1-5-21-2123777662-1516311981-2037243955-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-30] (AVAST Software) S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] () R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [118424 2016-03-09] () S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-03-09] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-30] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-30] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-30] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-30] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-22] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-30] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-10-13] (AVAST Software) R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2013-03-12] (Realtek Semiconductor Corporation ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-03-09] () S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-19 17:19 - 2016-11-19 17:19 - 00011316 _____ C:\Users\Home\Downloads\FRST.txt 2016-11-19 17:19 - 2016-11-19 17:19 - 00001396 _____ C:\Users\Home\Desktop\FRST64 - Shortcut.lnk 2016-11-19 17:19 - 2016-11-19 17:19 - 00000000 ____D C:\FRST 2016-11-19 17:18 - 2016-11-19 17:18 - 02413056 _____ (Farbar) C:\Users\Home\Downloads\FRST64.exe 2016-11-19 17:15 - 2016-11-19 17:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-11-19 17:10 - 2016-11-19 17:10 - 00001488 _____ C:\Users\Home\Desktop\adwcleaner_6.030 - Shortcut.lnk 2016-11-19 17:09 - 2016-11-19 17:09 - 03910208 _____ C:\Users\Home\Downloads\adwcleaner_6.030.exe 2016-11-14 09:51 - 2016-11-14 09:51 - 00000000 ____D C:\Users\Home\AppData\Local\LogMeIn Rescue Applet ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-11-19 17:19 - 2016-05-11 15:59 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-19 17:18 - 2009-07-13 21:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI 2016-11-19 17:18 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\inf 2016-11-19 17:13 - 2016-05-11 15:59 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-19 17:13 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-11-19 17:12 - 2016-04-06 15:24 - 00000000 ____D C:\AdwCleaner 2016-11-18 15:48 - 2016-04-30 11:05 - 00001319 _____ C:\Users\Home\Desktop\ROBLOX Player.lnk 2016-11-18 15:48 - 2016-04-30 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox 2016-11-14 16:24 - 2016-05-11 16:05 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-14 16:24 - 2016-05-11 16:05 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-11-04 14:48 - 2016-04-30 11:09 - 00000000 ____D C:\Users\Home\AppData\Local\Roblox 2016-10-30 14:51 - 2016-05-11 15:59 - 00000000 ____D C:\Users\Home\AppData\Local\Google 2016-10-30 00:00 - 2016-04-05 17:08 - 00000000 ____D C:\Users\Home\AppData\Local\ElevatedDiagnostics 2016-10-27 14:58 - 2009-07-13 21:08 - 00032630 _____ C:\Windows\Tasks\SCHEDLGU.TXT ==================== Files in the root of some directories ======= 2016-10-12 18:39 - 2016-10-12 18:39 - 0003584 _____ () C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-04-06 12:40 - 2016-10-11 17:59 - 0007599 _____ () C:\Users\Home\AppData\Local\Resmon.ResmonCfg Some files in TEMP: ==================== C:\Users\Home\AppData\Local\Temp\libeay32.dll C:\Users\Home\AppData\Local\Temp\msvcr120.dll C:\Users\Home\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-11-14 20:07 ==================== End of FRST.txt ============================
  9. brownhornet

    please review

    she is a realtor agent so once a day should be fine..having the laptop for the past 2 days i can say that i see a big difference...thanks again
  10. brownhornet

    please review

    so it looks all clear now...i set carbonite to back up once a day instead of all the time...
  11. brownhornet

    please review

    seems to be ok,kinda slow opening a browser.and the CPU usage keeps going from 70%-100% and all i can see using any resource is carbonite and cortana and anti maleware service...so how bad was it..
  12. brownhornet

    please review

    Fix result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016 Ran by hauvegas (11-11-2016 13:01:16) Run:3 Running from C:\Users\hauve\Downloads Loaded Profiles: hauvegas (Available Profiles: hauvegas & Home & GRETCHEN & hauve_000 & ghau & GRETHEN) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: StartRegedit: [-HKEY_CURRENT_USER\SOFTWARE\Chromium] [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\Startmenu] [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] [-HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Chromium] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\Startmenu] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\DefaultIcon] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Chromium"=- [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\.xhtml\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"=- [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] EndRegedit: EmptyTemp: Hosts: End ***************** Restore point was successfully created. Processes closed successfully. ====> Registry C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 308208 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12852056 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => 606973 B Edge => 0 B Chrome => 0 B Firefox => 11389502 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 822 B NetworkService => 0 B hauve => 542480 B Home.DESKTOP-R38V4I4 => 0 B GRETCHEN.DESKTOP-R38V4I4 => 0 B hauve_000.DESKTOP-R38V4I4 => 0 B ghau.DESKTOP-R38V4I4 => 0 B GRETHEN.DESKTOP-R38V4I4 => 0 B RecycleBin => 4353 B EmptyTemp: => 24.5 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 13:02:34 ====
  13. brownhornet

    please review

    Fix result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016 Ran by hauvegas (11-11-2016 05:29:18) Run:2 Running from C:\Users\hauve\Downloads Loaded Profiles: hauvegas (Available Profiles: hauvegas & Home & GRETCHEN & hauve_000 & ghau & GRETHEN) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe C:\Users\hauve\AppData\Local\Chromium Reg: reg delete [-HKEY_CURRENT_USER\SOFTWARE\Chromium] Reg: reg delete [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] Reg: reg delete [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\Startmenu] Reg: reg delete [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] Reg: reg delete [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] Reg: reg delete [-HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Chromium] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\Startmenu] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\DefaultIcon] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] Reg: reg delete [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Chromium"=- Reg: reg delete [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\.xhtml\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"=- Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] Reg: reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] EmptyTemp: Hosts: End ***************** Restore point was successfully created. Processes closed successfully. "C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" => not found. "C:\Users\hauve\AppData\Local\Chromium" => not found. ========= reg delete [-HKEY_CURRENT_USER\SOFTWARE\Chromium] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\Startmenu] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Chromium] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\Startmenu] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\DefaultIcon] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= "Chromium"=- => Error: No automatic fix found for this entry. ========= reg delete [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\.xhtml\OpenWithProgids] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"=- => Error: No automatic fix found for this entry. ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= ========= reg delete [-HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] ========= ERROR: Invalid key name. Type "REG DELETE /?" for usage. ========= End of Reg: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. =========== EmptyTemp: ========== BITS transfer queue => 3022745 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 14871646 B Java, Flash, Steam htmlcache => 492 B Windows/system/drivers => 609389 B Edge => 0 B Chrome => 7250477 B Firefox => 18588500 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B hauve => 31659127 B Home.DESKTOP-R38V4I4 => 0 B GRETCHEN.DESKTOP-R38V4I4 => 0 B hauve_000.DESKTOP-R38V4I4 => 0 B ghau.DESKTOP-R38V4I4 => 0 B GRETHEN.DESKTOP-R38V4I4 => 0 B RecycleBin => 122666 B EmptyTemp: => 72.6 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 05:31:04 ====
  14. brownhornet

    please review

    i did a search again and found a folder and some shortcuts and removed them...BUT i see its in the registry. SystemLook 30.07.11 by jpshortstuff Log created at 18:17 on 10/11/2016 by hauvegas Administrator - Elevation successful WARNING: SystemLook running under WOW64. Use SystemLook_x64 for accurate results. ========== folderfind ========== Searching for "Chromium" No folders found. ========== filefind ========== Searching for "Chromium" No files found. ========== regfind ========== Searching for "Chromium" [HKEY_CURRENT_USER\SOFTWARE\Chromium] [HKEY_CURRENT_USER\SOFTWARE\Chromium\Commands\on-os-upgrade] "CommandLine"=""C:\Users\hauve\AppData\Local\Chromium\Application\51.0.2683.0\Installer\setup.exe" --on-os-upgrade --verbose-logging" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] @="Chromium" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] "ApplicationDescription"="Chromium is a web browser that runs webpages and applications with lightning speed. It's fast, stable, and easy to use. Browse the web more safely with malware and phishing protection built into Chromium." [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] "ApplicationIcon"="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] "ApplicationName"="Chromium" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".htm"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".html"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".shtml"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".xht"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".xhtml"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".webp"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\Startmenu] "StartMenuInternet"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "ftp"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "http"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "https"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "irc"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "mailto"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "mms"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "news"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "nntp"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "sms"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "smsto"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "tel"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "urn"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "webcal"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\DefaultIcon] @="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] "ReinstallCommand"=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] "HideIconsCommand"=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" --hide-icons" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] "ShowIconsCommand"=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" --show-icons" [HKEY_CURRENT_USER\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] @=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe"" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\17ba52b3_0] @="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0282&subsys_103c809d&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume3\Users\hauve\AppData\Local\Chromium\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\Regedit] "LastKey"="Computer\HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Chromium" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Chromium"=""c:\users\hauve\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{13807D4F-B44B-40BF-9F92-E4289D42368E}\RecentItems\{B247C7CC-A5E1-4E1C-9D3E-3552F1529E1D}] "Path"="microsoft-edge:https://www.bing.com/search?q=chromium+browser&form=WNSGPH&qs=LS&cvid=90e61c21b2e54e0ebc24ddcae67be78a&pq=chromium&nclid=A48804F2DE604CEA8D2639E5A08E9C0F&ts=1478827585336&nclidts=1478827585&tsms=336&cc=US&setlang=en-US" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{13807D4F-B44B-40BF-9F92-E4289D42368E}\RecentItems\{B247C7CC-A5E1-4E1C-9D3E-3552F1529E1D}] "DisplayName"="microsoft-edge:https://www.bing.com/search?q=chromium+browser&form=WNSGPH&qs=LS&cvid=90e61c21b2e54e0ebc24ddcae67be78a&pq=chromium&nclid=A48804F2DE604CEA8D2639E5A08E9C0F&ts=1478827585336&nclidts=1478827585&tsms=336&cc=US&setlang=en-US" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{15966E5F-B8B8-4F56-AC7B-0C460728312B}] "AppId"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\RegisteredApplications] "Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="Software\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities" [HKEY_CURRENT_USER\SOFTWARE\Classes\.webp\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_CURRENT_USER\SOFTWARE\Classes\.xht\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_CURRENT_USER\SOFTWARE\Classes\.xhtml\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] @="Chromium HTML Document" [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] "AppUserModelId"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "AppUserModelId"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationIcon"="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationName"="Chromium" [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationCompany"="Chromium" [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\DefaultIcon] @="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_CURRENT_USER\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] @=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" -- "%1"" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Chromium] [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Chromium\Commands\on-os-upgrade] "CommandLine"=""C:\Users\hauve\AppData\Local\Chromium\Application\51.0.2683.0\Installer\setup.exe" --on-os-upgrade --verbose-logging" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] @="Chromium" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] "ApplicationDescription"="Chromium is a web browser that runs webpages and applications with lightning speed. It's fast, stable, and easy to use. Browse the web more safely with malware and phishing protection built into Chromium." [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] "ApplicationIcon"="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities] "ApplicationName"="Chromium" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".htm"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".html"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".shtml"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".xht"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".xhtml"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\FileAssociations] ".webp"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\Startmenu] "StartMenuInternet"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "ftp"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "http"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "https"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "irc"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "mailto"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "mms"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "news"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "nntp"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "sms"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "smsto"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "tel"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "urn"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities\URLAssociations] "webcal"="ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\DefaultIcon] @="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] "ReinstallCommand"=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" --make-default-browser" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] "HideIconsCommand"=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" --hide-icons" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\InstallInfo] "ShowIconsCommand"=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" --show-icons" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] @=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe"" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\17ba52b3_0] @="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0282&subsys_103c809d&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume3\Users\hauve\AppData\Local\Chromium\Application\chrome.exe%b{00000000-0000-0000-0000-000000000000}" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Applets\Regedit] "LastKey"="Computer\HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Chromium" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Chromium"=""c:\users\hauve\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{13807D4F-B44B-40BF-9F92-E4289D42368E}\RecentItems\{B247C7CC-A5E1-4E1C-9D3E-3552F1529E1D}] "Path"="microsoft-edge:https://www.bing.com/search?q=chromium+browser&form=WNSGPH&qs=LS&cvid=90e61c21b2e54e0ebc24ddcae67be78a&pq=chromium&nclid=A48804F2DE604CEA8D2639E5A08E9C0F&ts=1478827585336&nclidts=1478827585&tsms=336&cc=US&setlang=en-US" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{13807D4F-B44B-40BF-9F92-E4289D42368E}\RecentItems\{B247C7CC-A5E1-4E1C-9D3E-3552F1529E1D}] "DisplayName"="microsoft-edge:https://www.bing.com/search?q=chromium+browser&form=WNSGPH&qs=LS&cvid=90e61c21b2e54e0ebc24ddcae67be78a&pq=chromium&nclid=A48804F2DE604CEA8D2639E5A08E9C0F&ts=1478827585336&nclidts=1478827585&tsms=336&cc=US&setlang=en-US" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Search\RecentApps\{15966E5F-B8B8-4F56-AC7B-0C460728312B}] "AppId"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\RegisteredApplications] "Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="Software\Clients\StartMenuInternet\Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Capabilities" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\.webp\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\.xht\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\.xhtml\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] @="Chromium HTML Document" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] "AppUserModelId"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "AppUserModelId"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationIcon"="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationName"="Chromium" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationCompany"="Chromium" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\DefaultIcon] @="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001\SOFTWARE\Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] @=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" -- "%1"" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\.webp\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\.xht\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\.xhtml\OpenWithProgids] "ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ"="" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] @="Chromium HTML Document" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ] "AppUserModelId"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "AppUserModelId"="Chromium.TCRSHKLJ4QOSHG2MBUAZSTZJBQ" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationIcon"="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationName"="Chromium" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\Application] "ApplicationCompany"="Chromium" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\DefaultIcon] @="C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe,0" [HKEY_USERS\S-1-5-21-3302668231-1340561324-16488363-1001_Classes\ChromiumHTM.TCRSHKLJ4QOSHG2MBUAZSTZJBQ\shell\open\command] @=""C:\Users\hauve\AppData\Local\Chromium\Application\chrome.exe" -- "%1"" -= EOF =-
  15. brownhornet

    please review

    im worried now..i removed it last night but it still would load on start up.then i found a short cut.removed it then rebooted,didnt pop up as soon as it did before but it started up as before.what is it and should i be very worried. would this chromium thing have anything to do with 100% disk usage?
×