Jump to content

nele86

Members
 View Profile  See their activity

  • Posts

    10

  • Joined

  • Last visited

Reputation

0 Neutral
  1. nele86
    it seems to be working fine!! Thanks so much for your help! You're a life saver ​
  2. nele86
    3 addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015 Ran by nele (2015-11-09 17:34:15) Running from C:\Users\nele\Downloads Windows 10 Home (X64) (2015-08-01 11:07:41) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2444418471-309531542-3407867716-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2444418471-309531542-3407867716-503 - Limited - Disabled) Guest (S-1-5-21-2444418471-309531542-3407867716-501 - Limited - Disabled) => C:\Users\Guest HomeGroupUser$ (S-1-5-21-2444418471-309531542-3407867716-1007 - Limited - Enabled) nele (S-1-5-21-2444418471-309531542-3407867716-1001 - Administrator - Enabled) => C:\Users\nele ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - ) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated) Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated) Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) BitTorrent (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.) Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.) Canon MX450 series On-screen Manual (HKLM-x32\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.) Canon MX450 series User Registration (HKLM-x32\...\Canon MX450 series User Registration) (Version: - ‭Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.) Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.) ChromecastApp (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.) Cloud Spot version 1.1.0 (HKLM-x32\...\{26119DD5-31D4-4660-B943-A03C06A2F5A9}}_is1) (Version: 1.1.0 - One Cloud LLC) Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.) CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC) Dropbox (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.) EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts) Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard) Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited) Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive) Google Photos Backup (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.) Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent) HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company) HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard) HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation) HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT) Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC) iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - ) Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) PASS (HKLM-x32\...\com.showitfast.pass.desktop.PASS) (Version: 3.1.651 - Showitfast, Inc) PASS (x32 Version: 3.1.651 - Showitfast, Inc) Hidden PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Picasa Uploader (HKLM-x32\...\com.webkinesis.PicasaUploaderDesktop) (Version: 0.7 - UNKNOWN) Picasa Uploader (x32 Version: 0.7 - UNKNOWN) Hidden Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek) Rapport (x32 Version: 3.5.1507.83 - Trusteer) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skypeâ„¢ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.83 - Trusteer) Unity Web Player (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VS10Runtimex64 (Version: 1.0.0 - sourcefire) Hidden Windows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Restore Points ========================= 26-10-2015 11:36:23 Installed Rapport 31-10-2015 02:00:39 Windows Update 07-11-2015 17:25:07 Scheduled Checkpoint ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1E19BBB6-CE11-445E-BC43-90C954BBA030} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {26983DBF-7262-415C-8402-3B303D9BE7CE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.) Task: {4B3C40AF-74C0-4E22-B314-14748CC952CC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.) Task: {5F305D81-2A6D-4A17-82B9-2482C266AA75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {617C8530-3AD1-4373-B9D6-50F3D26D1513} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation) Task: {70DE8B54-CA5B-4548-8AEA-FD9F2D8D9CB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {72D64D7B-3051-4FBE-AC3D-869DACF503F3} - System32\Tasks\HPCeeScheduleFornele => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {76E33B9D-25C1-4442-8A03-7A1F78C2EB7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {B2495DE5-6A55-4491-9933-6924E8639A36} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.) Task: {DB8F6DD3-331E-402D-BF1E-B3A48E03037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {E919D2DF-279A-4CA0-AD7C-E76DB3C0D74A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated) Task: {F2F66373-DB93-44EB-9893-DF6720E2EA8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleFornele.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Loaded Modules (Whitelisted) ============== 2015-08-01 11:10 - 2015-08-01 11:10 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-19 07:14 - 2015-08-11 09:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2014-05-21 09:55 - 2012-03-28 12:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe 2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2015-04-13 12:44 - 2015-04-13 12:44 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe 2015-10-01 08:48 - 2015-09-17 05:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-01 08:49 - 2015-09-17 05:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-01 08:48 - 2015-09-17 05:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-01 08:48 - 2015-09-17 05:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-01 08:49 - 2015-09-17 05:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-01-10 05:26 - 2014-01-10 05:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-04-13 12:43 - 2015-04-13 12:43 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll 2015-04-13 12:43 - 2015-04-13 12:43 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll 2015-04-13 12:44 - 2015-04-13 12:44 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll 2015-04-13 12:44 - 2015-04-13 12:44 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll 2015-04-13 12:44 - 2015-04-13 12:44 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll 2015-04-13 12:45 - 2015-04-13 12:45 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll 2015-04-13 12:47 - 2015-04-13 12:47 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll 2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2015-10-02 02:59 - 2015-10-12 23:33 - 00166416 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2015-11-09 17:15 - 2015-11-09 17:15 - 00071168 _____ () c:\users\nele\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi2oqf2.dll 2015-03-04 21:45 - 2015-09-23 23:07 - 00012800 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-06-28 05:42 - 2015-09-23 23:07 - 00779776 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-30 07:01 - 2015-09-23 23:07 - 00056320 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-03-04 21:45 - 2015-09-23 23:07 - 00012288 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2014-01-10 05:28 - 2014-01-10 05:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll 2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2013-09-20 13:50 - 2013-09-20 13:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll 2013-09-17 04:54 - 2013-09-17 04:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll 2013-09-17 04:54 - 2013-09-17 04:54 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll 2013-09-17 04:54 - 2013-09-17 04:54 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll 2013-05-28 05:43 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\N1Service => ""="service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nele\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\imgp8049.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\StartupFolder: => "TornTvDownloader.lnk" HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "EADM" HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "TornTv Downloader" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{1025B925-2C9C-427E-86A8-132297731851}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C1E632B1-A3CC-48FD-884E-800344E706ED}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe FirewallRules: [{F80D3479-1678-4232-A973-39494BFF18AA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe FirewallRules: [{52D5662F-33CE-44CA-923B-0996AFEF41E0}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe FirewallRules: [{E2048A47-C099-487A-B719-9A8929CA799E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe FirewallRules: [{F0B475D2-8FD4-49D2-B59D-0DC9F66A23DE}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe FirewallRules: [{81C14BFD-0198-4354-B7E5-1D0EF5AFA7D8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe FirewallRules: [{00527A23-494C-48F3-BEDA-9E14BF3557B8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe FirewallRules: [uDP Query User{57231475-DB0F-4254-AE4A-B7FEB59F260B}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [TCP Query User{E056BE84-5783-41E3-9788-958D19C6E9F1}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe FirewallRules: [{8FD4CF31-E083-4D04-9DC7-6E0B723BF52C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{82F42F84-D2F6-46D9-AB60-60F8B06328BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{4E7ACD19-1FE0-46A2-BB34-C409372F6276}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{EB3CECCB-6A56-4E43-81B8-25DD38B96015}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{39FAF2C5-369E-42C3-866A-8A92ECDAFBDA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{38B3D583-F8F1-4EA9-9163-A2C2DE9B408C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{0155C8CA-6EDE-4E39-BD94-D5F5D5F9A6CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4657F890-6E28-4ABC-B979-3947B979ABB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{37D48367-0D10-48B3-BCCA-4A517DCBD17B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B09E334C-CA3F-44AB-989C-CC15A0B29087}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{350E6958-F5B3-4219-A59F-0388A2A557F2}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{3EDD2F47-0C6A-4D4C-8E59-2C443BEC0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{71DEA4C3-2E45-4C4C-B579-6C6A0D5D31FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{33501526-9B4D-4ECA-85EC-9B267C10B160}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9B2EDD26-3122-42D6-9CDA-308B8D37375F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7E589AD1-B993-4737-92A3-F02A1FC25994}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C6D5D70B-777E-4566-B2E4-6719579EDDE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3962F2D1-9922-404C-979D-61B218F40BDA}] => (Allow) C:\Users\nele\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [TCP Query User{74FAACFD-024B-4544-864E-A6794BA0F79F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [uDP Query User{FDE116CE-3540-453E-948A-A89960CBB42C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{06AA2F2F-4926-4C8A-9BB2-256FAD09E23D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exe FirewallRules: [{BE5F66D4-8E4F-4F46-B145-916D0E4338E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exe FirewallRules: [{A88648A1-777C-4AA2-9B7A-1773DA4D428D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exe FirewallRules: [{0C9782B7-1886-42B7-8127-32BDC0CA275E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exe FirewallRules: [TCP Query User{780C7D31-0E07-4514-98C5-D1B7D841A65B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [uDP Query User{7A2F8D87-B08E-46DC-8CAB-FDE2C041E641}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{9D199768-5E07-459B-A391-0F47664151ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{F10FE5CE-DB14-4515-9872-C5412EE19B51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B0731064-424E-48C1-AF45-88ADE2D3B16F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{9C267989-BAFE-4F06-8B7C-BB139468B55B}] => (Allow) LPort=2869 FirewallRules: [{EF52EE58-C211-4D55-82DA-53566D044D6D}] => (Allow) LPort=1900 FirewallRules: [{431A513B-B9D6-4D5D-AF1C-AA3E48C00EA7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{0BAC3109-561B-4CE2-B066-30424B91C084}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{6F593D47-8EBD-42DF-B104-0B18C9B0940F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe FirewallRules: [{556BC192-839D-48C4-9293-4B156F47104A}] => (Allow) C:\Users\nele\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{0489726D-FD2E-4D98-83FD-FC093031D8F8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{7A14CA27-E1BF-4183-BC84-FD62E9E69CB7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{47AC1EFE-3AE7-49E5-A263-911720947574}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{2C1FEB40-5265-4BE2-97D8-91F8EA1A2A5D}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{4DEBA70B-87AD-44CC-BA1F-5FA4F3F99D65}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{B1922B95-17F2-46B6-88A9-A71588C2E8A5}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [uDP Query User{40E97BEC-BEA7-419B-B933-C7AD70E7A5EB}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{922C626C-9F00-40DD-AFE0-F86039AB9A02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{9C5DAF29-896A-41CB-9E8F-22CFD309D847}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{5723E951-8684-4D25-B696-EB238EDA82E8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe FirewallRules: [TCP Query User{9184DB6C-1828-4307-8E42-1015CB06EAA2}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exe FirewallRules: [uDP Query User{95C59811-07CA-4EB9-90B5-5CB65C16452A}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exe FirewallRules: [TCP Query User{4324F66E-61F2-42D8-B7D7-6AA3192FCE0B}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exe FirewallRules: [uDP Query User{6CE6CF79-0B86-4FE0-93F3-09603C556D7E}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exe FirewallRules: [{B9F105CA-0F51-4C6E-B13C-E673D4BFB632}] => (Allow) C:\WINDOWS\explorer.exe FirewallRules: [{FEDCDE37-1637-46E1-AF73-85E16D3AC5AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/09/2015 05:11:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10240.16566, time stamp: 0x56277dbe Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x55fa4b76 Exception code: 0xc0000005 Fault offset: 0x0000000000060f73 Faulting process ID: 0x1fe4 Faulting application start time: 0xMicrosoftEdge.exe0 Faulting application path: MicrosoftEdge.exe1 Faulting module path: MicrosoftEdge.exe2 Report ID: MicrosoftEdge.exe3 Faulting package full name: MicrosoftEdge.exe4 Faulting package-relative application ID: MicrosoftEdge.exe5 Error: (11/09/2015 05:01:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10240.16566, time stamp: 0x56277dbe Faulting module name: MicrosoftEdge.exe, version: 11.0.10240.16566, time stamp: 0x56277dbe Exception code: 0xc0000409 Fault offset: 0x0000000000313369 Faulting process ID: 0xa10 Faulting application start time: 0xMicrosoftEdge.exe0 Faulting application path: MicrosoftEdge.exe1 Faulting module path: MicrosoftEdge.exe2 Report ID: MicrosoftEdge.exe3 Faulting package full name: MicrosoftEdge.exe4 Faulting package-relative application ID: MicrosoftEdge.exe5 Error: (11/09/2015 02:49:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853 Faulting module name: MMDevApi.dll, version: 10.0.10240.16384, time stamp: 0x559f3a70 Exception code: 0xc0000005 Fault offset: 0x000000000001f81e Faulting process ID: 0x4c98 Faulting application start time: 0xmicrosoftedgecp.exe0 Faulting application path: microsoftedgecp.exe1 Faulting module path: microsoftedgecp.exe2 Report ID: microsoftedgecp.exe3 Faulting package full name: microsoftedgecp.exe4 Faulting package-relative application ID: microsoftedgecp.exe5 Error: (11/09/2015 02:04:56 PM) (Source: Google Update) (EventID: 20) (User: NELEPADDYHOME) Description: Network Request Error. Error: 0x8007277a. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x8007277a. Http status code 0. trying WinHTTP. Send request returned 0x8007277a. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x8007277a. Http status code 0. trying WinHTTP. Send request returned 0x8007277a. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x8007277a. Http status code 0. trying WinHTTP. Send request returned 0x8007277a. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x8007277a. Http s Error: (11/09/2015 11:04:56 AM) (Source: Google Update) (EventID: 20) (User: NELEPADDYHOME) Description: Network Request Error. Error: 0x8007277a. Http status code: 0. Url=https://www.facebook.com/omaha/update.php Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x8007277a. Http status code 0. trying WinHTTP. Send request returned 0x8007277a. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x8007277a. Http status code 0. trying WinHTTP. Send request returned 0x8007277a. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=IE, wpad=1, script=. trying CUP:WinHTTP. Send request returned 0x8007277a. Http status code 0. trying WinHTTP. Send request returned 0x8007277a. Http status code 0. trying CUP:iexplore. Send request returned 0x80004005. Http status code 0. Trying config: source=, direct connection. trying CUP:WinHTTP. Send request returned 0x8007277a. Http s Error: (11/09/2015 09:23:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cb Faulting module name: MosHostCore.dll, version: 10.0.10240.16384, time stamp: 0x559f3908 Exception code: 0xc0000005 Fault offset: 0x00000000000096f2 Faulting process ID: 0x53d8 Faulting application start time: 0xsvchost.exe_MapsBroker0 Faulting application path: svchost.exe_MapsBroker1 Faulting module path: svchost.exe_MapsBroker2 Report ID: svchost.exe_MapsBroker3 Faulting package full name: svchost.exe_MapsBroker4 Faulting package-relative application ID: svchost.exe_MapsBroker5 Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). System errors: ============= Error: (11/09/2015 05:17:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (11/09/2015 05:12:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Search service failed to start due to the following error: %%1069 Error: (11/09/2015 05:12:18 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error: %%50 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (11/09/2015 05:12:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (11/09/2015 05:12:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (11/09/2015 05:12:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (11/09/2015 05:12:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (11/09/2015 05:11:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/09/2015 05:11:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/09/2015 05:11:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The IconMan_R service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2015-11-09 17:34:44.194 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 17:34:44.172 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 17:11:12.323 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 17:11:12.297 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 15:38:22.662 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 15:38:22.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 15:38:22.483 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 15:38:22.401 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 15:38:22.320 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 15:38:22.231 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i3-3110M CPU @ 2.40GHz Percentage of memory in use: 30% Total physical RAM: 8084.27 MB Available physical RAM: 5602.22 MB Total Virtual: 10900.27 MB Available Virtual: 8533.56 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:907.27 GB) (Free:609.24 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (RECOVERY) (Fixed) (Total:21.86 GB) (Free:2.63 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: F5E1212F) Partition: GPT. ==================== End of Addition.txt ============================
  3. nele86
    3. FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015 Ran by nele (administrator) on NELEPADDYHOME (09-11-2015 17:32:24) Running from C:\Users\nele\Downloads Loaded Profiles: nele (Available Profiles: nele & Guest) Platform: Windows 10 Home (X64) Language: English (United Kingdom) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Facebook Inc.) C:\Users\nele\AppData\Local\Facebook\Update\FacebookUpdate.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe (Dropbox, Inc.) C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\Windows\splwow64.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-10-21] (IDT, Inc.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated) HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.) HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-05-01] (Adobe Systems Inc.) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.) HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.) HKLM-x32\...\Run: [WsmUpdater] => C:\Program Files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe [292208 2012-05-18] (Web Solution Mart) HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC) HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] () HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.) HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM\...\Winlogon: [userinit] C:\WINDOWS\SysWOW64\userinit.exe, HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [Facebook Update] => C:\Users\nele\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-06] (Facebook Inc.) HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-06-13] (Electronic Arts) HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [Google Update] => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.) HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [Dropbox Update] => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-28] (Dropbox, Inc.) HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [OneDrive] => "C:\Users\nele\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] () ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-20] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-20] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-20] (Microsoft Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => No File ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-20] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-20] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-20] (Microsoft Corporation) Startup: C:\Users\nele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-17] ShortcutTarget: Dropbox.lnk -> C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [76288 2015-07-10] (Microsoft Corporation) Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [76288 2015-07-10] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{94dfe8e7-2b92-4927-ac05-c8488ffc654f}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{a107361a-12af-4e9e-8cd8-707e57d65970}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1 SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {A91BAD20-CEC2-4976-AAC5-69C0D95947F3} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 -> {A91BAD20-CEC2-4976-AAC5-69C0D95947F3} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = SearchScopes: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-09-02] (Oracle Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-09-02] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\nele\AppData\Roaming\Mozilla\Firefox\Profiles\v9p4hdh6.default-1437226776652 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-23] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-23] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-09-02] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-09-02] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-05-01] (Adobe Systems Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems) FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\nele\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: @tools.google.com/Google Update;version=3 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: @tools.google.com/Google Update;version=9 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.) FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\nele\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: electronicarts.com/GameFacePlugin -> C:\Users\nele\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.) FF Extension: Share Button for Pinterest - C:\Users\nele\AppData\Roaming\Mozilla\Firefox\Profiles\v9p4hdh6.default-1437226776652\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2015-10-23] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed] FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-01] [not signed] Chrome: ======= CHR DefaultSearchURL: Default -> hxxp://pandasecurity.mystart.com/results.php?searchsource=omnibar&pr=vmn&id=pandasecuritytb&v=2_3&ent=ds_671&q={searchTerms} CHR DefaultSearchKeyword: Default -> yahoo CHR Plugin: (Widevine Content Decryption Module) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll => No File CHR Profile: C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-02] CHR Extension: (Google Drive) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google Cast) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-10-13] CHR Extension: (Google Search) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Google Docs Offline) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04] CHR Extension: (AdBlock) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02] CHR Extension: (Gmail) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-02] CHR HKU\S-1-5-21-2444418471-309531542-3407867716-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-05-01] CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-14] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-13] (Electronic Arts) R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed] R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2255128 2015-10-18] (IBM Corp.) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-01] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) U5 BrSerIb; C:\Windows\System32\Drivers\BrSerIb.sys [284160 2012-03-27] (Brother Industries Ltd.) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated) S3 iscFlash; C:\swsetup\sp62218\iscflashx64.sys [69216 2013-10-14] (Insyde Software) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-01] (Malwarebytes) R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.) R1 RapportCerberus_1507072; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507072.sys [959416 2015-09-22] (IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [500184 2015-10-18] (IBM Corp.) S3 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [139896 2015-10-18] (IBM Corp.) S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [394584 2015-10-18] (IBM Corp.) S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [489272 2015-10-18] (IBM Corp.) S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-09 17:13 - 2015-11-09 17:13 - 00016148 _____ C:\WINDOWS\system32\NELEPADDYHOME_nele_HistoryPrediction.bin 2015-11-09 17:07 - 2015-11-09 17:15 - 00000000 ____D C:\AdwCleaner 2015-11-09 17:07 - 2015-11-09 17:07 - 01712128 _____ C:\Users\nele\Downloads\AdwCleaner.exe 2015-11-09 10:30 - 2015-11-09 10:35 - 00055394 _____ C:\Users\nele\Downloads\Addition.txt 2015-11-09 10:27 - 2015-11-09 17:32 - 00032150 _____ C:\Users\nele\Downloads\FRST.txt 2015-11-09 10:26 - 2015-11-09 10:27 - 02198528 _____ (Farbar) C:\Users\nele\Downloads\FRST64.exe 2015-11-08 12:49 - 2015-11-08 12:52 - 02735245 _____ C:\Users\nele\Downloads\storyboard_templates.zip 2015-11-08 11:12 - 2014-02-16 18:10 - 00000000 ____D C:\Users\nele\Downloads\CoffeeShop WebBoards 9 2015-11-05 21:18 - 2015-11-05 21:19 - 01748413 _____ C:\Users\nele\Downloads\2016_TMW_YearlyPlanner.zip 2015-11-04 14:05 - 2015-11-04 14:02 - 00000118 ____N C:\Users\nele\Downloads\.ignore 2015-11-04 14:05 - 2015-11-04 14:02 - 00000000 ____D C:\Users\nele\Downloads\highlights 2015-11-02 14:45 - 2015-11-09 17:32 - 00000000 ____D C:\FRST 2015-11-01 14:58 - 2015-11-01 14:58 - 00000904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PASS.lnk 2015-11-01 14:58 - 2015-11-01 14:58 - 00000892 _____ C:\Users\Public\Desktop\PASS.lnk 2015-11-01 14:58 - 2015-11-01 14:58 - 00000000 ____D C:\Users\nele\Documents\PASS 2015-11-01 14:58 - 2015-11-01 14:58 - 00000000 ____D C:\Users\nele\AppData\Roaming\com.showitfast.pass.desktop.PASS 2015-11-01 14:58 - 2015-11-01 14:58 - 00000000 ____D C:\Program Files (x86)\PASS 2015-11-01 08:25 - 2015-11-01 08:25 - 00000000 ____D C:\Users\nele\AppData\Local\AvgSetupLog 2015-11-01 08:25 - 2015-11-01 08:25 - 00000000 ____D C:\Users\nele\AppData\Local\Avg 2015-10-30 22:25 - 2015-10-27 23:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-10-30 22:25 - 2015-10-27 23:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-10-30 22:25 - 2015-10-21 12:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll 2015-10-30 22:25 - 2015-10-21 12:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-10-30 22:25 - 2015-10-21 12:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-10-30 22:25 - 2015-10-21 12:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-10-30 22:25 - 2015-10-21 12:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2015-10-30 22:25 - 2015-10-21 11:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-10-30 22:25 - 2015-10-21 11:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll 2015-10-30 22:25 - 2015-10-21 11:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2015-10-30 22:25 - 2015-10-21 11:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-10-30 22:25 - 2015-10-21 11:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-10-30 22:25 - 2015-10-21 11:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-10-30 22:25 - 2015-10-21 11:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2015-10-30 22:25 - 2015-10-21 11:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-10-30 22:25 - 2015-10-21 11:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll 2015-10-30 22:25 - 2015-10-21 11:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2015-10-30 22:25 - 2015-10-21 11:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-10-30 22:25 - 2015-10-21 05:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-10-30 22:25 - 2015-10-21 05:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-10-30 22:25 - 2015-10-21 05:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-10-30 22:25 - 2015-10-21 05:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2015-10-30 22:25 - 2015-10-21 05:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-10-30 22:25 - 2015-10-21 05:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll 2015-10-30 22:25 - 2015-10-21 05:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-10-30 22:25 - 2015-10-21 04:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll 2015-10-30 22:24 - 2015-10-21 12:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2015-10-30 22:24 - 2015-10-21 11:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2015-10-30 22:24 - 2015-10-21 11:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll 2015-10-30 22:24 - 2015-10-21 11:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2015-10-30 22:24 - 2015-10-21 11:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll 2015-10-30 22:24 - 2015-10-21 05:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll 2015-10-30 22:24 - 2015-10-21 04:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2015-10-30 22:24 - 2015-10-21 04:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll 2015-10-28 20:20 - 2015-11-09 17:12 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleFornele.job 2015-10-28 20:20 - 2015-11-09 17:09 - 00003244 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFornele 2015-10-25 11:51 - 2015-10-25 12:00 - 00000000 ____D C:\Users\nele\Downloads\Despicable Me (2010) [1080p] 2015-10-24 16:00 - 2015-10-24 16:01 - 3014406843 _____ C:\Users\nele\Downloads\Day1.mkv 2015-10-19 12:18 - 2015-10-19 12:18 - 00019451 _____ C:\Users\nele\Downloads\[kat.cr]minions.2015.hdrip.xvid.etrg.torrent 2015-10-19 12:18 - 2015-10-19 12:18 - 00000000 ____D C:\Users\nele\Downloads\Minions.2015.HDRip.XViD ETRG 2015-10-17 21:05 - 2014-04-30 21:54 - 00001854 _____ C:\Users\nele\Downloads\Rules and Disclaimer-unrestricted-Do not delete.txt 2015-10-17 08:31 - 2015-10-17 08:31 - 00001095 _____ C:\Users\Public\Desktop\Cloud Spot.lnk 2015-10-17 08:31 - 2015-10-17 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cloud Spot 2015-10-17 07:01 - 2015-10-17 07:01 - 00000000 ____D C:\Users\nele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-10-16 21:00 - 2015-10-16 21:00 - 00099753 _____ C:\Users\nele\Downloads\CoffeeShop WebBoards 9.zip 2015-10-16 15:13 - 2015-11-01 08:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-10-14 13:15 - 2015-10-14 13:15 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab 2015-10-14 13:15 - 2015-10-14 13:15 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl 2015-10-14 13:15 - 2015-10-14 13:15 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00181524 _____ C:\WINDOWS\system32\resELL.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe 2015-10-14 13:15 - 2015-10-14 13:15 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00163044 _____ C:\WINDOWS\system32\resARA.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00155988 _____ C:\WINDOWS\system32\resITA.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00155828 _____ C:\WINDOWS\system32\resROM.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00155716 _____ C:\WINDOWS\system32\resESN.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00149812 _____ C:\WINDOWS\system32\resENU.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui 2015-10-14 13:15 - 2015-10-14 13:15 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll 2015-10-14 13:15 - 2015-10-14 13:15 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp 2015-10-14 13:14 - 2015-10-06 03:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-10-14 13:14 - 2015-10-06 02:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-10-14 13:14 - 2015-10-01 04:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-10-14 13:14 - 2015-10-01 04:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-10-14 13:14 - 2015-10-01 04:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-10-14 13:14 - 2015-10-01 04:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-10-14 13:14 - 2015-10-01 04:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-10-14 13:14 - 2015-09-25 04:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2015-10-14 13:14 - 2015-09-25 04:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2015-10-14 13:14 - 2015-09-25 03:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-10-14 13:14 - 2015-09-25 03:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2015-10-14 13:14 - 2015-09-25 03:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2015-10-14 13:14 - 2015-09-25 03:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-10-14 13:14 - 2015-09-25 03:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2015-10-14 13:14 - 2015-09-25 03:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2015-10-14 13:14 - 2015-09-25 03:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-10-14 13:14 - 2015-09-25 03:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2015-10-14 13:14 - 2015-09-25 03:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-10-14 13:14 - 2015-09-25 03:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2015-10-14 13:14 - 2015-09-25 03:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll 2015-10-14 13:14 - 2015-09-25 03:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-10-14 13:14 - 2015-09-25 03:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-10-14 13:14 - 2015-09-25 03:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-10-14 13:14 - 2015-09-25 03:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll 2015-10-14 13:14 - 2015-09-25 03:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-10-14 13:14 - 2015-09-25 03:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-10-14 13:14 - 2015-09-25 03:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2015-10-14 13:14 - 2015-09-25 03:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-10-14 13:14 - 2015-09-25 03:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2015-10-14 13:14 - 2015-09-25 03:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2015-10-14 13:14 - 2015-09-25 02:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2015-10-14 13:14 - 2015-09-25 02:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2015-10-14 13:14 - 2015-09-25 02:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2015-10-14 13:14 - 2015-09-25 02:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2015-10-14 13:14 - 2015-09-25 02:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2015-10-14 13:14 - 2015-09-25 02:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2015-10-14 13:14 - 2015-09-25 02:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll 2015-10-14 13:14 - 2015-09-25 02:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2015-10-14 13:14 - 2015-09-25 02:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2015-10-14 13:14 - 2015-09-25 02:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-10-14 13:14 - 2015-09-25 02:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-10-14 13:14 - 2015-09-25 02:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2015-10-14 13:14 - 2015-09-25 02:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-10-14 13:14 - 2015-09-25 02:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-10-14 13:14 - 2015-09-25 02:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll 2015-10-14 13:14 - 2015-09-25 02:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll 2015-10-14 13:14 - 2015-09-25 02:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-10-14 13:14 - 2015-09-25 02:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-10-14 13:14 - 2015-09-25 02:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2015-10-14 13:14 - 2015-09-25 02:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2015-10-14 13:14 - 2015-09-25 02:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2015-10-14 13:14 - 2015-09-25 02:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2015-10-14 13:14 - 2015-09-25 02:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2015-10-14 13:14 - 2015-09-25 02:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2015-10-14 13:14 - 2015-09-25 02:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll 2015-10-14 13:14 - 2015-09-25 02:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2015-10-14 13:13 - 2015-10-10 07:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-10-14 13:13 - 2015-10-01 03:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2015-10-11 07:39 - 2015-10-11 07:39 - 28263702 _____ C:\Users\nele\Downloads\RBF_Renewal_Textured_Solids_Free.zip 2015-10-10 10:11 - 2015-10-11 19:01 - 00024103 _____ C:\Users\nele\Desktop\Paddy Sleeve.odt ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-09 17:32 - 2015-07-10 12:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-11-09 17:27 - 2015-07-15 20:11 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job 2015-11-09 17:16 - 2015-05-06 12:14 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-11-09 17:16 - 2014-09-14 09:34 - 00000000 ___RD C:\Users\nele\Dropbox 2015-11-09 17:16 - 2014-09-14 09:31 - 00000000 ____D C:\Users\nele\AppData\Roaming\Dropbox 2015-11-09 17:13 - 2014-03-24 10:27 - 00000000 ____D C:\Users\nele\AppData\Local\HTC MediaHub 2015-11-09 17:12 - 2015-07-10 12:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-11-09 17:12 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-11-09 17:12 - 2015-07-10 09:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-11-09 17:11 - 2015-05-06 12:14 - 00000000 ____D C:\WINDOWS\system32\log 2015-11-09 17:00 - 2015-07-18 19:55 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job 2015-11-09 16:58 - 2015-08-01 10:27 - 00000000 ____D C:\Users\nele 2015-11-09 15:24 - 2015-07-28 19:48 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2EB703FC-714D-4040-AF2E-EC7F5D94D58F} 2015-11-09 10:56 - 2013-10-14 17:19 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log 2015-11-08 21:00 - 2015-07-18 19:55 - 00000890 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job 2015-11-08 19:18 - 2015-07-10 12:20 - 00030397 _____ C:\WINDOWS\setupact.log 2015-11-08 08:27 - 2015-07-15 20:11 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job 2015-11-08 08:17 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-06 22:11 - 2013-10-12 13:28 - 00000000 ____D C:\Users\nele\AppData\Roaming\Adobe 2015-11-05 22:46 - 2014-08-26 21:42 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-04 13:21 - 2015-08-03 19:18 - 00000000 ____D C:\Users\nele\AppData\Local\CloudSpot 2015-11-03 18:05 - 2015-08-01 10:26 - 00968010 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-02 14:09 - 2013-10-15 07:28 - 00000000 ____D C:\Program Files (x86)\Google 2015-11-02 14:06 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-11-01 08:46 - 2015-09-02 19:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-11-01 08:32 - 2015-08-01 10:18 - 00119164 _____ C:\WINDOWS\PFRO.log 2015-11-01 08:26 - 2015-07-28 19:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-11-01 08:17 - 2015-07-18 13:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-10-31 17:25 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\rescache 2015-10-31 03:33 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2015-10-31 03:33 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\en-GB 2015-10-31 03:33 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-10-31 02:03 - 2015-07-10 10:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-10-30 20:47 - 2013-11-03 11:04 - 00000000 ____D C:\Users\nele\AppData\Roaming\Skype 2015-10-30 18:02 - 2013-11-03 11:04 - 00000000 ____D C:\ProgramData\Skype 2015-10-30 09:54 - 2015-10-04 01:11 - 00004888 _____ C:\WINDOWS\SysWOW64\N1Service.ini 2015-10-30 09:54 - 2015-10-04 01:11 - 00002400 _____ C:\WINDOWS\SysWOW64\N1ServiceOff.ini 2015-10-27 13:04 - 2015-08-04 08:21 - 00001456 _____ C:\Users\nele\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-10-26 11:39 - 2014-06-03 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection 2015-10-26 11:35 - 2013-10-15 19:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-10-26 11:33 - 2013-10-18 15:33 - 00000000 ____D C:\Users\nele\AppData\Roaming\BitTorrent 2015-10-25 21:59 - 2014-05-20 14:15 - 00000000 ____D C:\ProgramData\CanonIJPLM 2015-10-23 14:18 - 2014-08-28 21:24 - 00000000 ____D C:\Users\nele\AppData\Local\Adobe 2015-10-18 15:06 - 2014-06-03 19:30 - 00394584 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys 2015-10-18 15:06 - 2014-06-03 19:30 - 00139896 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys 2015-10-17 15:45 - 2015-07-19 19:37 - 00000000 ____D C:\Users\nele\Desktop\Nele Uska Photography 2015-10-17 08:31 - 2015-08-03 19:15 - 00000000 ____D C:\Program Files (x86)\Cloud Spot 2015-10-17 08:23 - 2015-09-11 15:09 - 00000000 ____D C:\Users\nele\AppData\Local\CloudSpotUpdater 2015-10-16 15:09 - 2015-07-28 19:44 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task 2015-10-16 07:08 - 2014-10-24 16:28 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-10-16 03:10 - 2015-10-02 03:36 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-10-16 03:10 - 2015-10-02 03:36 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-15 19:38 - 2015-09-09 09:35 - 00000000 ____D C:\Users\nele\Desktop\Airike 2015-10-14 15:13 - 2013-11-03 11:04 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-10-14 13:26 - 2013-10-15 07:10 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-10-14 13:17 - 2013-10-15 07:10 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-10-14 13:15 - 2015-08-01 10:23 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL 2015-10-14 13:15 - 2015-08-01 10:23 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL 2015-10-14 13:15 - 2015-07-10 23:51 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe 2015-10-14 13:15 - 2015-07-10 23:51 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe 2015-10-14 13:15 - 2015-07-10 23:51 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe 2015-10-14 13:15 - 2015-07-10 23:51 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe 2015-10-14 13:15 - 2015-07-10 23:50 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys 2015-10-14 13:15 - 2015-07-10 23:49 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll 2015-10-14 13:15 - 2015-07-10 23:49 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll 2015-10-14 13:15 - 2015-07-10 23:49 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll 2015-10-14 13:15 - 2015-07-10 23:49 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll 2015-10-14 13:15 - 2015-07-10 23:46 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll 2015-10-14 13:15 - 2015-07-10 23:46 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll 2015-10-14 13:15 - 2015-07-10 23:46 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll 2015-10-13 14:28 - 2015-08-28 20:04 - 00000000 ____D C:\Users\nele\AppData\Local\YdvwPack ==================== Files in the root of some directories ======= 2015-07-30 07:09 - 2015-07-30 07:09 - 0000079 _____ () C:\Program Files (x86)\prefs.js 2015-07-18 20:06 - 2015-09-15 12:57 - 0000132 _____ () C:\Users\nele\AppData\Roaming\Adobe PNG Format CC Prefs 2015-03-09 21:30 - 2015-03-09 21:30 - 0005487 _____ () C:\Users\nele\AppData\Roaming\BYAIAMUF 2015-08-04 08:21 - 2015-10-27 13:04 - 0001456 _____ () C:\Users\nele\AppData\Local\Adobe Save for Web 13.0 Prefs 2015-05-20 09:41 - 2015-05-20 09:41 - 0002124 _____ () C:\Users\nele\AppData\Local\recently-used.xbel 2013-05-28 06:01 - 2013-05-28 06:01 - 0000595 _____ () C:\ProgramData\CyberlinkOutput.txt 2015-09-02 07:08 - 2015-09-02 07:08 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Files to move or delete: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Some files in TEMP: ==================== C:\Users\nele\AppData\Local\Temp\bitool.dll C:\Users\nele\AppData\Local\Temp\cabex.dll C:\Users\nele\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi2oqf2.dll C:\Users\nele\AppData\Local\Temp\jre-8u51-windows-au.exe C:\Users\nele\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\nele\AppData\Local\Temp\SpOrder.dll C:\Users\nele\AppData\Local\Temp\sqlite3.dll C:\Users\nele\AppData\Local\Temp\tu17p84.exe C:\Users\nele\AppData\Local\Temp\unelevate.exe C:\Users\nele\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\wininit.exe => File is digitally signed C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-10-31 16:57 ==================== End of FRST.txt ============================​ ​
  4. nele86
    2. adwcleaner # AdwCleaner v5.019 - Logfile created 09/11/2015 at 17:11:49 # Updated 08/11/2015 by Xplode # Database : 2015-11-09.1 [server] # Operating system : Windows 10 Home (x64) # Username : nele - NELEPADDYHOME # Running from : C:\Users\nele\Downloads\AdwCleaner.exe # Option : Cleaning # Support : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Folders ] ***** [-] Folder Deleted : C:\Program Files (x86)\globalUpdate [-] Folder Deleted : C:\Program Files (x86)\GSafe [-] Folder Deleted : C:\Program Files (x86)\relaydouble [!] Folder Not Deleted : C:\Program Files (x86)\RelayDouble [-] Folder Deleted : C:\ProgramData\AVG Security Toolbar [-] Folder Deleted : C:\ProgramData\Goobzo [-] Folder Deleted : C:\ProgramData\afcf9df100002a84 [-] Folder Deleted : C:\ProgramData\c1fedbf800000d54 [-] Folder Deleted : C:\Users\nele\AppData\Local\globalUpdate [-] Folder Deleted : C:\Users\nele\AppData\Local\Temp\GSafe [-] Folder Deleted : C:\Users\Public\Documents\Goobzo ***** [ Files ] ***** [-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml [-] File Deleted : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log [-] File Deleted : C:\WINDOWS\SysNative\roboot64.exe ***** [ DLLs ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled tasks ] ***** ***** [ Registry ] ***** [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5} [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D} [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro [-] Key Deleted : HKLM\SOFTWARE\1bf0f631-45b9-6cc0-53d2-276f85597bf5 [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} [-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB} [-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Key Deleted : HKCU\Software\GlobalUpdate [-] Key Deleted : HKCU\Software\Goobzo [-] Key Deleted : HKCU\Software\InstalledBrowserExtensions [-] Key Deleted : HKCU\Software\V9 [-] Key Deleted : HKCU\Software\Avg Secure Update [-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} [-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate [-] Key Deleted : HKLM\SOFTWARE\Goobzo [-] Key Deleted : HKLM\SOFTWARE\hdcode [-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions [-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81} [-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions [-] Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro [-] Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader [-] Key Deleted : HKU\.DEFAULT\Software\Goobzo [-] Key Deleted : HKU\.DEFAULT\Software\Elex-tech [-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update [-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} [-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_ [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hiphopmyway.com [-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hiphopmyway.com [-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hiphopmyway.com [-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hiphopmyway.com ***** [ Web browsers ] ***** ************************* :: "Tracing" keys removed :: Winsock settings cleared ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7620 bytes] ##########
  5. nele86
    1. Fixlog.txt Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015 Ran by nele (2015-11-09 16:57:44) Run:1 Running from C:\Users\nele\Downloads Loaded Profiles: nele (Available Profiles: nele & Guest) Boot Mode: Normal ============================================== fixlist content: ***************** CloseProcesses: C:\WINDOWS\system32\N1Service64.dll cmd: netsh winsock reset AlternateDataStreams: C:\ProgramData\Temp:56E2E879 HKLM-x32\...\Run: [] => [X] Task: {063048D0-DEA2-423B-941B-FAD4767E99EB} - \SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 -> No File Task: {082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71} - \Adobe Flash Player Updater -> No File Task: {0D4F3C7A-39C4-4104-8425-785826EB9B10} - \PhraseProfessor Auto Updater 1.10.0.22 Core -> No File Task: {18EC5D67-59D5-423D-800F-858D030CC291} - \PhraseProfessor Auto Updater 1.10.0.22 Pending Update -> No File Task: {1DF97EDE-765C-430D-AFE5-C8FB693C54AE} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001 -> No File Task: {23D61382-9314-478E-A3DD-F292E93BBCD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File Task: {29EA6BD1-C841-494E-8B22-F64B77686168} - \Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500 -> No File Task: {40D27100-911A-4768-BAD3-2B5F2608C670} - \Launch HTC Sync Loader -> No File Task: {43BE01ED-7A43-4043-B861-58CEDB1BB47C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File Task: {497B1032-FCE3-4473-AB41-E5256517CE7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File Task: {5C8671F6-5D3B-4BEE-9370-8121A1AEA31B} - \{E9430C13-12E9-4EB9-AD7C-43AC41CB426C} -> No File Task: {68DCE6E6-F422-4A4D-9B9F-B3398C22C59D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File Task: {70E68620-137B-459A-8E0E-2B7731453777} - \ShopperProJSUpd -> No File Task: {813F116E-E4CD-4855-AC97-D9C6585B8062} - \Synaptics TouchPad Enhancements -> No File Task: {81EBE69B-6972-4D45-B7D7-B9E49312E330} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File Task: {8B3B6F6C-744E-4532-81DC-CF2B71F87736} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File Task: {92E36439-4325-4FD1-8CB7-54223596BB20} - \{A3503584-2DFA-4F0D-909D-B4F49C590301} -> No File Task: {9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File Task: {A0DB3846-1223-4110-BAA3-430882F22E38} - \AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com -> No File Task: {A3EF42AE-CEEA-488E-87C1-084569DA76F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File Task: {ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File Task: {E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File Task: {FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File Toolbar: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File 2015-10-30 09:54 - 2015-10-30 09:54 - 00002400 _____ C:\WINDOWS\system32\N1ServiceOff.ini 2015-10-30 09:53 - 2015-10-31 14:36 - 00000000 ____D C:\WINDOWS\NMsvc 2015-10-30 09:53 - 2015-10-30 09:53 - 00000000 ____D C:\WINDOWS\msservice ***************** Processes closed successfully. C:\WINDOWS\system32\N1Service64.dll => moved successfully ========= netsh winsock reset ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= C:\ProgramData\Temp => ":56E2E879" ADS removed successfully. HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{063048D0-DEA2-423B-941B-FAD4767E99EB}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{063048D0-DEA2-423B-941B-FAD4767E99EB}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D4F3C7A-39C4-4104-8425-785826EB9B10}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D4F3C7A-39C4-4104-8425-785826EB9B10}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhraseProfessor Auto Updater 1.10.0.22 Core => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18EC5D67-59D5-423D-800F-858D030CC291}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18EC5D67-59D5-423D-800F-858D030CC291}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhraseProfessor Auto Updater 1.10.0.22 Pending Update => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DF97EDE-765C-430D-AFE5-C8FB693C54AE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DF97EDE-765C-430D-AFE5-C8FB693C54AE}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23D61382-9314-478E-A3DD-F292E93BBCD5}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23D61382-9314-478E-A3DD-F292E93BBCD5}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29EA6BD1-C841-494E-8B22-F64B77686168}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29EA6BD1-C841-494E-8B22-F64B77686168}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40D27100-911A-4768-BAD3-2B5F2608C670}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D27100-911A-4768-BAD3-2B5F2608C670}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Launch HTC Sync Loader" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43BE01ED-7A43-4043-B861-58CEDB1BB47C}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43BE01ED-7A43-4043-B861-58CEDB1BB47C}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{497B1032-FCE3-4473-AB41-E5256517CE7E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{497B1032-FCE3-4473-AB41-E5256517CE7E}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C8671F6-5D3B-4BEE-9370-8121A1AEA31B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C8671F6-5D3B-4BEE-9370-8121A1AEA31B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E9430C13-12E9-4EB9-AD7C-43AC41CB426C}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68DCE6E6-F422-4A4D-9B9F-B3398C22C59D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68DCE6E6-F422-4A4D-9B9F-B3398C22C59D}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70E68620-137B-459A-8E0E-2B7731453777}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70E68620-137B-459A-8E0E-2B7731453777}" => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd => key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{813F116E-E4CD-4855-AC97-D9C6585B8062}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813F116E-E4CD-4855-AC97-D9C6585B8062}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Synaptics TouchPad Enhancements" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81EBE69B-6972-4D45-B7D7-B9E49312E330}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81EBE69B-6972-4D45-B7D7-B9E49312E330}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B3B6F6C-744E-4532-81DC-CF2B71F87736}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B3B6F6C-744E-4532-81DC-CF2B71F87736}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92E36439-4325-4FD1-8CB7-54223596BB20}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92E36439-4325-4FD1-8CB7-54223596BB20}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3503584-2DFA-4F0D-909D-B4F49C590301}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0DB3846-1223-4110-BAA3-430882F22E38}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0DB3846-1223-4110-BAA3-430882F22E38}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3EF42AE-CEEA-488E-87C1-084569DA76F6}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3EF42AE-CEEA-488E-87C1-084569DA76F6}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076}" => key removed successfully "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => key not found. HKCR\CLSID\ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => key not found. "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found. HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found. C:\WINDOWS\system32\N1ServiceOff.ini => moved successfully C:\WINDOWS\NMsvc => moved successfully C:\WINDOWS\msservice => moved successfully The system needed a reboot. ==== End of Fixlog 16:58:02 ====
  6. nele86
    and here is the FRST​ Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015Ran by nele (2015-11-09 10:30:36)Running from C:\Users\nele\DownloadsWindows 10 Home (X64) (2015-08-01 11:07:41)Boot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-2444418471-309531542-3407867716-500 - Administrator - Disabled)DefaultAccount (S-1-5-21-2444418471-309531542-3407867716-503 - Limited - Disabled)Guest (S-1-5-21-2444418471-309531542-3407867716-501 - Limited - Disabled) => C:\Users\GuestHomeGroupUser$ (S-1-5-21-2444418471-309531542-3407867716-1007 - Limited - Enabled)nele (S-1-5-21-2444418471-309531542-3407867716-1001 - Administrator - Enabled) => C:\Users\nele==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - )Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)BitTorrent (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)Canon MX450 series On-screen Manual (HKLM-x32\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)Canon MX450 series User Registration (HKLM-x32\...\Canon MX450 series User Registration) (Version: - ‭Canon Inc.)Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)ChromecastApp (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)Cloud Spot version 1.1.0 (HKLM-x32\...\{26119DD5-31D4-4660-B943-A03C06A2F5A9}}_is1) (Version: 1.1.0 - One Cloud LLC)Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)Dropbox (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive)Google Photos Backup (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.)Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) HiddenHP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenLagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - )Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenMSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)PASS (HKLM-x32\...\com.showitfast.pass.desktop.PASS) (Version: 3.1.651 - Showitfast, Inc)PASS (x32 Version: 3.1.651 - Showitfast, Inc) HiddenPDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)Picasa Uploader (HKLM-x32\...\com.webkinesis.PicasaUploaderDesktop) (Version: 0.7 - UNKNOWN)Picasa Uploader (x32 Version: 0.7 - UNKNOWN) HiddenRalink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)Rapport (x32 Version: 3.5.1507.83 - Trusteer) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)Skypeâ„¢ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.83 - Trusteer)Unity Web Player (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) HiddenVisual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VS10Runtimex64 (Version: 1.0.0 - sourcefire) HiddenWindows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)==================== Restore Points =========================26-10-2015 11:36:23 Installed Rapport31-10-2015 02:00:39 Windows Update07-11-2015 17:25:07 Scheduled Checkpoint==================== Hosts content: ===============================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {063048D0-DEA2-423B-941B-FAD4767E99EB} - \SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 -> No File <==== ATTENTIONTask: {082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71} - \Adobe Flash Player Updater -> No File <==== ATTENTIONTask: {0D4F3C7A-39C4-4104-8425-785826EB9B10} - \PhraseProfessor Auto Updater 1.10.0.22 Core -> No File <==== ATTENTIONTask: {18EC5D67-59D5-423D-800F-858D030CC291} - \PhraseProfessor Auto Updater 1.10.0.22 Pending Update -> No File <==== ATTENTIONTask: {1DF97EDE-765C-430D-AFE5-C8FB693C54AE} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001 -> No File <==== ATTENTIONTask: {1E19BBB6-CE11-445E-BC43-90C954BBA030} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)Task: {23D61382-9314-478E-A3DD-F292E93BBCD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTIONTask: {26983DBF-7262-415C-8402-3B303D9BE7CE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)Task: {29EA6BD1-C841-494E-8B22-F64B77686168} - \Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500 -> No File <==== ATTENTIONTask: {40D27100-911A-4768-BAD3-2B5F2608C670} - \Launch HTC Sync Loader -> No File <==== ATTENTIONTask: {43BE01ED-7A43-4043-B861-58CEDB1BB47C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTIONTask: {497B1032-FCE3-4473-AB41-E5256517CE7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTIONTask: {4B3C40AF-74C0-4E22-B314-14748CC952CC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)Task: {5C8671F6-5D3B-4BEE-9370-8121A1AEA31B} - \{E9430C13-12E9-4EB9-AD7C-43AC41CB426C} -> No File <==== ATTENTIONTask: {5F305D81-2A6D-4A17-82B9-2482C266AA75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {617C8530-3AD1-4373-B9D6-50F3D26D1513} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)Task: {68DCE6E6-F422-4A4D-9B9F-B3398C22C59D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTIONTask: {70DE8B54-CA5B-4548-8AEA-FD9F2D8D9CB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)Task: {70E68620-137B-459A-8E0E-2B7731453777} - \ShopperProJSUpd -> No File <==== ATTENTIONTask: {76E33B9D-25C1-4442-8A03-7A1F78C2EB7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {813F116E-E4CD-4855-AC97-D9C6585B8062} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTIONTask: {81EBE69B-6972-4D45-B7D7-B9E49312E330} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTIONTask: {8B3B6F6C-744E-4532-81DC-CF2B71F87736} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTIONTask: {8ED855BD-0E40-4F21-92AE-0F5CA1AD83A6} - System32\Tasks\HPCeeScheduleFornele => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)Task: {92E36439-4325-4FD1-8CB7-54223596BB20} - \{A3503584-2DFA-4F0D-909D-B4F49C590301} -> No File <==== ATTENTIONTask: {9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTIONTask: {A0DB3846-1223-4110-BAA3-430882F22E38} - \AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com -> No File <==== ATTENTIONTask: {A3EF42AE-CEEA-488E-87C1-084569DA76F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTIONTask: {ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTIONTask: {B2495DE5-6A55-4491-9933-6924E8639A36} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)Task: {DB8F6DD3-331E-402D-BF1E-B3A48E03037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTIONTask: {E919D2DF-279A-4CA0-AD7C-E76DB3C0D74A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)Task: {F2F66373-DB93-44EB-9893-DF6720E2EA8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)Task: {FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\HPCeeScheduleFornele.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe==================== Loaded Modules (Whitelisted) ==============2015-08-01 11:10 - 2015-08-01 11:10 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll2015-08-19 07:14 - 2015-08-11 09:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll2014-05-21 09:55 - 2012-03-28 12:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll2015-10-01 08:48 - 2015-09-17 05:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll2015-07-10 10:59 - 2015-07-10 10:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll2014-01-10 05:26 - 2014-01-10 05:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe2015-10-27 07:24 - 2015-10-27 07:24 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe2015-10-27 07:24 - 2015-10-27 07:24 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll2015-10-27 07:24 - 2015-10-27 07:24 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll2015-10-01 08:49 - 2015-09-17 05:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll2015-10-01 08:48 - 2015-09-17 05:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll2015-10-01 08:48 - 2015-09-17 05:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll2015-10-01 08:49 - 2015-09-17 05:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll2015-07-10 11:00 - 2015-07-10 16:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00083312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe2015-04-13 12:43 - 2015-04-13 12:43 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll2015-04-13 12:47 - 2015-04-13 12:47 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll2015-10-02 02:59 - 2015-10-12 23:33 - 00166416 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll2015-11-07 15:23 - 2015-11-07 15:23 - 00071168 _____ () c:\users\nele\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzdldnq.dll2014-01-10 05:28 - 2014-01-10 05:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll2013-05-28 05:43 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00170352 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ResourceMgt.dll2015-04-13 12:47 - 2015-04-13 12:47 - 00162152 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\CrashRpt.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00522616 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManagerLib.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00117104 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WebKitBrowser.dll2015-04-13 12:45 - 2015-04-13 12:45 - 21281120 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WebKit.dll2015-04-13 12:45 - 2015-04-13 12:45 - 03041648 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\JavaScriptCore.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00776544 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\CFLite.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00058728 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\pthreadVC2.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01349984 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\icuuc.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01046880 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\cairo.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00190816 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\libpng.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01153384 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\libxml2.dll2015-04-13 12:45 - 2015-04-13 12:45 - 21973352 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\icudt48.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00444776 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ProfileMgt.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00428416 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\DesktopClientLiteDll.dll2015-04-13 12:46 - 2015-04-13 12:46 - 04028808 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\DesktopClientCppLib_vc80.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00133480 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DeviceMgt.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00227680 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WPDEnc.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00211312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WifiDeviceMgt.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00203128 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\AndroidPlaylist.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00016240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\FilePlugin_Cnt.Dll2015-04-13 12:43 - 2015-04-13 12:43 - 00019304 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\GroupMgt.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00829800 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\Plugins\npplayer.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00239992 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\desktopclientlib.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)AlternateDataStreams: C:\ProgramData\Temp:56E2E879==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\N1Service => ""="service"==================== EXE Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nele\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\imgp8049.jpgDNS Servers: 192.168.1.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==(Currently there is no automatic fix for this section.)HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\StartupFolder: => "TornTvDownloader.lnk"HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "EADM"HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "TornTv Downloader"==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [{1025B925-2C9C-427E-86A8-132297731851}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{C1E632B1-A3CC-48FD-884E-800344E706ED}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exeFirewallRules: [{F80D3479-1678-4232-A973-39494BFF18AA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exeFirewallRules: [{52D5662F-33CE-44CA-923B-0996AFEF41E0}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [{E2048A47-C099-487A-B719-9A8929CA799E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exeFirewallRules: [{F0B475D2-8FD4-49D2-B59D-0DC9F66A23DE}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exeFirewallRules: [{81C14BFD-0198-4354-B7E5-1D0EF5AFA7D8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeFirewallRules: [{00527A23-494C-48F3-BEDA-9E14BF3557B8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeFirewallRules: [UDP Query User{57231475-DB0F-4254-AE4A-B7FEB59F260B}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exeFirewallRules: [TCP Query User{E056BE84-5783-41E3-9788-958D19C6E9F1}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exeFirewallRules: [{8FD4CF31-E083-4D04-9DC7-6E0B723BF52C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{82F42F84-D2F6-46D9-AB60-60F8B06328BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{4E7ACD19-1FE0-46A2-BB34-C409372F6276}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{EB3CECCB-6A56-4E43-81B8-25DD38B96015}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{39FAF2C5-369E-42C3-866A-8A92ECDAFBDA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{38B3D583-F8F1-4EA9-9163-A2C2DE9B408C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{0155C8CA-6EDE-4E39-BD94-D5F5D5F9A6CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exeFirewallRules: [{4657F890-6E28-4ABC-B979-3947B979ABB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{37D48367-0D10-48B3-BCCA-4A517DCBD17B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{B09E334C-CA3F-44AB-989C-CC15A0B29087}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exeFirewallRules: [{350E6958-F5B3-4219-A59F-0388A2A557F2}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exeFirewallRules: [{3EDD2F47-0C6A-4D4C-8E59-2C443BEC0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXEFirewallRules: [{71DEA4C3-2E45-4C4C-B579-6C6A0D5D31FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXEFirewallRules: [{33501526-9B4D-4ECA-85EC-9B267C10B160}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{9B2EDD26-3122-42D6-9CDA-308B8D37375F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{7E589AD1-B993-4737-92A3-F02A1FC25994}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{C6D5D70B-777E-4566-B2E4-6719579EDDE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{3962F2D1-9922-404C-979D-61B218F40BDA}] => (Allow) C:\Users\nele\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeFirewallRules: [TCP Query User{74FAACFD-024B-4544-864E-A6794BA0F79F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [UDP Query User{FDE116CE-3540-453E-948A-A89960CBB42C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{06AA2F2F-4926-4C8A-9BB2-256FAD09E23D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{BE5F66D4-8E4F-4F46-B145-916D0E4338E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{A88648A1-777C-4AA2-9B7A-1773DA4D428D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{0C9782B7-1886-42B7-8127-32BDC0CA275E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [TCP Query User{780C7D31-0E07-4514-98C5-D1B7D841A65B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [UDP Query User{7A2F8D87-B08E-46DC-8CAB-FDE2C041E641}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{9D199768-5E07-459B-A391-0F47664151ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{F10FE5CE-DB14-4515-9872-C5412EE19B51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{B0731064-424E-48C1-AF45-88ADE2D3B16F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeFirewallRules: [{9C267989-BAFE-4F06-8B7C-BB139468B55B}] => (Allow) LPort=2869FirewallRules: [{EF52EE58-C211-4D55-82DA-53566D044D6D}] => (Allow) LPort=1900FirewallRules: [{431A513B-B9D6-4D5D-AF1C-AA3E48C00EA7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeFirewallRules: [{0BAC3109-561B-4CE2-B066-30424B91C084}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exeFirewallRules: [{6F593D47-8EBD-42DF-B104-0B18C9B0940F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exeFirewallRules: [{556BC192-839D-48C4-9293-4B156F47104A}] => (Allow) C:\Users\nele\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exeFirewallRules: [{0489726D-FD2E-4D98-83FD-FC093031D8F8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exeFirewallRules: [{7A14CA27-E1BF-4183-BC84-FD62E9E69CB7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{47AC1EFE-3AE7-49E5-A263-911720947574}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{2C1FEB40-5265-4BE2-97D8-91F8EA1A2A5D}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [{4DEBA70B-87AD-44CC-BA1F-5FA4F3F99D65}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [TCP Query User{B1922B95-17F2-46B6-88A9-A71588C2E8A5}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [UDP Query User{40E97BEC-BEA7-419B-B933-C7AD70E7A5EB}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [{922C626C-9F00-40DD-AFE0-F86039AB9A02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{9C5DAF29-896A-41CB-9E8F-22CFD309D847}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{5723E951-8684-4D25-B696-EB238EDA82E8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [TCP Query User{9184DB6C-1828-4307-8E42-1015CB06EAA2}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exeFirewallRules: [UDP Query User{95C59811-07CA-4EB9-90B5-5CB65C16452A}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exeFirewallRules: [TCP Query User{4324F66E-61F2-42D8-B7D7-6AA3192FCE0B}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exeFirewallRules: [UDP Query User{6CE6CF79-0B86-4FE0-93F3-09603C556D7E}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exeFirewallRules: [{B9F105CA-0F51-4C6E-B13C-E673D4BFB632}] => (Allow) C:\WINDOWS\explorer.exeFirewallRules: [{FEDCDE37-1637-46E1-AF73-85E16D3AC5AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe==================== Faulty Device Manager Devices =============Name: Unknown USB Device (Device Descriptor Request Failed)Description: Unknown USB Device (Device Descriptor Request Failed)Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: =========================Application errors:==================Error: (11/09/2015 09:23:55 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cbFaulting module name: MosHostCore.dll, version: 10.0.10240.16384, time stamp: 0x559f3908Exception code: 0xc0000005Fault offset: 0x00000000000096f2Faulting process ID: 0x53d8Faulting application start time: 0xsvchost.exe_MapsBroker0Faulting application path: svchost.exe_MapsBroker1Faulting module path: svchost.exe_MapsBroker2Report ID: svchost.exe_MapsBroker3Faulting package full name: svchost.exe_MapsBroker4Faulting package-relative application ID: svchost.exe_MapsBroker5Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:10 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:10 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:00 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:00 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:21:49 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.System errors:=============Error: (11/09/2015 09:23:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 2 time(s).Error: (11/08/2015 01:08:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 1 time(s).Error: (11/07/2015 03:25:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}Error: (11/07/2015 03:23:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableCodeIntegrity:=================================== Date: 2015-11-09 10:29:12.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\N1Service64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 10:29:12.734 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\N1Service64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-07 06:44:47.121 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-07 06:44:46.693 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-07 06:44:46.464 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-06 16:21:37.063 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-06 16:21:37.035 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-06 16:21:36.749 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-06 16:21:36.550 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-05 21:25:34.176 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHzPercentage of memory in use: 51%Total physical RAM: 8084.27 MBAvailable physical RAM: 3910.76 MBTotal Virtual: 11156.27 MBAvailable Virtual: 5828.73 MB==================== Drives ================================Drive c: () (Fixed) (Total:907.27 GB) (Free:611.1 GB) NTFS ==>[system with boot components (obtained from drive)]Drive d: (RECOVERY) (Fixed) (Total:21.86 GB) (Free:2.63 GB) NTFS ==>[system with boot components (obtained from drive)]==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 931.5 GB) (Disk ID: F5E1212F)Partition: GPT.==================== End of Addition.txt ============================​
  7. nele86
    sorry, here is the addition.txt Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015Ran by nele (2015-11-09 10:30:36)Running from C:\Users\nele\DownloadsWindows 10 Home (X64) (2015-08-01 11:07:41)Boot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-2444418471-309531542-3407867716-500 - Administrator - Disabled)DefaultAccount (S-1-5-21-2444418471-309531542-3407867716-503 - Limited - Disabled)Guest (S-1-5-21-2444418471-309531542-3407867716-501 - Limited - Disabled) => C:\Users\GuestHomeGroupUser$ (S-1-5-21-2444418471-309531542-3407867716-1007 - Limited - Enabled)nele (S-1-5-21-2444418471-309531542-3407867716-1001 - Administrator - Enabled) => C:\Users\nele==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version: - )Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)BitTorrent (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.)Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)Canon MX450 series On-screen Manual (HKLM-x32\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)Canon MX450 series User Registration (HKLM-x32\...\Canon MX450 series User Registration) (Version: - ‭Canon Inc.)Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)ChromecastApp (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)Cloud Spot version 1.1.0 (HKLM-x32\...\{26119DD5-31D4-4660-B943-A03C06A2F5A9}}_is1) (Version: 1.1.0 - One Cloud LLC)Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)Dropbox (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version: - Sports Interactive)Google Photos Backup (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.)Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) HiddenHP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenLagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version: - )Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenMSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)PASS (HKLM-x32\...\com.showitfast.pass.desktop.PASS) (Version: 3.1.651 - Showitfast, Inc)PASS (x32 Version: 3.1.651 - Showitfast, Inc) HiddenPDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)Picasa Uploader (HKLM-x32\...\com.webkinesis.PicasaUploaderDesktop) (Version: 0.7 - UNKNOWN)Picasa Uploader (x32 Version: 0.7 - UNKNOWN) HiddenRalink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)Rapport (x32 Version: 3.5.1507.83 - Trusteer) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)Skypeâ„¢ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.83 - Trusteer)Unity Web Player (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) HiddenVisual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VS10Runtimex64 (Version: 1.0.0 - sourcefire) HiddenWindows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)==================== Restore Points =========================26-10-2015 11:36:23 Installed Rapport31-10-2015 02:00:39 Windows Update07-11-2015 17:25:07 Scheduled Checkpoint==================== Hosts content: ===============================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {063048D0-DEA2-423B-941B-FAD4767E99EB} - \SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 -> No File <==== ATTENTIONTask: {082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71} - \Adobe Flash Player Updater -> No File <==== ATTENTIONTask: {0D4F3C7A-39C4-4104-8425-785826EB9B10} - \PhraseProfessor Auto Updater 1.10.0.22 Core -> No File <==== ATTENTIONTask: {18EC5D67-59D5-423D-800F-858D030CC291} - \PhraseProfessor Auto Updater 1.10.0.22 Pending Update -> No File <==== ATTENTIONTask: {1DF97EDE-765C-430D-AFE5-C8FB693C54AE} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001 -> No File <==== ATTENTIONTask: {1E19BBB6-CE11-445E-BC43-90C954BBA030} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)Task: {23D61382-9314-478E-A3DD-F292E93BBCD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTIONTask: {26983DBF-7262-415C-8402-3B303D9BE7CE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)Task: {29EA6BD1-C841-494E-8B22-F64B77686168} - \Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500 -> No File <==== ATTENTIONTask: {40D27100-911A-4768-BAD3-2B5F2608C670} - \Launch HTC Sync Loader -> No File <==== ATTENTIONTask: {43BE01ED-7A43-4043-B861-58CEDB1BB47C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTIONTask: {497B1032-FCE3-4473-AB41-E5256517CE7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTIONTask: {4B3C40AF-74C0-4E22-B314-14748CC952CC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)Task: {5C8671F6-5D3B-4BEE-9370-8121A1AEA31B} - \{E9430C13-12E9-4EB9-AD7C-43AC41CB426C} -> No File <==== ATTENTIONTask: {5F305D81-2A6D-4A17-82B9-2482C266AA75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {617C8530-3AD1-4373-B9D6-50F3D26D1513} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)Task: {68DCE6E6-F422-4A4D-9B9F-B3398C22C59D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTIONTask: {70DE8B54-CA5B-4548-8AEA-FD9F2D8D9CB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)Task: {70E68620-137B-459A-8E0E-2B7731453777} - \ShopperProJSUpd -> No File <==== ATTENTIONTask: {76E33B9D-25C1-4442-8A03-7A1F78C2EB7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {813F116E-E4CD-4855-AC97-D9C6585B8062} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTIONTask: {81EBE69B-6972-4D45-B7D7-B9E49312E330} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTIONTask: {8B3B6F6C-744E-4532-81DC-CF2B71F87736} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTIONTask: {8ED855BD-0E40-4F21-92AE-0F5CA1AD83A6} - System32\Tasks\HPCeeScheduleFornele => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)Task: {92E36439-4325-4FD1-8CB7-54223596BB20} - \{A3503584-2DFA-4F0D-909D-B4F49C590301} -> No File <==== ATTENTIONTask: {9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTIONTask: {A0DB3846-1223-4110-BAA3-430882F22E38} - \AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com -> No File <==== ATTENTIONTask: {A3EF42AE-CEEA-488E-87C1-084569DA76F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTIONTask: {ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTIONTask: {B2495DE5-6A55-4491-9933-6924E8639A36} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)Task: {DB8F6DD3-331E-402D-BF1E-B3A48E03037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTIONTask: {E919D2DF-279A-4CA0-AD7C-E76DB3C0D74A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)Task: {F2F66373-DB93-44EB-9893-DF6720E2EA8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)Task: {FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\HPCeeScheduleFornele.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe==================== Loaded Modules (Whitelisted) ==============2015-08-01 11:10 - 2015-08-01 11:10 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll2015-08-19 07:14 - 2015-08-11 09:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll2014-05-21 09:55 - 2012-03-28 12:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll2015-10-01 08:48 - 2015-09-17 05:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll2015-07-10 10:59 - 2015-07-10 10:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll2014-01-10 05:26 - 2014-01-10 05:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe2015-10-27 07:24 - 2015-10-27 07:24 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe2015-10-27 07:24 - 2015-10-27 07:24 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll2015-10-27 07:24 - 2015-10-27 07:24 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll2015-10-01 08:49 - 2015-09-17 05:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll2015-10-01 08:48 - 2015-09-17 05:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll2015-10-01 08:48 - 2015-09-17 05:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll2015-10-01 08:49 - 2015-09-17 05:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll2015-07-10 11:00 - 2015-07-10 16:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00083312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe2015-04-13 12:43 - 2015-04-13 12:43 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll2015-04-13 12:47 - 2015-04-13 12:47 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll2015-10-02 02:59 - 2015-10-12 23:33 - 00166416 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll2015-11-07 15:23 - 2015-11-07 15:23 - 00071168 _____ () c:\users\nele\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzdldnq.dll2014-01-10 05:28 - 2014-01-10 05:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll2013-05-28 05:43 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00170352 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ResourceMgt.dll2015-04-13 12:47 - 2015-04-13 12:47 - 00162152 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\CrashRpt.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00522616 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManagerLib.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00117104 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WebKitBrowser.dll2015-04-13 12:45 - 2015-04-13 12:45 - 21281120 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WebKit.dll2015-04-13 12:45 - 2015-04-13 12:45 - 03041648 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\JavaScriptCore.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00776544 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\CFLite.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00058728 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\pthreadVC2.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01349984 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\icuuc.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01046880 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\cairo.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00190816 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\libpng.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01153384 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\libxml2.dll2015-04-13 12:45 - 2015-04-13 12:45 - 21973352 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\icudt48.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00444776 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ProfileMgt.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00428416 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\DesktopClientLiteDll.dll2015-04-13 12:46 - 2015-04-13 12:46 - 04028808 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\DesktopClientCppLib_vc80.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00133480 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DeviceMgt.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00227680 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WPDEnc.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00211312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WifiDeviceMgt.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00203128 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\AndroidPlaylist.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00016240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\FilePlugin_Cnt.Dll2015-04-13 12:43 - 2015-04-13 12:43 - 00019304 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\GroupMgt.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00829800 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\Plugins\npplayer.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00239992 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\desktopclientlib.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)AlternateDataStreams: C:\ProgramData\Temp:56E2E879==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\N1Service => ""="service"==================== EXE Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nele\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\imgp8049.jpgDNS Servers: 192.168.1.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==(Currently there is no automatic fix for this section.)HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\StartupFolder: => "TornTvDownloader.lnk"HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "EADM"HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "TornTv Downloader"==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [{1025B925-2C9C-427E-86A8-132297731851}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{C1E632B1-A3CC-48FD-884E-800344E706ED}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exeFirewallRules: [{F80D3479-1678-4232-A973-39494BFF18AA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exeFirewallRules: [{52D5662F-33CE-44CA-923B-0996AFEF41E0}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [{E2048A47-C099-487A-B719-9A8929CA799E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exeFirewallRules: [{F0B475D2-8FD4-49D2-B59D-0DC9F66A23DE}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exeFirewallRules: [{81C14BFD-0198-4354-B7E5-1D0EF5AFA7D8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeFirewallRules: [{00527A23-494C-48F3-BEDA-9E14BF3557B8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeFirewallRules: [UDP Query User{57231475-DB0F-4254-AE4A-B7FEB59F260B}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exeFirewallRules: [TCP Query User{E056BE84-5783-41E3-9788-958D19C6E9F1}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exeFirewallRules: [{8FD4CF31-E083-4D04-9DC7-6E0B723BF52C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{82F42F84-D2F6-46D9-AB60-60F8B06328BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{4E7ACD19-1FE0-46A2-BB34-C409372F6276}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{EB3CECCB-6A56-4E43-81B8-25DD38B96015}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{39FAF2C5-369E-42C3-866A-8A92ECDAFBDA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{38B3D583-F8F1-4EA9-9163-A2C2DE9B408C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{0155C8CA-6EDE-4E39-BD94-D5F5D5F9A6CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exeFirewallRules: [{4657F890-6E28-4ABC-B979-3947B979ABB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{37D48367-0D10-48B3-BCCA-4A517DCBD17B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{B09E334C-CA3F-44AB-989C-CC15A0B29087}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exeFirewallRules: [{350E6958-F5B3-4219-A59F-0388A2A557F2}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exeFirewallRules: [{3EDD2F47-0C6A-4D4C-8E59-2C443BEC0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXEFirewallRules: [{71DEA4C3-2E45-4C4C-B579-6C6A0D5D31FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXEFirewallRules: [{33501526-9B4D-4ECA-85EC-9B267C10B160}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{9B2EDD26-3122-42D6-9CDA-308B8D37375F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{7E589AD1-B993-4737-92A3-F02A1FC25994}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{C6D5D70B-777E-4566-B2E4-6719579EDDE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{3962F2D1-9922-404C-979D-61B218F40BDA}] => (Allow) C:\Users\nele\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeFirewallRules: [TCP Query User{74FAACFD-024B-4544-864E-A6794BA0F79F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [UDP Query User{FDE116CE-3540-453E-948A-A89960CBB42C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{06AA2F2F-4926-4C8A-9BB2-256FAD09E23D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{BE5F66D4-8E4F-4F46-B145-916D0E4338E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{A88648A1-777C-4AA2-9B7A-1773DA4D428D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{0C9782B7-1886-42B7-8127-32BDC0CA275E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [TCP Query User{780C7D31-0E07-4514-98C5-D1B7D841A65B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [UDP Query User{7A2F8D87-B08E-46DC-8CAB-FDE2C041E641}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{9D199768-5E07-459B-A391-0F47664151ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{F10FE5CE-DB14-4515-9872-C5412EE19B51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{B0731064-424E-48C1-AF45-88ADE2D3B16F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeFirewallRules: [{9C267989-BAFE-4F06-8B7C-BB139468B55B}] => (Allow) LPort=2869FirewallRules: [{EF52EE58-C211-4D55-82DA-53566D044D6D}] => (Allow) LPort=1900FirewallRules: [{431A513B-B9D6-4D5D-AF1C-AA3E48C00EA7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeFirewallRules: [{0BAC3109-561B-4CE2-B066-30424B91C084}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exeFirewallRules: [{6F593D47-8EBD-42DF-B104-0B18C9B0940F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exeFirewallRules: [{556BC192-839D-48C4-9293-4B156F47104A}] => (Allow) C:\Users\nele\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exeFirewallRules: [{0489726D-FD2E-4D98-83FD-FC093031D8F8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exeFirewallRules: [{7A14CA27-E1BF-4183-BC84-FD62E9E69CB7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{47AC1EFE-3AE7-49E5-A263-911720947574}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{2C1FEB40-5265-4BE2-97D8-91F8EA1A2A5D}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [{4DEBA70B-87AD-44CC-BA1F-5FA4F3F99D65}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [TCP Query User{B1922B95-17F2-46B6-88A9-A71588C2E8A5}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [UDP Query User{40E97BEC-BEA7-419B-B933-C7AD70E7A5EB}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [{922C626C-9F00-40DD-AFE0-F86039AB9A02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{9C5DAF29-896A-41CB-9E8F-22CFD309D847}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{5723E951-8684-4D25-B696-EB238EDA82E8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [TCP Query User{9184DB6C-1828-4307-8E42-1015CB06EAA2}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exeFirewallRules: [UDP Query User{95C59811-07CA-4EB9-90B5-5CB65C16452A}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exeFirewallRules: [TCP Query User{4324F66E-61F2-42D8-B7D7-6AA3192FCE0B}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exeFirewallRules: [UDP Query User{6CE6CF79-0B86-4FE0-93F3-09603C556D7E}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exeFirewallRules: [{B9F105CA-0F51-4C6E-B13C-E673D4BFB632}] => (Allow) C:\WINDOWS\explorer.exeFirewallRules: [{FEDCDE37-1637-46E1-AF73-85E16D3AC5AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe==================== Faulty Device Manager Devices =============Name: Unknown USB Device (Device Descriptor Request Failed)Description: Unknown USB Device (Device Descriptor Request Failed)Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: =========================Application errors:==================Error: (11/09/2015 09:23:55 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cbFaulting module name: MosHostCore.dll, version: 10.0.10240.16384, time stamp: 0x559f3908Exception code: 0xc0000005Fault offset: 0x00000000000096f2Faulting process ID: 0x53d8Faulting application start time: 0xsvchost.exe_MapsBroker0Faulting application path: svchost.exe_MapsBroker1Faulting module path: svchost.exe_MapsBroker2Report ID: svchost.exe_MapsBroker3Faulting package full name: svchost.exe_MapsBroker4Faulting package-relative application ID: svchost.exe_MapsBroker5Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:10 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:10 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:00 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:00 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:21:49 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.System errors:=============Error: (11/09/2015 09:23:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 2 time(s).Error: (11/08/2015 01:08:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 1 time(s).Error: (11/07/2015 03:25:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}Error: (11/07/2015 03:23:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableCodeIntegrity:=================================== Date: 2015-11-09 10:29:12.787 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\N1Service64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-09 10:29:12.734 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\N1Service64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-07 06:44:47.121 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-07 06:44:46.693 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-07 06:44:46.464 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-06 16:21:37.063 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-06 16:21:37.035 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-06 16:21:36.749 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-06 16:21:36.550 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-11-05 21:25:34.176 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHzPercentage of memory in use: 51%Total physical RAM: 8084.27 MBAvailable physical RAM: 3910.76 MBTotal Virtual: 11156.27 MBAvailable Virtual: 5828.73 MB==================== Drives ================================Drive c: () (Fixed) (Total:907.27 GB) (Free:611.1 GB) NTFS ==>[system with boot components (obtained from drive)]Drive d: (RECOVERY) (Fixed) (Total:21.86 GB) (Free:2.63 GB) NTFS ==>[system with boot components (obtained from drive)]==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 931.5 GB) (Disk ID: F5E1212F)Partition: GPT.==================== End of Addition.txt ============================​
  8. nele86
    Thank you!! I have attatched the file​s! Nele​ Addition.txt FRST.txt
  9. nele86
    Hi, can someone please help?! I used malwarebytes and deleted some threats out of my laptop and now I can not use the internet with mozilla or google chrome... there are also some other programs that are having trouble connecting... I can use ​the microsoft edge though I am freaking out because I use this lap top for work and can't get things done without it ​ thanks, nele ​
  10. nele86
    Hi, can someone please help?! I used malwarebytes and deleted some threats out of my laptop and now I can not use the internet with mozilla or google chrome... there are also some other programs that are having trouble connecting... I can use ​the microsoft edge though I am freaking out because I use this lap top for work and can't get things done without it ​ thanks, nele
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.