Jump to content

After using malwarebytes I can't get most programs to connect to the internet


nele86

Recommended Posts

Hi,

 

can someone please help?! I used malwarebytes and deleted some threats out of my laptop and now I can not use the internet with mozilla or google chrome... there are also some other programs that are having trouble connecting...
I can use ​the microsoft edge though

I am freaking out because I use this lap top for work and can't get things done without it :(

thanks,
nele

Link to post
Share on other sites

Hi & :welcome:

My name is Jürgen and I will be assisting you with your Malware related problems. medieval.gif

Before we move on, please read the following points carefully. :excl:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
P2P/Piracy Warning:
  • If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.
  • Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png

Please download Farbar Recovery Scan Tool and save it to your Desktop.

(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)

  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.
Link to post
Share on other sites

sorry, here is the addition.txt 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015Ran by nele (2015-11-09 10:30:36)Running from C:\Users\nele\DownloadsWindows 10 Home (X64) (2015-08-01 11:07:41)Boot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-2444418471-309531542-3407867716-500 - Administrator - Disabled)DefaultAccount (S-1-5-21-2444418471-309531542-3407867716-503 - Limited - Disabled)Guest (S-1-5-21-2444418471-309531542-3407867716-501 - Limited - Disabled) => C:\Users\GuestHomeGroupUser$ (S-1-5-21-2444418471-309531542-3407867716-1007 - Limited - Enabled)nele (S-1-5-21-2444418471-309531542-3407867716-1001 - Administrator - Enabled) => C:\Users\nele==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)BitTorrent (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)Canon MX450 series On-screen Manual (HKLM-x32\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)Canon MX450 series User Registration (HKLM-x32\...\Canon MX450 series User Registration) (Version:  - ‭Canon Inc.)Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)ChromecastApp (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)Cloud Spot version 1.1.0 (HKLM-x32\...\{26119DD5-31D4-4660-B943-A03C06A2F5A9}}_is1) (Version: 1.1.0 - One Cloud LLC)Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)Dropbox (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)Google Photos Backup (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.)Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) HiddenHP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenLagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version:  - )Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenMSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)PASS (HKLM-x32\...\com.showitfast.pass.desktop.PASS) (Version: 3.1.651 - Showitfast, Inc)PASS (x32 Version: 3.1.651 - Showitfast, Inc) HiddenPDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)Picasa Uploader (HKLM-x32\...\com.webkinesis.PicasaUploaderDesktop) (Version: 0.7 - UNKNOWN)Picasa Uploader (x32 Version: 0.7 - UNKNOWN) HiddenRalink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)Rapport (x32 Version: 3.5.1507.83 - Trusteer) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.83 - Trusteer)Unity Web Player (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) HiddenVisual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VS10Runtimex64 (Version: 1.0.0 - sourcefire) HiddenWindows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)==================== Restore Points =========================26-10-2015 11:36:23 Installed Rapport31-10-2015 02:00:39 Windows Update07-11-2015 17:25:07 Scheduled Checkpoint==================== Hosts content: ===============================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {063048D0-DEA2-423B-941B-FAD4767E99EB} - \SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 -> No File <==== ATTENTIONTask: {082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71} - \Adobe Flash Player Updater -> No File <==== ATTENTIONTask: {0D4F3C7A-39C4-4104-8425-785826EB9B10} - \PhraseProfessor Auto Updater 1.10.0.22 Core -> No File <==== ATTENTIONTask: {18EC5D67-59D5-423D-800F-858D030CC291} - \PhraseProfessor Auto Updater 1.10.0.22 Pending Update -> No File <==== ATTENTIONTask: {1DF97EDE-765C-430D-AFE5-C8FB693C54AE} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001 -> No File <==== ATTENTIONTask: {1E19BBB6-CE11-445E-BC43-90C954BBA030} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)Task: {23D61382-9314-478E-A3DD-F292E93BBCD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTIONTask: {26983DBF-7262-415C-8402-3B303D9BE7CE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)Task: {29EA6BD1-C841-494E-8B22-F64B77686168} - \Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500 -> No File <==== ATTENTIONTask: {40D27100-911A-4768-BAD3-2B5F2608C670} - \Launch HTC Sync Loader -> No File <==== ATTENTIONTask: {43BE01ED-7A43-4043-B861-58CEDB1BB47C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTIONTask: {497B1032-FCE3-4473-AB41-E5256517CE7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTIONTask: {4B3C40AF-74C0-4E22-B314-14748CC952CC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)Task: {5C8671F6-5D3B-4BEE-9370-8121A1AEA31B} - \{E9430C13-12E9-4EB9-AD7C-43AC41CB426C} -> No File <==== ATTENTIONTask: {5F305D81-2A6D-4A17-82B9-2482C266AA75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {617C8530-3AD1-4373-B9D6-50F3D26D1513} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)Task: {68DCE6E6-F422-4A4D-9B9F-B3398C22C59D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTIONTask: {70DE8B54-CA5B-4548-8AEA-FD9F2D8D9CB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)Task: {70E68620-137B-459A-8E0E-2B7731453777} - \ShopperProJSUpd -> No File <==== ATTENTIONTask: {76E33B9D-25C1-4442-8A03-7A1F78C2EB7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {813F116E-E4CD-4855-AC97-D9C6585B8062} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTIONTask: {81EBE69B-6972-4D45-B7D7-B9E49312E330} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTIONTask: {8B3B6F6C-744E-4532-81DC-CF2B71F87736} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTIONTask: {8ED855BD-0E40-4F21-92AE-0F5CA1AD83A6} - System32\Tasks\HPCeeScheduleFornele => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)Task: {92E36439-4325-4FD1-8CB7-54223596BB20} - \{A3503584-2DFA-4F0D-909D-B4F49C590301} -> No File <==== ATTENTIONTask: {9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTIONTask: {A0DB3846-1223-4110-BAA3-430882F22E38} - \AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com -> No File <==== ATTENTIONTask: {A3EF42AE-CEEA-488E-87C1-084569DA76F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTIONTask: {ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTIONTask: {B2495DE5-6A55-4491-9933-6924E8639A36} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)Task: {DB8F6DD3-331E-402D-BF1E-B3A48E03037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTIONTask: {E919D2DF-279A-4CA0-AD7C-E76DB3C0D74A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)Task: {F2F66373-DB93-44EB-9893-DF6720E2EA8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)Task: {FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\HPCeeScheduleFornele.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe==================== Loaded Modules (Whitelisted) ==============2015-08-01 11:10 - 2015-08-01 11:10 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll2015-08-19 07:14 - 2015-08-11 09:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll2014-05-21 09:55 - 2012-03-28 12:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll2015-10-01 08:48 - 2015-09-17 05:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll2015-07-10 10:59 - 2015-07-10 10:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll2014-01-10 05:26 - 2014-01-10 05:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe2015-10-27 07:24 - 2015-10-27 07:24 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe2015-10-27 07:24 - 2015-10-27 07:24 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll2015-10-27 07:24 - 2015-10-27 07:24 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll2015-10-01 08:49 - 2015-09-17 05:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll2015-10-01 08:48 - 2015-09-17 05:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll2015-10-01 08:48 - 2015-09-17 05:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll2015-10-01 08:49 - 2015-09-17 05:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll2015-07-10 11:00 - 2015-07-10 16:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00083312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe2015-04-13 12:43 - 2015-04-13 12:43 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll2015-04-13 12:47 - 2015-04-13 12:47 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll2015-10-02 02:59 - 2015-10-12 23:33 - 00166416 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll2015-11-07 15:23 - 2015-11-07 15:23 - 00071168 _____ () c:\users\nele\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzdldnq.dll2014-01-10 05:28 - 2014-01-10 05:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll2013-05-28 05:43 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00170352 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ResourceMgt.dll2015-04-13 12:47 - 2015-04-13 12:47 - 00162152 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\CrashRpt.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00522616 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManagerLib.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00117104 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WebKitBrowser.dll2015-04-13 12:45 - 2015-04-13 12:45 - 21281120 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WebKit.dll2015-04-13 12:45 - 2015-04-13 12:45 - 03041648 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\JavaScriptCore.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00776544 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\CFLite.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00058728 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\pthreadVC2.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01349984 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\icuuc.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01046880 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\cairo.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00190816 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\libpng.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01153384 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\libxml2.dll2015-04-13 12:45 - 2015-04-13 12:45 - 21973352 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\icudt48.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00444776 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ProfileMgt.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00428416 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\DesktopClientLiteDll.dll2015-04-13 12:46 - 2015-04-13 12:46 - 04028808 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\DesktopClientCppLib_vc80.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00133480 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DeviceMgt.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00227680 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WPDEnc.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00211312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WifiDeviceMgt.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00203128 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\AndroidPlaylist.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00016240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\FilePlugin_Cnt.Dll2015-04-13 12:43 - 2015-04-13 12:43 - 00019304 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\GroupMgt.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00829800 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\Plugins\npplayer.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00239992 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\desktopclientlib.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)AlternateDataStreams: C:\ProgramData\Temp:56E2E879==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\N1Service => ""="service"==================== EXE Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nele\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\imgp8049.jpgDNS Servers: 192.168.1.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==(Currently there is no automatic fix for this section.)HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\StartupFolder: => "TornTvDownloader.lnk"HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "EADM"HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "TornTv Downloader"==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [{1025B925-2C9C-427E-86A8-132297731851}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{C1E632B1-A3CC-48FD-884E-800344E706ED}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exeFirewallRules: [{F80D3479-1678-4232-A973-39494BFF18AA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exeFirewallRules: [{52D5662F-33CE-44CA-923B-0996AFEF41E0}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [{E2048A47-C099-487A-B719-9A8929CA799E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exeFirewallRules: [{F0B475D2-8FD4-49D2-B59D-0DC9F66A23DE}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exeFirewallRules: [{81C14BFD-0198-4354-B7E5-1D0EF5AFA7D8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeFirewallRules: [{00527A23-494C-48F3-BEDA-9E14BF3557B8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeFirewallRules: [UDP Query User{57231475-DB0F-4254-AE4A-B7FEB59F260B}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exeFirewallRules: [TCP Query User{E056BE84-5783-41E3-9788-958D19C6E9F1}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exeFirewallRules: [{8FD4CF31-E083-4D04-9DC7-6E0B723BF52C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{82F42F84-D2F6-46D9-AB60-60F8B06328BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{4E7ACD19-1FE0-46A2-BB34-C409372F6276}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{EB3CECCB-6A56-4E43-81B8-25DD38B96015}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{39FAF2C5-369E-42C3-866A-8A92ECDAFBDA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{38B3D583-F8F1-4EA9-9163-A2C2DE9B408C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{0155C8CA-6EDE-4E39-BD94-D5F5D5F9A6CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exeFirewallRules: [{4657F890-6E28-4ABC-B979-3947B979ABB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{37D48367-0D10-48B3-BCCA-4A517DCBD17B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{B09E334C-CA3F-44AB-989C-CC15A0B29087}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exeFirewallRules: [{350E6958-F5B3-4219-A59F-0388A2A557F2}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exeFirewallRules: [{3EDD2F47-0C6A-4D4C-8E59-2C443BEC0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXEFirewallRules: [{71DEA4C3-2E45-4C4C-B579-6C6A0D5D31FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXEFirewallRules: [{33501526-9B4D-4ECA-85EC-9B267C10B160}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{9B2EDD26-3122-42D6-9CDA-308B8D37375F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{7E589AD1-B993-4737-92A3-F02A1FC25994}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{C6D5D70B-777E-4566-B2E4-6719579EDDE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{3962F2D1-9922-404C-979D-61B218F40BDA}] => (Allow) C:\Users\nele\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeFirewallRules: [TCP Query User{74FAACFD-024B-4544-864E-A6794BA0F79F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [UDP Query User{FDE116CE-3540-453E-948A-A89960CBB42C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{06AA2F2F-4926-4C8A-9BB2-256FAD09E23D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{BE5F66D4-8E4F-4F46-B145-916D0E4338E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{A88648A1-777C-4AA2-9B7A-1773DA4D428D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{0C9782B7-1886-42B7-8127-32BDC0CA275E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [TCP Query User{780C7D31-0E07-4514-98C5-D1B7D841A65B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [UDP Query User{7A2F8D87-B08E-46DC-8CAB-FDE2C041E641}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{9D199768-5E07-459B-A391-0F47664151ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{F10FE5CE-DB14-4515-9872-C5412EE19B51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{B0731064-424E-48C1-AF45-88ADE2D3B16F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeFirewallRules: [{9C267989-BAFE-4F06-8B7C-BB139468B55B}] => (Allow) LPort=2869FirewallRules: [{EF52EE58-C211-4D55-82DA-53566D044D6D}] => (Allow) LPort=1900FirewallRules: [{431A513B-B9D6-4D5D-AF1C-AA3E48C00EA7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeFirewallRules: [{0BAC3109-561B-4CE2-B066-30424B91C084}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exeFirewallRules: [{6F593D47-8EBD-42DF-B104-0B18C9B0940F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exeFirewallRules: [{556BC192-839D-48C4-9293-4B156F47104A}] => (Allow) C:\Users\nele\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exeFirewallRules: [{0489726D-FD2E-4D98-83FD-FC093031D8F8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exeFirewallRules: [{7A14CA27-E1BF-4183-BC84-FD62E9E69CB7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{47AC1EFE-3AE7-49E5-A263-911720947574}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{2C1FEB40-5265-4BE2-97D8-91F8EA1A2A5D}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [{4DEBA70B-87AD-44CC-BA1F-5FA4F3F99D65}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [TCP Query User{B1922B95-17F2-46B6-88A9-A71588C2E8A5}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [UDP Query User{40E97BEC-BEA7-419B-B933-C7AD70E7A5EB}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [{922C626C-9F00-40DD-AFE0-F86039AB9A02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{9C5DAF29-896A-41CB-9E8F-22CFD309D847}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{5723E951-8684-4D25-B696-EB238EDA82E8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [TCP Query User{9184DB6C-1828-4307-8E42-1015CB06EAA2}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exeFirewallRules: [UDP Query User{95C59811-07CA-4EB9-90B5-5CB65C16452A}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exeFirewallRules: [TCP Query User{4324F66E-61F2-42D8-B7D7-6AA3192FCE0B}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exeFirewallRules: [UDP Query User{6CE6CF79-0B86-4FE0-93F3-09603C556D7E}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exeFirewallRules: [{B9F105CA-0F51-4C6E-B13C-E673D4BFB632}] => (Allow) C:\WINDOWS\explorer.exeFirewallRules: [{FEDCDE37-1637-46E1-AF73-85E16D3AC5AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe==================== Faulty Device Manager Devices =============Name: Unknown USB Device (Device Descriptor Request Failed)Description: Unknown USB Device (Device Descriptor Request Failed)Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: =========================Application errors:==================Error: (11/09/2015 09:23:55 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cbFaulting module name: MosHostCore.dll, version: 10.0.10240.16384, time stamp: 0x559f3908Exception code: 0xc0000005Fault offset: 0x00000000000096f2Faulting process ID: 0x53d8Faulting application start time: 0xsvchost.exe_MapsBroker0Faulting application path: svchost.exe_MapsBroker1Faulting module path: svchost.exe_MapsBroker2Report ID: svchost.exe_MapsBroker3Faulting package full name: svchost.exe_MapsBroker4Faulting package-relative application ID: svchost.exe_MapsBroker5Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:10 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:10 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:00 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:00 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:21:49 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.System errors:=============Error: (11/09/2015 09:23:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 2 time(s).Error: (11/08/2015 01:08:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 1 time(s).Error: (11/07/2015 03:25:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}Error: (11/07/2015 03:23:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableCodeIntegrity:===================================  Date: 2015-11-09 10:29:12.787  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\N1Service64.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-09 10:29:12.734  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\N1Service64.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-07 06:44:47.121  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-07 06:44:46.693  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-07 06:44:46.464  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-06 16:21:37.063  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-06 16:21:37.035  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-06 16:21:36.749  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-06 16:21:36.550  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-05 21:25:34.176  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHzPercentage of memory in use: 51%Total physical RAM: 8084.27 MBAvailable physical RAM: 3910.76 MBTotal Virtual: 11156.27 MBAvailable Virtual: 5828.73 MB==================== Drives ================================Drive c: () (Fixed) (Total:907.27 GB) (Free:611.1 GB) NTFS ==>[system with boot components (obtained from drive)]Drive d: (RECOVERY) (Fixed) (Total:21.86 GB) (Free:2.63 GB) NTFS ==>[system with boot components (obtained from drive)]==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 931.5 GB) (Disk ID: F5E1212F)Partition: GPT.==================== End of Addition.txt ============================

Link to post
Share on other sites

and here is the FRST​

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015Ran by nele (2015-11-09 10:30:36)Running from C:\Users\nele\DownloadsWindows 10 Home (X64) (2015-08-01 11:07:41)Boot Mode: Normal============================================================================== Accounts: =============================Administrator (S-1-5-21-2444418471-309531542-3407867716-500 - Administrator - Disabled)DefaultAccount (S-1-5-21-2444418471-309531542-3407867716-503 - Limited - Disabled)Guest (S-1-5-21-2444418471-309531542-3407867716-501 - Limited - Disabled) => C:\Users\GuestHomeGroupUser$ (S-1-5-21-2444418471-309531542-3407867716-1007 - Limited - Enabled)nele (S-1-5-21-2444418471-309531542-3407867716-1001 - Administrator - Enabled) => C:\Users\nele==================== Security Center ========================(If an entry is included in the fixlist, it will be removed.)AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}==================== Installed Programs ======================(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems)Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)BitTorrent (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)Canon MX450 series On-screen Manual (HKLM-x32\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)Canon MX450 series User Registration (HKLM-x32\...\Canon MX450 series User Registration) (Version:  - ‭Canon Inc.)Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)ChromecastApp (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)Cloud Spot version 1.1.0 (HKLM-x32\...\{26119DD5-31D4-4660-B943-A03C06A2F5A9}}_is1) (Version: 1.1.0 - One Cloud LLC)Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) HiddenDivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)Dropbox (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)Google Photos Backup (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.)Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) HiddenHP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenLagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version:  - )Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) HiddenMSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)PASS (HKLM-x32\...\com.showitfast.pass.desktop.PASS) (Version: 3.1.651 - Showitfast, Inc)PASS (x32 Version: 3.1.651 - Showitfast, Inc) HiddenPDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) HiddenPicasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)Picasa Uploader (HKLM-x32\...\com.webkinesis.PicasaUploaderDesktop) (Version: 0.7 - UNKNOWN)Picasa Uploader (x32 Version: 0.7 - UNKNOWN) HiddenRalink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)Rapport (x32 Version: 3.5.1507.83 - Trusteer) HiddenRealtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) HiddenSynaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.83 - Trusteer)Unity Web Player (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) HiddenVisual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)VS10Runtimex64 (Version: 1.0.0 - sourcefire) HiddenWindows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)==================== Custom CLSID (Whitelisted): ==========================(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No FileCustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)==================== Restore Points =========================26-10-2015 11:36:23 Installed Rapport31-10-2015 02:00:39 Windows Update07-11-2015 17:25:07 Scheduled Checkpoint==================== Hosts content: ===============================(If needed Hosts: directive could be included in the fixlist to reset Hosts.)2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts==================== Scheduled Tasks (Whitelisted) =============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)Task: {063048D0-DEA2-423B-941B-FAD4767E99EB} - \SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 -> No File <==== ATTENTIONTask: {082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71} - \Adobe Flash Player Updater -> No File <==== ATTENTIONTask: {0D4F3C7A-39C4-4104-8425-785826EB9B10} - \PhraseProfessor Auto Updater 1.10.0.22 Core -> No File <==== ATTENTIONTask: {18EC5D67-59D5-423D-800F-858D030CC291} - \PhraseProfessor Auto Updater 1.10.0.22 Pending Update -> No File <==== ATTENTIONTask: {1DF97EDE-765C-430D-AFE5-C8FB693C54AE} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001 -> No File <==== ATTENTIONTask: {1E19BBB6-CE11-445E-BC43-90C954BBA030} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)Task: {23D61382-9314-478E-A3DD-F292E93BBCD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTIONTask: {26983DBF-7262-415C-8402-3B303D9BE7CE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)Task: {29EA6BD1-C841-494E-8B22-F64B77686168} - \Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500 -> No File <==== ATTENTIONTask: {40D27100-911A-4768-BAD3-2B5F2608C670} - \Launch HTC Sync Loader -> No File <==== ATTENTIONTask: {43BE01ED-7A43-4043-B861-58CEDB1BB47C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTIONTask: {497B1032-FCE3-4473-AB41-E5256517CE7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTIONTask: {4B3C40AF-74C0-4E22-B314-14748CC952CC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)Task: {5C8671F6-5D3B-4BEE-9370-8121A1AEA31B} - \{E9430C13-12E9-4EB9-AD7C-43AC41CB426C} -> No File <==== ATTENTIONTask: {5F305D81-2A6D-4A17-82B9-2482C266AA75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {617C8530-3AD1-4373-B9D6-50F3D26D1513} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)Task: {68DCE6E6-F422-4A4D-9B9F-B3398C22C59D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTIONTask: {70DE8B54-CA5B-4548-8AEA-FD9F2D8D9CB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)Task: {70E68620-137B-459A-8E0E-2B7731453777} - \ShopperProJSUpd -> No File <==== ATTENTIONTask: {76E33B9D-25C1-4442-8A03-7A1F78C2EB7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)Task: {813F116E-E4CD-4855-AC97-D9C6585B8062} - \Synaptics TouchPad Enhancements -> No File <==== ATTENTIONTask: {81EBE69B-6972-4D45-B7D7-B9E49312E330} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTIONTask: {8B3B6F6C-744E-4532-81DC-CF2B71F87736} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTIONTask: {8ED855BD-0E40-4F21-92AE-0F5CA1AD83A6} - System32\Tasks\HPCeeScheduleFornele => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)Task: {92E36439-4325-4FD1-8CB7-54223596BB20} - \{A3503584-2DFA-4F0D-909D-B4F49C590301} -> No File <==== ATTENTIONTask: {9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTIONTask: {A0DB3846-1223-4110-BAA3-430882F22E38} - \AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com -> No File <==== ATTENTIONTask: {A3EF42AE-CEEA-488E-87C1-084569DA76F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTIONTask: {ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTIONTask: {B2495DE5-6A55-4491-9933-6924E8639A36} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)Task: {DB8F6DD3-331E-402D-BF1E-B3A48E03037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)Task: {E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTIONTask: {E919D2DF-279A-4CA0-AD7C-E76DB3C0D74A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)Task: {F2F66373-DB93-44EB-9893-DF6720E2EA8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)Task: {FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\HPCeeScheduleFornele.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe==================== Loaded Modules (Whitelisted) ==============2015-08-01 11:10 - 2015-08-01 11:10 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll2015-08-19 07:14 - 2015-08-11 09:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll2014-05-21 09:55 - 2012-03-28 12:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll2015-10-01 08:48 - 2015-09-17 05:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll2015-07-10 10:59 - 2015-07-10 10:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll2014-01-10 05:26 - 2014-01-10 05:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe2015-10-27 07:24 - 2015-10-27 07:24 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe2015-10-27 07:24 - 2015-10-27 07:24 - 10958848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll2015-10-27 07:24 - 2015-10-27 07:24 - 00245760 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1026.13580.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll2015-10-01 08:49 - 2015-09-17 05:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll2015-10-01 08:48 - 2015-09-17 05:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll2015-10-01 08:48 - 2015-09-17 05:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll2015-10-01 08:49 - 2015-09-17 05:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll2015-07-10 11:00 - 2015-07-10 16:28 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00083312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe2015-04-13 12:43 - 2015-04-13 12:43 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll2015-04-13 12:47 - 2015-04-13 12:47 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll2015-10-02 02:59 - 2015-10-12 23:33 - 00166416 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll2015-11-07 15:23 - 2015-11-07 15:23 - 00071168 _____ () c:\users\nele\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzdldnq.dll2014-01-10 05:28 - 2014-01-10 05:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll2013-05-28 05:43 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00170352 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ResourceMgt.dll2015-04-13 12:47 - 2015-04-13 12:47 - 00162152 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\CrashRpt.dll2015-04-13 12:44 - 2015-04-13 12:44 - 00522616 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManagerLib.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00117104 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WebKitBrowser.dll2015-04-13 12:45 - 2015-04-13 12:45 - 21281120 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WebKit.dll2015-04-13 12:45 - 2015-04-13 12:45 - 03041648 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\JavaScriptCore.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00776544 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\CFLite.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00058728 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\pthreadVC2.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01349984 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\icuuc.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01046880 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\cairo.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00190816 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\libpng.dll2015-04-13 12:45 - 2015-04-13 12:45 - 01153384 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\libxml2.dll2015-04-13 12:45 - 2015-04-13 12:45 - 21973352 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\icudt48.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00444776 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ProfileMgt.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00428416 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\DesktopClientLiteDll.dll2015-04-13 12:46 - 2015-04-13 12:46 - 04028808 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\DesktopClientCppLib_vc80.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00133480 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DeviceMgt.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00227680 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WPDEnc.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00211312 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\WifiDeviceMgt.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00203128 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\AndroidPlaylist.dll2015-04-13 12:43 - 2015-04-13 12:43 - 00016240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\FilePlugin_Cnt.Dll2015-04-13 12:43 - 2015-04-13 12:43 - 00019304 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\GroupMgt.dll2015-04-13 12:45 - 2015-04-13 12:45 - 00829800 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\Plugins\npplayer.dll2015-04-13 12:46 - 2015-04-13 12:46 - 00239992 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DesktopClient\desktopclientlib.dll==================== Alternate Data Streams (Whitelisted) =========(If an entry is included in the fixlist, only the ADS will be removed.)AlternateDataStreams: C:\ProgramData\Temp:56E2E879==================== Safe Mode (Whitelisted) ===================(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\N1Service => ""="service"==================== EXE Association (Whitelisted) ===============(If an entry is included in the fixlist, the registry item will be restored to default or removed.)==================== Internet Explorer trusted/restricted ===============(If an entry is included in the fixlist, it will be removed from the registry.)==================== Other Areas ============================(Currently there is no automatic fix for this section.)HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nele\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\imgp8049.jpgDNS Servers: 192.168.1.1HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)Windows Firewall is enabled.==================== MSCONFIG/TASK MANAGER disabled items ==(Currently there is no automatic fix for this section.)HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\StartupFolder: => "TornTvDownloader.lnk"HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "EADM"HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "TornTv Downloader"==================== FirewallRules (Whitelisted) ===============(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139FirewallRules: [{1025B925-2C9C-427E-86A8-132297731851}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exeFirewallRules: [{C1E632B1-A3CC-48FD-884E-800344E706ED}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exeFirewallRules: [{F80D3479-1678-4232-A973-39494BFF18AA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exeFirewallRules: [{52D5662F-33CE-44CA-923B-0996AFEF41E0}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [{E2048A47-C099-487A-B719-9A8929CA799E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exeFirewallRules: [{F0B475D2-8FD4-49D2-B59D-0DC9F66A23DE}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exeFirewallRules: [{81C14BFD-0198-4354-B7E5-1D0EF5AFA7D8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeFirewallRules: [{00527A23-494C-48F3-BEDA-9E14BF3557B8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exeFirewallRules: [UDP Query User{57231475-DB0F-4254-AE4A-B7FEB59F260B}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exeFirewallRules: [TCP Query User{E056BE84-5783-41E3-9788-958D19C6E9F1}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exeFirewallRules: [{8FD4CF31-E083-4D04-9DC7-6E0B723BF52C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{82F42F84-D2F6-46D9-AB60-60F8B06328BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exeFirewallRules: [{4E7ACD19-1FE0-46A2-BB34-C409372F6276}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{EB3CECCB-6A56-4E43-81B8-25DD38B96015}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exeFirewallRules: [{39FAF2C5-369E-42C3-866A-8A92ECDAFBDA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{38B3D583-F8F1-4EA9-9163-A2C2DE9B408C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exeFirewallRules: [{0155C8CA-6EDE-4E39-BD94-D5F5D5F9A6CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exeFirewallRules: [{4657F890-6E28-4ABC-B979-3947B979ABB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{37D48367-0D10-48B3-BCCA-4A517DCBD17B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{B09E334C-CA3F-44AB-989C-CC15A0B29087}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exeFirewallRules: [{350E6958-F5B3-4219-A59F-0388A2A557F2}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exeFirewallRules: [{3EDD2F47-0C6A-4D4C-8E59-2C443BEC0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXEFirewallRules: [{71DEA4C3-2E45-4C4C-B579-6C6A0D5D31FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXEFirewallRules: [{33501526-9B4D-4ECA-85EC-9B267C10B160}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{9B2EDD26-3122-42D6-9CDA-308B8D37375F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exeFirewallRules: [{7E589AD1-B993-4737-92A3-F02A1FC25994}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{C6D5D70B-777E-4566-B2E4-6719579EDDE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exeFirewallRules: [{3962F2D1-9922-404C-979D-61B218F40BDA}] => (Allow) C:\Users\nele\AppData\Local\Microsoft\SkyDrive\SkyDrive.exeFirewallRules: [TCP Query User{74FAACFD-024B-4544-864E-A6794BA0F79F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [UDP Query User{FDE116CE-3540-453E-948A-A89960CBB42C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{06AA2F2F-4926-4C8A-9BB2-256FAD09E23D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{BE5F66D4-8E4F-4F46-B145-916D0E4338E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{A88648A1-777C-4AA2-9B7A-1773DA4D428D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [{0C9782B7-1886-42B7-8127-32BDC0CA275E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exeFirewallRules: [TCP Query User{780C7D31-0E07-4514-98C5-D1B7D841A65B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [UDP Query User{7A2F8D87-B08E-46DC-8CAB-FDE2C041E641}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exeFirewallRules: [{9D199768-5E07-459B-A391-0F47664151ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{F10FE5CE-DB14-4515-9872-C5412EE19B51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exeFirewallRules: [{B0731064-424E-48C1-AF45-88ADE2D3B16F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exeFirewallRules: [{9C267989-BAFE-4F06-8B7C-BB139468B55B}] => (Allow) LPort=2869FirewallRules: [{EF52EE58-C211-4D55-82DA-53566D044D6D}] => (Allow) LPort=1900FirewallRules: [{431A513B-B9D6-4D5D-AF1C-AA3E48C00EA7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exeFirewallRules: [{0BAC3109-561B-4CE2-B066-30424B91C084}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exeFirewallRules: [{6F593D47-8EBD-42DF-B104-0B18C9B0940F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exeFirewallRules: [{556BC192-839D-48C4-9293-4B156F47104A}] => (Allow) C:\Users\nele\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exeFirewallRules: [{0489726D-FD2E-4D98-83FD-FC093031D8F8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exeFirewallRules: [{7A14CA27-E1BF-4183-BC84-FD62E9E69CB7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{47AC1EFE-3AE7-49E5-A263-911720947574}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exeFirewallRules: [{2C1FEB40-5265-4BE2-97D8-91F8EA1A2A5D}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [{4DEBA70B-87AD-44CC-BA1F-5FA4F3F99D65}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exeFirewallRules: [TCP Query User{B1922B95-17F2-46B6-88A9-A71588C2E8A5}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [UDP Query User{40E97BEC-BEA7-419B-B933-C7AD70E7A5EB}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exeFirewallRules: [{922C626C-9F00-40DD-AFE0-F86039AB9A02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{9C5DAF29-896A-41CB-9E8F-22CFD309D847}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exeFirewallRules: [{5723E951-8684-4D25-B696-EB238EDA82E8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exeFirewallRules: [TCP Query User{9184DB6C-1828-4307-8E42-1015CB06EAA2}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exeFirewallRules: [UDP Query User{95C59811-07CA-4EB9-90B5-5CB65C16452A}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exeFirewallRules: [TCP Query User{4324F66E-61F2-42D8-B7D7-6AA3192FCE0B}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exeFirewallRules: [UDP Query User{6CE6CF79-0B86-4FE0-93F3-09603C556D7E}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exeFirewallRules: [{B9F105CA-0F51-4C6E-B13C-E673D4BFB632}] => (Allow) C:\WINDOWS\explorer.exeFirewallRules: [{FEDCDE37-1637-46E1-AF73-85E16D3AC5AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe==================== Faulty Device Manager Devices =============Name: Unknown USB Device (Device Descriptor Request Failed)Description: Unknown USB Device (Device Descriptor Request Failed)Class Guid: {36fc9e60-c465-11cf-8056-444553540000}Manufacturer: (Standard USB Host Controller)Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43)Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Event log errors: =========================Application errors:==================Error: (11/09/2015 09:23:55 AM) (Source: Application Error) (EventID: 1000) (User: )Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cbFaulting module name: MosHostCore.dll, version: 10.0.10240.16384, time stamp: 0x559f3908Exception code: 0xc0000005Fault offset: 0x00000000000096f2Faulting process ID: 0x53d8Faulting application start time: 0xsvchost.exe_MapsBroker0Faulting application path: svchost.exe_MapsBroker1Faulting module path: svchost.exe_MapsBroker2Report ID: svchost.exe_MapsBroker3Faulting package full name: svchost.exe_MapsBroker4Faulting package-relative application ID: svchost.exe_MapsBroker5Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:10 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:10 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:22:00 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.Error: (11/09/2015 09:22:00 AM) (Source: ESENT) (EventID: 488) (User: )Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).Error: (11/09/2015 09:21:49 AM) (Source: ESENT) (EventID: 413) (User: )Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.System errors:=============Error: (11/09/2015 09:23:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 2 time(s).Error: (11/08/2015 01:08:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )Description: The Downloaded Maps Manager service terminated unexpectedly. It has done this 1 time(s).Error: (11/07/2015 03:25:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}Error: (11/07/2015 03:23:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableError: (11/07/2015 03:23:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailableCodeIntegrity:===================================  Date: 2015-11-09 10:29:12.787  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\N1Service64.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-09 10:29:12.734  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\N1Service64.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-07 06:44:47.121  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-07 06:44:46.693  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-07 06:44:46.464  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-06 16:21:37.063  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-06 16:21:37.035  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-06 16:21:36.749  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-06 16:21:36.550  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.  Date: 2015-11-05 21:25:34.176  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHzPercentage of memory in use: 51%Total physical RAM: 8084.27 MBAvailable physical RAM: 3910.76 MBTotal Virtual: 11156.27 MBAvailable Virtual: 5828.73 MB==================== Drives ================================Drive c: () (Fixed) (Total:907.27 GB) (Free:611.1 GB) NTFS ==>[system with boot components (obtained from drive)]Drive d: (RECOVERY) (Fixed) (Total:21.86 GB) (Free:2.63 GB) NTFS ==>[system with boot components (obtained from drive)]==================== MBR & Partition Table ==========================================================================Disk: 0 (Size: 931.5 GB) (Disk ID: F5E1212F)Partition: GPT.==================== End of Addition.txt ============================

Link to post
Share on other sites

Hi,

Step 1

frst.pngfrstfix.png

Press the w8.png + R on your keyboard at the same time. Type notepad and click OK.

  • Copy the entire content of the codebox below and paste into the notepad document:

    CloseProcesses:C:\WINDOWS\system32\N1Service64.dll cmd: netsh winsock reset AlternateDataStreams: C:\ProgramData\Temp:56E2E879HKLM-x32\...\Run: [] => [X]Task: {063048D0-DEA2-423B-941B-FAD4767E99EB} - \SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 -> No File Task: {082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71} - \Adobe Flash Player Updater -> No File Task: {0D4F3C7A-39C4-4104-8425-785826EB9B10} - \PhraseProfessor Auto Updater 1.10.0.22 Core -> No File Task: {18EC5D67-59D5-423D-800F-858D030CC291} - \PhraseProfessor Auto Updater 1.10.0.22 Pending Update -> No File Task: {1DF97EDE-765C-430D-AFE5-C8FB693C54AE} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001 -> No File Task: {23D61382-9314-478E-A3DD-F292E93BBCD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File Task: {29EA6BD1-C841-494E-8B22-F64B77686168} - \Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500 -> No File Task: {40D27100-911A-4768-BAD3-2B5F2608C670} - \Launch HTC Sync Loader -> No File Task: {43BE01ED-7A43-4043-B861-58CEDB1BB47C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File Task: {497B1032-FCE3-4473-AB41-E5256517CE7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File Task: {5C8671F6-5D3B-4BEE-9370-8121A1AEA31B} - \{E9430C13-12E9-4EB9-AD7C-43AC41CB426C} -> No File Task: {68DCE6E6-F422-4A4D-9B9F-B3398C22C59D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File Task: {70E68620-137B-459A-8E0E-2B7731453777} - \ShopperProJSUpd -> No File Task: {813F116E-E4CD-4855-AC97-D9C6585B8062} - \Synaptics TouchPad Enhancements -> No File Task: {81EBE69B-6972-4D45-B7D7-B9E49312E330} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File Task: {8B3B6F6C-744E-4532-81DC-CF2B71F87736} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File Task: {92E36439-4325-4FD1-8CB7-54223596BB20} - \{A3503584-2DFA-4F0D-909D-B4F49C590301} -> No File Task: {9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File Task: {A0DB3846-1223-4110-BAA3-430882F22E38} - \AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com -> No File Task: {A3EF42AE-CEEA-488E-87C1-084569DA76F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File Task: {ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File Task: {E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File Task: {FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No FileBHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No FileToolbar: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File2015-10-30 09:54 - 2015-10-30 09:54 - 00002400 _____ C:\WINDOWS\system32\N1ServiceOff.ini2015-10-30 09:53 - 2015-10-31 14:36 - 00000000 ____D C:\WINDOWS\NMsvc2015-10-30 09:53 - 2015-10-30 09:53 - 00000000 ____D C:\WINDOWS\msservice
  • Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    (XP users click run after receipt of Windows Security Warning - Open File).

  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.

Step 2

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.

    Vista/Windows 7/8 users right-click and select "Run As Administrator"

  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a logfile report (AdwCleaner[C#].txt) will open automatically (where the largest value of # represents the most recent report).

    Copy and paste the contents of that logfile in your next reply.

Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.

    Please attach the logs in your next reply.

Link to post
Share on other sites

1. Fixlog.txt

Fix result of Farbar Recovery Scan Tool (x64) Version:07-11-2015

Ran by nele (2015-11-09 16:57:44) Run:1

Running from C:\Users\nele\Downloads

Loaded Profiles: nele (Available Profiles: nele & Guest)

Boot Mode: Normal

==============================================

fixlist content:

*****************

CloseProcesses:

C:\WINDOWS\system32\N1Service64.dll

cmd: netsh winsock reset

AlternateDataStreams: C:\ProgramData\Temp:56E2E879

HKLM-x32\...\Run: [] => [X]

Task: {063048D0-DEA2-423B-941B-FAD4767E99EB} - \SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 -> No File

Task: {082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71} - \Adobe Flash Player Updater -> No File

Task: {0D4F3C7A-39C4-4104-8425-785826EB9B10} - \PhraseProfessor Auto Updater 1.10.0.22 Core -> No File

Task: {18EC5D67-59D5-423D-800F-858D030CC291} - \PhraseProfessor Auto Updater 1.10.0.22 Pending Update -> No File

Task: {1DF97EDE-765C-430D-AFE5-C8FB693C54AE} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001 -> No File

Task: {23D61382-9314-478E-A3DD-F292E93BBCD5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File

Task: {29EA6BD1-C841-494E-8B22-F64B77686168} - \Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500 -> No File

Task: {40D27100-911A-4768-BAD3-2B5F2608C670} - \Launch HTC Sync Loader -> No File

Task: {43BE01ED-7A43-4043-B861-58CEDB1BB47C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File

Task: {497B1032-FCE3-4473-AB41-E5256517CE7E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File

Task: {5C8671F6-5D3B-4BEE-9370-8121A1AEA31B} - \{E9430C13-12E9-4EB9-AD7C-43AC41CB426C} -> No File

Task: {68DCE6E6-F422-4A4D-9B9F-B3398C22C59D} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File

Task: {70E68620-137B-459A-8E0E-2B7731453777} - \ShopperProJSUpd -> No File

Task: {813F116E-E4CD-4855-AC97-D9C6585B8062} - \Synaptics TouchPad Enhancements -> No File

Task: {81EBE69B-6972-4D45-B7D7-B9E49312E330} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File

Task: {8B3B6F6C-744E-4532-81DC-CF2B71F87736} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File

Task: {92E36439-4325-4FD1-8CB7-54223596BB20} - \{A3503584-2DFA-4F0D-909D-B4F49C590301} -> No File

Task: {9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File

Task: {A0DB3846-1223-4110-BAA3-430882F22E38} - \AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com -> No File

Task: {A3EF42AE-CEEA-488E-87C1-084569DA76F6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File

Task: {ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File

Task: {E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File

Task: {FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File

ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208}

BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File

BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File

Toolbar: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File

2015-10-30 09:54 - 2015-10-30 09:54 - 00002400 _____ C:\WINDOWS\system32\N1ServiceOff.ini

2015-10-30 09:53 - 2015-10-31 14:36 - 00000000 ____D C:\WINDOWS\NMsvc

2015-10-30 09:53 - 2015-10-30 09:53 - 00000000 ____D C:\WINDOWS\msservice

*****************

 

Processes closed successfully.

C:\WINDOWS\system32\N1Service64.dll => moved successfully

=========  netsh winsock reset =========

 

Sucessfully reset the Winsock Catalog.

You must restart the computer in order to complete the reset.

 

========= End of CMD: =========

 

C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{063048D0-DEA2-423B-941B-FAD4767E99EB}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{063048D0-DEA2-423B-941B-FAD4767E99EB}" => key removed successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPBIW_UpdateTask_Time_3334363038373330372d2a55456c2d5a34575b413234 => key not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{082A0DDB-D96E-4B84-9C8B-7E9E3AB5CD71}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0D4F3C7A-39C4-4104-8425-785826EB9B10}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0D4F3C7A-39C4-4104-8425-785826EB9B10}" => key removed successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhraseProfessor Auto Updater 1.10.0.22 Core => key not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{18EC5D67-59D5-423D-800F-858D030CC291}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{18EC5D67-59D5-423D-800F-858D030CC291}" => key removed successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PhraseProfessor Auto Updater 1.10.0.22 Pending Update => key not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DF97EDE-765C-430D-AFE5-C8FB693C54AE}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DF97EDE-765C-430D-AFE5-C8FB693C54AE}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft OneDrive Auto Update Task-S-1-5-21-2444418471-309531542-3407867716-1001" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23D61382-9314-478E-A3DD-F292E93BBCD5}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23D61382-9314-478E-A3DD-F292E93BBCD5}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{29EA6BD1-C841-494E-8B22-F64B77686168}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{29EA6BD1-C841-494E-8B22-F64B77686168}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-2444418471-309531542-3407867716-500" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{40D27100-911A-4768-BAD3-2B5F2608C670}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40D27100-911A-4768-BAD3-2B5F2608C670}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Launch HTC Sync Loader" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{43BE01ED-7A43-4043-B861-58CEDB1BB47C}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{43BE01ED-7A43-4043-B861-58CEDB1BB47C}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{497B1032-FCE3-4473-AB41-E5256517CE7E}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{497B1032-FCE3-4473-AB41-E5256517CE7E}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C8671F6-5D3B-4BEE-9370-8121A1AEA31B}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C8671F6-5D3B-4BEE-9370-8121A1AEA31B}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E9430C13-12E9-4EB9-AD7C-43AC41CB426C}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{68DCE6E6-F422-4A4D-9B9F-B3398C22C59D}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68DCE6E6-F422-4A4D-9B9F-B3398C22C59D}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70E68620-137B-459A-8E0E-2B7731453777}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70E68620-137B-459A-8E0E-2B7731453777}" => key removed successfully

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd => key not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{813F116E-E4CD-4855-AC97-D9C6585B8062}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{813F116E-E4CD-4855-AC97-D9C6585B8062}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Synaptics TouchPad Enhancements" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81EBE69B-6972-4D45-B7D7-B9E49312E330}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81EBE69B-6972-4D45-B7D7-B9E49312E330}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B3B6F6C-744E-4532-81DC-CF2B71F87736}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B3B6F6C-744E-4532-81DC-CF2B71F87736}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{92E36439-4325-4FD1-8CB7-54223596BB20}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{92E36439-4325-4FD1-8CB7-54223596BB20}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A3503584-2DFA-4F0D-909D-B4F49C590301}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9A8FA3D8-9A72-4E87-AADD-A05DC4B8691B}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0DB3846-1223-4110-BAA3-430882F22E38}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0DB3846-1223-4110-BAA3-430882F22E38}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeAAMUpdater-1.0-MicrosoftAccount-neleuska@hotmail.com" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3EF42AE-CEEA-488E-87C1-084569DA76F6}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3EF42AE-CEEA-488E-87C1-084569DA76F6}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ACF0E57E-4B6C-4EAC-8B56-C3D32014AD02}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6CFD5EC-8717-4C88-93B0-00FC3C7CB8E1}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCD5EC32-8CFC-4B1D-91B1-D2D72D6DF076}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => key removed successfully

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => key not found.

HKCR\CLSID\ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} => key not found.

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully

HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.

"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => key removed successfully

HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => key not found.

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully

HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.

C:\WINDOWS\system32\N1ServiceOff.ini => moved successfully

C:\WINDOWS\NMsvc => moved successfully

C:\WINDOWS\msservice => moved successfully

 

The system needed a reboot.

 

==== End of Fixlog 16:58:02 ====

Link to post
Share on other sites

2. adwcleaner

 

# AdwCleaner v5.019 - Logfile created 09/11/2015 at 17:11:49

# Updated 08/11/2015 by Xplode

# Database : 2015-11-09.1 [server]

# Operating system : Windows 10 Home  (x64)

# Username : nele - NELEPADDYHOME

# Running from : C:\Users\nele\Downloads\AdwCleaner.exe

# Option : Cleaning

# Support : http://toolslib.net/forum

***** [ Services ] *****

 

***** [ Folders ] *****

 

[-] Folder Deleted : C:\Program Files (x86)\globalUpdate

[-] Folder Deleted : C:\Program Files (x86)\GSafe

[-] Folder Deleted : C:\Program Files (x86)\relaydouble

[!] Folder Not Deleted : C:\Program Files (x86)\RelayDouble

[-] Folder Deleted : C:\ProgramData\AVG Security Toolbar

[-] Folder Deleted : C:\ProgramData\Goobzo

[-] Folder Deleted : C:\ProgramData\afcf9df100002a84

[-] Folder Deleted : C:\ProgramData\c1fedbf800000d54

[-] Folder Deleted : C:\Users\nele\AppData\Local\globalUpdate

[-] Folder Deleted : C:\Users\nele\AppData\Local\Temp\GSafe

[-] Folder Deleted : C:\Users\Public\Documents\Goobzo

 

***** [ Files ] *****

 

[-] File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml

[-] File Deleted : C:\WINDOWS\SysNative\log\iSafeKrnlCall.log

[-] File Deleted : C:\WINDOWS\SysNative\roboot64.exe

 

***** [ DLLs ] *****

 

***** [ Shortcuts ] *****

 

***** [ Scheduled tasks ] *****

 

***** [ Registry ] *****

[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}

[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}

[-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WdsManPro

[-] Key Deleted : HKLM\SOFTWARE\1bf0f631-45b9-6cc0-53d2-276f85597bf5

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}

[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}

[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key Deleted : HKCU\Software\GlobalUpdate

[-] Key Deleted : HKCU\Software\Goobzo

[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions

[-] Key Deleted : HKCU\Software\V9

[-] Key Deleted : HKCU\Software\Avg Secure Update

[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate

[-] Key Deleted : HKLM\SOFTWARE\Goobzo

[-] Key Deleted : HKLM\SOFTWARE\hdcode

[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions

[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}

[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

[-] Key Deleted : [x64] HKLM\SOFTWARE\ShopperPro

[-] Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader

[-] Key Deleted : HKU\.DEFAULT\Software\Goobzo

[-] Key Deleted : HKU\.DEFAULT\Software\Elex-tech

[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update

[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}

[-] Key Deleted : HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_

[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}

[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\hiphopmyway.com

[-] Key Deleted : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.hiphopmyway.com

[-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\hiphopmyway.com

[-] Key Deleted : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.hiphopmyway.com

 

***** [ Web browsers ] *****

 

*************************

:: "Tracing" keys removed

:: Winsock settings cleared

 

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7620 bytes] ##########

Link to post
Share on other sites

3. FRST.txt

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015

Ran by nele (administrator) on NELEPADDYHOME (09-11-2015 17:32:24)

Running from C:\Users\nele\Downloads

Loaded Profiles: nele (Available Profiles: nele & Guest)

Platform: Windows 10 Home (X64) Language: English (United Kingdom)

Internet Explorer Version 11 (Default browser: Edge)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

(Intel Corporation) C:\Windows\System32\igfxTray.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe

(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Facebook Inc.) C:\Users\nele\AppData\Local\Facebook\Update\FacebookUpdate.exe

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe

(Dropbox, Inc.) C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe

(Dropbox, Inc.) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe

(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe

() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe

(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe

(Microsoft Corporation) C:\Windows\splwow64.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe

() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe

(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\System32\prevhost.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe

(Microsoft Corporation) C:\Windows\System32\browser_broker.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

 

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-10-21] (IDT, Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated)

HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)

HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)

HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)

HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3498728 2015-05-01] (Adobe Systems Inc.)

HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1279120 2012-09-27] (CANON INC.)

HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)

HKLM-x32\...\Run: [WsmUpdater] => C:\Program Files (x86)\Web Solution Mart\Windows 8 Codecs Pack\Updater.exe [292208 2012-05-18] (Web Solution Mart)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2014-04-03] (DivX, LLC)

HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)

HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)

HKLM\...\Winlogon: [userinit] C:\WINDOWS\SysWOW64\userinit.exe,

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [Facebook Update] => C:\Users\nele\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-01-06] (Facebook Inc.)

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-06-13] (Electronic Arts)

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [Google Update] => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-27] (Google Inc.)

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [Dropbox Update] => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-28] (Dropbox, Inc.)

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Run: [OneDrive] => "C:\Users\nele\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()

ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-20] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-20] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\amd64\FileSyncShell64.dll [2015-08-20] (Microsoft Corporation)

ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-10-12] (Dropbox, Inc.)

ShellIconOverlayIdentifiers: [0PerformanceMonitor] -> {3B5B973C-92A4-4855-9D3F-0F3D23332208} =>  No File

ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-20] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-20] (Microsoft Corporation)

ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\nele\AppData\Local\Microsoft\OneDrive\17.3.5930.0814\FileSyncShell.dll [2015-08-20] (Microsoft Corporation)

Startup: C:\Users\nele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-10-17]

ShortcutTarget: Dropbox.lnk -> C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5-x64 08 C:\WINDOWS\system32\wlidnsp.dll [76288 2015-07-10] (Microsoft Corporation)

Winsock: Catalog5-x64 09 C:\WINDOWS\system32\wlidnsp.dll [76288 2015-07-10] (Microsoft Corporation)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0

Tcpip\..\Interfaces\{94dfe8e7-2b92-4927-ac05-c8488ffc654f}: [DhcpNameServer] 192.168.1.254

Tcpip\..\Interfaces\{a107361a-12af-4e9e-8cd8-707e57d65970}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:

==================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1

SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF

SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKLM -> {A91BAD20-CEC2-4976-AAC5-69C0D95947F3} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKLM-x32 -> {A91BAD20-CEC2-4976-AAC5-69C0D95947F3} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}

SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF

SearchScopes: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

SearchScopes: HKU\S-1-5-21-2444418471-309531542-3407867716-1001 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2014-01-24] (CANON INC.)

BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)

BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)

BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-01-24] (CANON INC.)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-09-02] (Oracle Corporation)

BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-09-02] (Oracle Corporation)

BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)

Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)

Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2014-01-24] (CANON INC.)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-01-24] (CANON INC.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:

========

FF ProfilePath: C:\Users\nele\AppData\Roaming\Mozilla\Firefox\Profiles\v9p4hdh6.default-1437226776652

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-23] ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-23] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-04-26] (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()

FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2013-09-17] (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-04-18] (DivX, LLC)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-09-02] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-09-02] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)

FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)

FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\nele\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: @tools.google.com/Google Update;version=3 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)

FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: @tools.google.com/Google Update;version=9 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)

FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\nele\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-05-26] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2444418471-309531542-3407867716-1001: electronicarts.com/GameFacePlugin -> C:\Users\nele\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-12-20] (Electronic Arts)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)

FF Extension: Share Button for Pinterest - C:\Users\nele\AppData\Roaming\Mozilla\Firefox\Profiles\v9p4hdh6.default-1437226776652\Extensions\{677a8f98-fd64-40b0-a883-b8c95d0cbf17}.xpi [2015-10-23]

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed]

FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn

FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-06-01] [not signed]

Chrome:

=======

CHR DefaultSearchURL: Default -> hxxp://pandasecurity.mystart.com/results.php?searchsource=omnibar&pr=vmn&id=pandasecuritytb&v=2_3&ent=ds_671&q={searchTerms}

CHR DefaultSearchKeyword: Default -> yahoo

CHR Plugin: (Widevine Content Decryption Module) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll => No File

CHR Profile: C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-02]

CHR Extension: (Google Drive) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]

CHR Extension: (YouTube) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]

CHR Extension: (Google Cast) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-10-13]

CHR Extension: (Google Search) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]

CHR Extension: (Google Docs Offline) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]

CHR Extension: (AdBlock) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-15]

CHR Extension: (Chrome Web Store Payments) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-02]

CHR Extension: (Gmail) - C:\Users\nele\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-02]

CHR HKU\S-1-5-21-2444418471-309531542-3407867716-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-05-01]

CHR HKLM-x32\...\Chrome\Extension: [fdhbkaahephniejapepaiggngjnedpci] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-07-22] (Adobe Systems Incorporated)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)

R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-14] (Intel Corporation)

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-13] (Electronic Arts)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]

R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2255128 2015-10-18] (IBM Corp.)

R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-17] (Synaptics Incorporated)

S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-01] (Microsoft Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 BrSerIb; C:\Windows\System32\Drivers\BrSerIb.sys [284160 2012-03-27] (Brother Industries Ltd.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)

S3 iscFlash; C:\swsetup\sp62218\iscflashx64.sys [69216 2013-10-14] (Insyde Software)

S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-11-01] (Malwarebytes)

R3 netr28x; C:\Windows\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)

R1 RapportCerberus_1507072; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1507072.sys [959416 2015-09-22] (IBM Corp.)

R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [500184 2015-10-18] (IBM Corp.)

S3 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [139896 2015-10-18] (IBM Corp.)

S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [394584 2015-10-18] (IBM Corp.)

S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [489272 2015-10-18] (IBM Corp.)

S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-05] (Realtek Semiconductor Corp.)

R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek                                            )

S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated)

S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()

S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)

R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)

R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)

R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)

S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

==================== One Month Created files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-11-09 17:13 - 2015-11-09 17:13 - 00016148 _____ C:\WINDOWS\system32\NELEPADDYHOME_nele_HistoryPrediction.bin

2015-11-09 17:07 - 2015-11-09 17:15 - 00000000 ____D C:\AdwCleaner

2015-11-09 17:07 - 2015-11-09 17:07 - 01712128 _____ C:\Users\nele\Downloads\AdwCleaner.exe

2015-11-09 10:30 - 2015-11-09 10:35 - 00055394 _____ C:\Users\nele\Downloads\Addition.txt

2015-11-09 10:27 - 2015-11-09 17:32 - 00032150 _____ C:\Users\nele\Downloads\FRST.txt

2015-11-09 10:26 - 2015-11-09 10:27 - 02198528 _____ (Farbar) C:\Users\nele\Downloads\FRST64.exe

2015-11-08 12:49 - 2015-11-08 12:52 - 02735245 _____ C:\Users\nele\Downloads\storyboard_templates.zip

2015-11-08 11:12 - 2014-02-16 18:10 - 00000000 ____D C:\Users\nele\Downloads\CoffeeShop WebBoards 9

2015-11-05 21:18 - 2015-11-05 21:19 - 01748413 _____ C:\Users\nele\Downloads\2016_TMW_YearlyPlanner.zip

2015-11-04 14:05 - 2015-11-04 14:02 - 00000118 ____N C:\Users\nele\Downloads\.ignore

2015-11-04 14:05 - 2015-11-04 14:02 - 00000000 ____D C:\Users\nele\Downloads\highlights

2015-11-02 14:45 - 2015-11-09 17:32 - 00000000 ____D C:\FRST

2015-11-01 14:58 - 2015-11-01 14:58 - 00000904 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PASS.lnk

2015-11-01 14:58 - 2015-11-01 14:58 - 00000892 _____ C:\Users\Public\Desktop\PASS.lnk

2015-11-01 14:58 - 2015-11-01 14:58 - 00000000 ____D C:\Users\nele\Documents\PASS

2015-11-01 14:58 - 2015-11-01 14:58 - 00000000 ____D C:\Users\nele\AppData\Roaming\com.showitfast.pass.desktop.PASS

2015-11-01 14:58 - 2015-11-01 14:58 - 00000000 ____D C:\Program Files (x86)\PASS

2015-11-01 08:25 - 2015-11-01 08:25 - 00000000 ____D C:\Users\nele\AppData\Local\AvgSetupLog

2015-11-01 08:25 - 2015-11-01 08:25 - 00000000 ____D C:\Users\nele\AppData\Local\Avg

2015-10-30 22:25 - 2015-10-27 23:38 - 21871616 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2015-10-30 22:25 - 2015-10-27 23:16 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2015-10-30 22:25 - 2015-10-21 12:45 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll

2015-10-30 22:25 - 2015-10-21 12:43 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2015-10-30 22:25 - 2015-10-21 12:39 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2015-10-30 22:25 - 2015-10-21 12:00 - 24595968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2015-10-30 22:25 - 2015-10-21 12:00 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2015-10-30 22:25 - 2015-10-21 11:57 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2015-10-30 22:25 - 2015-10-21 11:52 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll

2015-10-30 22:25 - 2015-10-21 11:50 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2015-10-30 22:25 - 2015-10-21 11:48 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2015-10-30 22:25 - 2015-10-21 11:46 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-10-30 22:25 - 2015-10-21 11:46 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2015-10-30 22:25 - 2015-10-21 11:44 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2015-10-30 22:25 - 2015-10-21 11:44 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2015-10-30 22:25 - 2015-10-21 11:43 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll

2015-10-30 22:25 - 2015-10-21 11:42 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2015-10-30 22:25 - 2015-10-21 11:41 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-10-30 22:25 - 2015-10-21 05:53 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2015-10-30 22:25 - 2015-10-21 05:49 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2015-10-30 22:25 - 2015-10-21 05:13 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2015-10-30 22:25 - 2015-10-21 05:11 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2015-10-30 22:25 - 2015-10-21 05:08 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2015-10-30 22:25 - 2015-10-21 05:05 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll

2015-10-30 22:25 - 2015-10-21 05:03 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2015-10-30 22:25 - 2015-10-21 04:58 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll

2015-10-30 22:24 - 2015-10-21 12:44 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys

2015-10-30 22:24 - 2015-10-21 11:59 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2015-10-30 22:24 - 2015-10-21 11:47 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2015-10-30 22:24 - 2015-10-21 11:40 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll

2015-10-30 22:24 - 2015-10-21 11:38 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll

2015-10-30 22:24 - 2015-10-21 05:03 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2015-10-30 22:24 - 2015-10-21 04:58 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2015-10-30 22:24 - 2015-10-21 04:55 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll

2015-10-28 20:20 - 2015-11-09 17:12 - 00000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleFornele.job

2015-10-28 20:20 - 2015-11-09 17:09 - 00003244 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleFornele

2015-10-25 11:51 - 2015-10-25 12:00 - 00000000 ____D C:\Users\nele\Downloads\Despicable Me (2010) [1080p]

2015-10-24 16:00 - 2015-10-24 16:01 - 3014406843 _____ C:\Users\nele\Downloads\Day1.mkv

2015-10-19 12:18 - 2015-10-19 12:18 - 00019451 _____ C:\Users\nele\Downloads\[kat.cr]minions.2015.hdrip.xvid.etrg.torrent

2015-10-19 12:18 - 2015-10-19 12:18 - 00000000 ____D C:\Users\nele\Downloads\Minions.2015.HDRip.XViD ETRG

2015-10-17 21:05 - 2014-04-30 21:54 - 00001854 _____ C:\Users\nele\Downloads\Rules and Disclaimer-unrestricted-Do not delete.txt

2015-10-17 08:31 - 2015-10-17 08:31 - 00001095 _____ C:\Users\Public\Desktop\Cloud Spot.lnk

2015-10-17 08:31 - 2015-10-17 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cloud Spot

2015-10-17 07:01 - 2015-10-17 07:01 - 00000000 ____D C:\Users\nele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2015-10-16 21:00 - 2015-10-16 21:00 - 00099753 _____ C:\Users\nele\Downloads\CoffeeShop WebBoards 9.zip

2015-10-16 15:13 - 2015-11-01 08:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-10-14 13:15 - 2015-10-14 13:15 - 22915568 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 17846272 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 11053048 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 10574992 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 08528896 _____ (Intel Corporation) C:\WINDOWS\system32\ig7icd64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 06513648 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig7icd32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 04371888 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 04369816 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 04025864 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAAC64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 02506960 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiVAD64.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 02037232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmjit64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 01995760 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 01793024 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 01768432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmjit32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 01470472 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSecureSourceFilter64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 01156000 _____ (Intel Corporation) C:\WINDOWS\system32\iglhsip64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 01151840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhsip32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00970656 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00866824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiWinNextAgent64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00661000 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiAudioFilter64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00618992 _____ (Intel Corporation) C:\WINDOWS\system32\MetroIntelGenericUIFramework.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00617992 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMux64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00556960 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00554928 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00469216 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00444832 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00410528 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeAppv2_0.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00409520 _____ (Intel Corporation) C:\WINDOWS\system32\CustomModeApp.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00394224 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00387056 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00378824 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00374272 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00357912 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiSilenceFilter64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00329216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00316245 _____ C:\WINDOWS\system32\DisplayAudiox64.cab

2015-10-14 13:15 - 2015-10-14 13:15 - 00296944 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00291744 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00265712 _____ C:\WINDOWS\system32\igfxCPL.cpl

2015-10-14 13:15 - 2015-10-14 13:15 - 00232960 _____ C:\WINDOWS\system32\igdde64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00230384 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00229664 _____ (Intel Corporation) C:\WINDOWS\system32\iglhcp64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00225288 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUtils64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00216552 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4276.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00205728 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00199088 _____ (Intel Corporation) C:\WINDOWS\system32\igfxcmrt64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00194560 _____ C:\WINDOWS\SysWOW64\igdde32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00194368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\iglhcp32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00193536 _____ (Intel Corporation) C:\WINDOWS\system32\igfx11cmrt64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00192520 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiDDEAgent64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00188884 _____ C:\WINDOWS\system32\resTHA.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00181524 _____ C:\WINDOWS\system32\resELL.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00177300 _____ C:\WINDOWS\system32\resRUS.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00172528 _____ C:\WINDOWS\system32\igdail64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00169368 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxcmrt32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00165808 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe

2015-10-14 13:15 - 2015-10-14 13:15 - 00163840 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfx11cmrt32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00163044 _____ C:\WINDOWS\system32\resARA.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00162500 _____ C:\WINDOWS\system32\resHEB.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00162484 _____ C:\WINDOWS\system32\resJPN.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00157860 _____ C:\WINDOWS\system32\resHUN.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00157844 _____ C:\WINDOWS\system32\resFRA.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00156100 _____ C:\WINDOWS\system32\resKOR.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00156020 _____ C:\WINDOWS\system32\resDEU.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00155988 _____ C:\WINDOWS\system32\resITA.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00155828 _____ C:\WINDOWS\system32\resROM.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00155716 _____ C:\WINDOWS\system32\resESN.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00155268 _____ C:\WINDOWS\system32\resPLK.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00155172 _____ C:\WINDOWS\system32\resSKY.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00154980 _____ C:\WINDOWS\system32\resNLD.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00154372 _____ C:\WINDOWS\system32\resPTB.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00154260 _____ C:\WINDOWS\system32\resTRK.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00154212 _____ C:\WINDOWS\system32\resCSY.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00154096 _____ C:\WINDOWS\SysWOW64\igdail32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00154084 _____ C:\WINDOWS\system32\resPTG.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00153620 _____ C:\WINDOWS\system32\resFIN.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00153236 _____ C:\WINDOWS\system32\resHRV.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00152772 _____ C:\WINDOWS\system32\resSVE.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00152644 _____ C:\WINDOWS\system32\resSLV.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00151668 _____ C:\WINDOWS\system32\resNOR.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00151156 _____ C:\WINDOWS\system32\resDAN.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00149812 _____ C:\WINDOWS\system32\resENU.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00148052 _____ C:\WINDOWS\system32\resCHT.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00147188 _____ C:\WINDOWS\system32\resCHS.cui

2015-10-14 13:15 - 2015-10-14 13:15 - 00143368 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCUMD64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00109064 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiLogServer64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00102912 _____ C:\WINDOWS\system32\IccLibDll_x64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00096752 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00078336 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\Intel_OpenCL_ICD64.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00069616 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\Intel_OpenCL_ICD32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00042232 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00039424 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00020976 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00018944 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00015344 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00013824 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll

2015-10-14 13:15 - 2015-10-14 13:15 - 00002560 _____ C:\WINDOWS\system32\iglhxs64.vp

2015-10-14 13:14 - 2015-10-06 03:03 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2015-10-14 13:14 - 2015-10-06 02:46 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2015-10-14 13:14 - 2015-10-01 04:01 - 01294352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi

2015-10-14 13:14 - 2015-10-01 04:01 - 01123400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe

2015-10-14 13:14 - 2015-10-01 04:01 - 01018568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi

2015-10-14 13:14 - 2015-10-01 04:01 - 00858408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe

2015-10-14 13:14 - 2015-10-01 04:00 - 08020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2015-10-14 13:14 - 2015-09-25 04:01 - 02573768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2015-10-14 13:14 - 2015-09-25 04:01 - 00498016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys

2015-10-14 13:14 - 2015-09-25 03:56 - 22322624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2015-10-14 13:14 - 2015-09-25 03:52 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi

2015-10-14 13:14 - 2015-09-25 03:33 - 01997336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2015-10-14 13:14 - 2015-09-25 03:26 - 20858360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2015-10-14 13:14 - 2015-09-25 03:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll

2015-10-14 13:14 - 2015-09-25 03:11 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll

2015-10-14 13:14 - 2015-09-25 03:09 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2015-10-14 13:14 - 2015-09-25 03:07 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll

2015-10-14 13:14 - 2015-09-25 03:04 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll

2015-10-14 13:14 - 2015-09-25 03:04 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll

2015-10-14 13:14 - 2015-09-25 03:03 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2015-10-14 13:14 - 2015-09-25 03:03 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2015-10-14 13:14 - 2015-09-25 03:02 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2015-10-14 13:14 - 2015-09-25 03:02 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2015-10-14 13:14 - 2015-09-25 03:02 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2015-10-14 13:14 - 2015-09-25 03:01 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2015-10-14 13:14 - 2015-09-25 03:01 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2015-10-14 13:14 - 2015-09-25 03:00 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll

2015-10-14 13:14 - 2015-09-25 03:00 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2015-10-14 13:14 - 2015-09-25 03:00 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll

2015-10-14 13:14 - 2015-09-25 03:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll

2015-10-14 13:14 - 2015-09-25 02:59 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2015-10-14 13:14 - 2015-09-25 02:59 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

2015-10-14 13:14 - 2015-09-25 02:59 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll

2015-10-14 13:14 - 2015-09-25 02:59 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll

2015-10-14 13:14 - 2015-09-25 02:59 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll

2015-10-14 13:14 - 2015-09-25 02:59 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll

2015-10-14 13:14 - 2015-09-25 02:58 - 01871360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll

2015-10-14 13:14 - 2015-09-25 02:47 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

2015-10-14 13:14 - 2015-09-25 02:47 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll

2015-10-14 13:14 - 2015-09-25 02:38 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2015-10-14 13:14 - 2015-09-25 02:38 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll

2015-10-14 13:14 - 2015-09-25 02:38 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2015-10-14 13:14 - 2015-09-25 02:38 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2015-10-14 13:14 - 2015-09-25 02:37 - 00766976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2015-10-14 13:14 - 2015-09-25 02:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2015-10-14 13:14 - 2015-09-25 02:37 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2015-10-14 13:14 - 2015-09-25 02:36 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2015-10-14 13:14 - 2015-09-25 02:36 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2015-10-14 13:14 - 2015-09-25 02:34 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll

2015-10-14 13:14 - 2015-09-25 02:34 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll

2015-10-14 13:14 - 2015-09-25 02:34 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll

2015-10-14 13:14 - 2015-09-25 02:34 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll

2015-10-14 13:14 - 2015-09-25 02:34 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

2015-10-14 13:14 - 2015-09-25 02:33 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll

2015-10-14 13:14 - 2015-09-25 02:32 - 01594368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll

2015-10-14 13:14 - 2015-09-25 02:32 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll

2015-10-14 13:13 - 2015-10-10 07:12 - 00078528 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2015-10-14 13:13 - 2015-10-01 03:03 - 00757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll

2015-10-11 07:39 - 2015-10-11 07:39 - 28263702 _____ C:\Users\nele\Downloads\RBF_Renewal_Textured_Solids_Free.zip

2015-10-10 10:11 - 2015-10-11 19:01 - 00024103 _____ C:\Users\nele\Desktop\Paddy Sleeve.odt

 

==================== One Month Modified files and folders ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2015-11-09 17:32 - 2015-07-10 12:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log

2015-11-09 17:27 - 2015-07-15 20:11 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job

2015-11-09 17:16 - 2015-05-06 12:14 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-11-09 17:16 - 2014-09-14 09:34 - 00000000 ___RD C:\Users\nele\Dropbox

2015-11-09 17:16 - 2014-09-14 09:31 - 00000000 ____D C:\Users\nele\AppData\Roaming\Dropbox

2015-11-09 17:13 - 2014-03-24 10:27 - 00000000 ____D C:\Users\nele\AppData\Local\HTC MediaHub

2015-11-09 17:12 - 2015-07-10 12:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2015-11-09 17:12 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\sru

2015-11-09 17:12 - 2015-07-10 09:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI

2015-11-09 17:11 - 2015-05-06 12:14 - 00000000 ____D C:\WINDOWS\system32\log

2015-11-09 17:00 - 2015-07-18 19:55 - 00000942 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job

2015-11-09 16:58 - 2015-08-01 10:27 - 00000000 ____D C:\Users\nele

2015-11-09 15:24 - 2015-07-28 19:48 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2EB703FC-714D-4040-AF2E-EC7F5D94D58F}

2015-11-09 10:56 - 2013-10-14 17:19 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log

2015-11-08 21:00 - 2015-07-18 19:55 - 00000890 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job

2015-11-08 19:18 - 2015-07-10 12:20 - 00030397 _____ C:\WINDOWS\setupact.log

2015-11-08 08:27 - 2015-07-15 20:11 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job

2015-11-08 08:17 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\AppReadiness

2015-11-06 22:11 - 2013-10-12 13:28 - 00000000 ____D C:\Users\nele\AppData\Roaming\Adobe

2015-11-05 22:46 - 2014-08-26 21:42 - 00000000 ____D C:\Program Files (x86)\Steam

2015-11-04 13:21 - 2015-08-03 19:18 - 00000000 ____D C:\Users\nele\AppData\Local\CloudSpot

2015-11-03 18:05 - 2015-08-01 10:26 - 00968010 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2015-11-02 14:09 - 2013-10-15 07:28 - 00000000 ____D C:\Program Files (x86)\Google

2015-11-02 14:06 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\NDF

2015-11-01 08:46 - 2015-09-02 19:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-11-01 08:32 - 2015-08-01 10:18 - 00119164 _____ C:\WINDOWS\PFRO.log

2015-11-01 08:26 - 2015-07-28 19:44 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

2015-11-01 08:17 - 2015-07-18 13:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-10-31 17:25 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\rescache

2015-10-31 03:33 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB

2015-10-31 03:33 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\en-GB

2015-10-31 03:33 - 2015-07-10 11:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

2015-10-31 02:03 - 2015-07-10 10:55 - 00000000 ____D C:\WINDOWS\CbsTemp

2015-10-30 20:47 - 2013-11-03 11:04 - 00000000 ____D C:\Users\nele\AppData\Roaming\Skype

2015-10-30 18:02 - 2013-11-03 11:04 - 00000000 ____D C:\ProgramData\Skype

2015-10-30 09:54 - 2015-10-04 01:11 - 00004888 _____ C:\WINDOWS\SysWOW64\N1Service.ini

2015-10-30 09:54 - 2015-10-04 01:11 - 00002400 _____ C:\WINDOWS\SysWOW64\N1ServiceOff.ini

2015-10-27 13:04 - 2015-08-04 08:21 - 00001456 _____ C:\Users\nele\AppData\Local\Adobe Save for Web 13.0 Prefs

2015-10-26 11:39 - 2014-06-03 19:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection

2015-10-26 11:35 - 2013-10-15 19:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2015-10-26 11:33 - 2013-10-18 15:33 - 00000000 ____D C:\Users\nele\AppData\Roaming\BitTorrent

2015-10-25 21:59 - 2014-05-20 14:15 - 00000000 ____D C:\ProgramData\CanonIJPLM

2015-10-23 14:18 - 2014-08-28 21:24 - 00000000 ____D C:\Users\nele\AppData\Local\Adobe

2015-10-18 15:06 - 2014-06-03 19:30 - 00394584 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys

2015-10-18 15:06 - 2014-06-03 19:30 - 00139896 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys

2015-10-17 15:45 - 2015-07-19 19:37 - 00000000 ____D C:\Users\nele\Desktop\Nele Uska Photography

2015-10-17 08:31 - 2015-08-03 19:15 - 00000000 ____D C:\Program Files (x86)\Cloud Spot

2015-10-17 08:23 - 2015-09-11 15:09 - 00000000 ____D C:\Users\nele\AppData\Local\CloudSpotUpdater

2015-10-16 15:09 - 2015-07-28 19:44 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task

2015-10-16 07:08 - 2014-10-24 16:28 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat

2015-10-16 03:10 - 2015-10-02 03:36 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-10-16 03:10 - 2015-10-02 03:36 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-10-15 19:38 - 2015-09-09 09:35 - 00000000 ____D C:\Users\nele\Desktop\Airike

2015-10-14 15:13 - 2013-11-03 11:04 - 00000000 ___RD C:\Program Files (x86)\Skype

2015-10-14 13:26 - 2013-10-15 07:10 - 00000000 ____D C:\WINDOWS\system32\MRT

2015-10-14 13:17 - 2013-10-15 07:10 - 143481208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-10-14 13:15 - 2015-08-01 10:23 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL

2015-10-14 13:15 - 2015-08-01 10:23 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL

2015-10-14 13:15 - 2015-07-10 23:51 - 00541600 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe

2015-10-14 13:15 - 2015-07-10 23:51 - 00395168 _____ (Intel Corporation) C:\WINDOWS\system32\igfxTray.exe

2015-10-14 13:15 - 2015-07-10 23:51 - 00330136 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe

2015-10-14 13:15 - 2015-07-10 23:51 - 00258456 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe

2015-10-14 13:15 - 2015-07-10 23:50 - 03797424 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys

2015-10-14 13:15 - 2015-07-10 23:49 - 12335600 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll

2015-10-14 13:15 - 2015-07-10 23:49 - 11905432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll

2015-10-14 13:15 - 2015-07-10 23:49 - 04637640 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll

2015-10-14 13:15 - 2015-07-10 23:49 - 03672344 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll

2015-10-14 13:15 - 2015-07-10 23:46 - 00680432 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll

2015-10-14 13:15 - 2015-07-10 23:46 - 00285184 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll

2015-10-14 13:15 - 2015-07-10 23:46 - 00262640 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll

2015-10-13 14:28 - 2015-08-28 20:04 - 00000000 ____D C:\Users\nele\AppData\Local\YdvwPack

 

==================== Files in the root of some directories =======

 

2015-07-30 07:09 - 2015-07-30 07:09 - 0000079 _____ () C:\Program Files (x86)\prefs.js

2015-07-18 20:06 - 2015-09-15 12:57 - 0000132 _____ () C:\Users\nele\AppData\Roaming\Adobe PNG Format CC Prefs

2015-03-09 21:30 - 2015-03-09 21:30 - 0005487 _____ () C:\Users\nele\AppData\Roaming\BYAIAMUF

2015-08-04 08:21 - 2015-10-27 13:04 - 0001456 _____ () C:\Users\nele\AppData\Local\Adobe Save for Web 13.0 Prefs

2015-05-20 09:41 - 2015-05-20 09:41 - 0002124 _____ () C:\Users\nele\AppData\Local\recently-used.xbel

2013-05-28 06:01 - 2013-05-28 06:01 - 0000595 _____ () C:\ProgramData\CyberlinkOutput.txt

2015-09-02 07:08 - 2015-09-02 07:08 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

 

Files to move or delete:

====================

C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

 

Some files in TEMP:

====================

C:\Users\nele\AppData\Local\Temp\bitool.dll

C:\Users\nele\AppData\Local\Temp\cabex.dll

C:\Users\nele\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi2oqf2.dll

C:\Users\nele\AppData\Local\Temp\jre-8u51-windows-au.exe

C:\Users\nele\AppData\Local\Temp\jre-8u65-windows-au.exe

C:\Users\nele\AppData\Local\Temp\SpOrder.dll

C:\Users\nele\AppData\Local\Temp\sqlite3.dll

C:\Users\nele\AppData\Local\Temp\tu17p84.exe

C:\Users\nele\AppData\Local\Temp\unelevate.exe

C:\Users\nele\AppData\Local\Temp\ytaiesmt_smtyc_setup.exe

 

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed

C:\WINDOWS\system32\wininit.exe => File is digitally signed

C:\WINDOWS\explorer.exe => File is digitally signed

C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed

C:\WINDOWS\system32\svchost.exe => File is digitally signed

C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed

C:\WINDOWS\system32\services.exe => File is digitally signed

C:\WINDOWS\system32\User32.dll => File is digitally signed

C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed

C:\WINDOWS\system32\userinit.exe => File is digitally signed

C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed

C:\WINDOWS\system32\rpcss.dll => File is digitally signed

C:\WINDOWS\system32\dnsapi.dll => File is digitally signed

C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed

C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

 

LastRegBack: 2015-10-31 16:57

 

==================== End of FRST.txt ============================​

Link to post
Share on other sites

3 addition.txt

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015

Ran by nele (2015-11-09 17:34:15)

Running from C:\Users\nele\Downloads

Windows 10 Home (X64) (2015-08-01 11:07:41)

Boot Mode: Normal

==========================================================

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-2444418471-309531542-3407867716-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-2444418471-309531542-3407867716-503 - Limited - Disabled)

Guest (S-1-5-21-2444418471-309531542-3407867716-501 - Limited - Disabled) => C:\Users\Guest

HomeGroupUser$ (S-1-5-21-2444418471-309531542-3407867716-1007 - Limited - Enabled)

nele (S-1-5-21-2444418471-309531542-3407867716-1001 - Administrator - Enabled) => C:\Users\nele

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20077 - Adobe Systems Incorporated)

Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.11 - Adobe Systems)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)

Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)

Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)

Adobe Photoshop Lightroom 5.6 64-bit (HKLM\...\{D19E99C2-6D9D-4075-B446-B4387EAF70A5}) (Version: 5.6.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

BitTorrent (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\BitTorrent) (Version: 7.9.5.41203 - BitTorrent Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.1.0 - Canon Inc.)

Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)

Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)

Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)

Canon MX450 series On-screen Manual (HKLM-x32\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)

Canon MX450 series User Registration (HKLM-x32\...\Canon MX450 series User Registration) (Version:  - ‭Canon Inc.)

Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)

Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)

Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)

Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)

Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)

ChromecastApp (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)

Cloud Spot version 1.1.0 (HKLM-x32\...\{26119DD5-31D4-4660-B943-A03C06A2F5A9}}_is1) (Version: 1.1.0 - One Cloud LLC)

Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)

CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)

CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)

CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3119 - CyberLink Corp.)

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)

CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)

CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.22 - DivX, LLC)

Dropbox (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Dropbox) (Version: 3.10.8 - Dropbox, Inc.)

EA SPORTS Game Face Browser Plugin 1.8.0.0 (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\EA SPORTS Game Face Browser Plugin) (Version: 1.8.0.0 - Electronic Arts)

Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

Football Manager 2014 (HKLM-x32\...\Steam App 231670) (Version:  - Sports Interactive)

Google Photos Backup (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\Google Photos Backup) (Version: 1.1.1.259 - Google, Inc.)

Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden

HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)

HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)

HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)

HP Documentation (HKLM-x32\...\{1AC082E0-049D-4C5C-9ECF-9473AD5A949D}) (Version: 1.1.0.0 - Hewlett-Packard)

HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)

HP Quick Launch (HKLM-x32\...\{E5823036-6F09-4D0A-B05C-E2BAA129288A}) (Version: 3.0.6 - Hewlett-Packard Company)

HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)

HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)

HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)

HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)

HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)

HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.54.2 - HTC)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6425.0 - IDT)

Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)

iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)

Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)

Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version:  - )

Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)

PASS (HKLM-x32\...\com.showitfast.pass.desktop.PASS) (Version: 3.1.651 - Showitfast, Inc)

PASS (x32 Version: 3.1.651 - Showitfast, Inc) Hidden

PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Picasa Uploader (HKLM-x32\...\com.webkinesis.PicasaUploaderDesktop) (Version: 0.7 - UNKNOWN)

Picasa Uploader (x32 Version: 0.7 - UNKNOWN) Hidden

Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.37.0 - Mediatek)

Rapport (x32 Version: 3.5.1507.83 - Trusteer) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)

Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.29029 - Realtek Semiconductor Corp.)

Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)

Skypeâ„¢ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated)

Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.83 - Trusteer)

Unity Web Player (HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)

VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

VS10Runtimex64 (Version: 1.0.0 - sourcefire) Hidden

Windows 8 Codecs Pack 1.0.0 (HKLM\...\w8cpsetup_is1) (Version: 1.0.0 - Web Solution Mart)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\nele\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2444418471-309531542-3407867716-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\nele\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

 

==================== Restore Points =========================

 

26-10-2015 11:36:23 Installed Rapport

31-10-2015 02:00:39 Windows Update

07-11-2015 17:25:07 Scheduled Checkpoint

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1E19BBB6-CE11-445E-BC43-90C954BBA030} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)

Task: {26983DBF-7262-415C-8402-3B303D9BE7CE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)

Task: {4B3C40AF-74C0-4E22-B314-14748CC952CC} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-28] (Dropbox, Inc.)

Task: {5F305D81-2A6D-4A17-82B9-2482C266AA75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {617C8530-3AD1-4373-B9D6-50F3D26D1513} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-14] (Microsoft Corporation)

Task: {70DE8B54-CA5B-4548-8AEA-FD9F2D8D9CB2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

Task: {72D64D7B-3051-4FBE-AC3D-869DACF503F3} - System32\Tasks\HPCeeScheduleFornele => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)

Task: {76E33B9D-25C1-4442-8A03-7A1F78C2EB7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)

Task: {B2495DE5-6A55-4491-9933-6924E8639A36} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2012-11-05] (Hewlett-Packard Development Company, L.P.)

Task: {DB8F6DD3-331E-402D-BF1E-B3A48E03037E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {E919D2DF-279A-4CA0-AD7C-E76DB3C0D74A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)

Task: {F2F66373-DB93-44EB-9893-DF6720E2EA8D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Dropbox\Update\DropboxUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001Core.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2444418471-309531542-3407867716-1001UA.job => C:\Users\nele\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\HPCeeScheduleFornele.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (Whitelisted) ==============

2015-08-01 11:10 - 2015-08-01 11:10 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll

2015-08-19 07:14 - 2015-08-11 09:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll

2014-05-21 09:55 - 2012-03-28 12:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2015-10-01 08:49 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll

2015-07-22 00:02 - 2015-07-22 00:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2015-04-13 12:44 - 2015-04-13 12:44 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

2015-10-01 08:48 - 2015-09-17 05:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll

2015-10-01 08:49 - 2015-09-17 05:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2015-10-01 08:48 - 2015-09-17 05:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2015-10-01 08:48 - 2015-09-17 05:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2015-10-01 08:49 - 2015-09-17 05:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2014-01-10 05:26 - 2014-01-10 05:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

2015-07-22 00:02 - 2015-07-22 00:02 - 31535264 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

2015-04-13 12:43 - 2015-04-13 12:43 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2015-04-13 12:43 - 2015-04-13 12:43 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2015-04-13 12:44 - 2015-04-13 12:44 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2015-04-13 12:44 - 2015-04-13 12:44 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2015-04-13 12:44 - 2015-04-13 12:44 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2015-04-13 12:45 - 2015-04-13 12:45 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll

2015-04-13 12:47 - 2015-04-13 12:47 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2015-10-02 02:59 - 2015-10-12 23:33 - 00166416 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll

2015-11-09 17:15 - 2015-11-09 17:15 - 00071168 _____ () c:\users\nele\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi2oqf2.dll

2015-03-04 21:45 - 2015-09-23 23:07 - 00012800 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll

2015-06-28 05:42 - 2015-09-23 23:07 - 00779776 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll

2015-07-30 07:01 - 2015-09-23 23:07 - 00056320 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll

2015-03-04 21:45 - 2015-09-23 23:07 - 00012288 _____ () C:\Users\nele\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll

2014-01-10 05:28 - 2014-01-10 05:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll

2015-07-22 14:32 - 2015-07-22 14:32 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll

2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll

2013-09-20 13:50 - 2013-09-20 13:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll

2013-09-17 04:54 - 2013-09-17 04:54 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll

2013-09-17 04:54 - 2013-09-17 04:54 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll

2013-09-17 04:54 - 2013-09-17 04:54 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll

2013-05-28 05:43 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\N1Service => ""="service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\nele\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\imgp8049.jpg

DNS Servers: 192.168.1.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\StartupFolder: => "TornTvDownloader.lnk"

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "EADM"

HKU\S-1-5-21-2444418471-309531542-3407867716-1001\...\StartupApproved\Run: => "TornTv Downloader"

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139

FirewallRules: [{1025B925-2C9C-427E-86A8-132297731851}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C1E632B1-A3CC-48FD-884E-800344E706ED}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{F80D3479-1678-4232-A973-39494BFF18AA}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe

FirewallRules: [{52D5662F-33CE-44CA-923B-0996AFEF41E0}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

FirewallRules: [{E2048A47-C099-487A-B719-9A8929CA799E}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe

FirewallRules: [{F0B475D2-8FD4-49D2-B59D-0DC9F66A23DE}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe

FirewallRules: [{81C14BFD-0198-4354-B7E5-1D0EF5AFA7D8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe

FirewallRules: [{00527A23-494C-48F3-BEDA-9E14BF3557B8}] => (Block) C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.6\lightroom.exe

FirewallRules: [uDP Query User{57231475-DB0F-4254-AE4A-B7FEB59F260B}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe

FirewallRules: [TCP Query User{E056BE84-5783-41E3-9788-958D19C6E9F1}C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe] => (Block) C:\users\nele\appdata\roaming\torntv.com\torntv downloader.exe

FirewallRules: [{8FD4CF31-E083-4D04-9DC7-6E0B723BF52C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{82F42F84-D2F6-46D9-AB60-60F8B06328BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{4E7ACD19-1FE0-46A2-BB34-C409372F6276}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{EB3CECCB-6A56-4E43-81B8-25DD38B96015}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{39FAF2C5-369E-42C3-866A-8A92ECDAFBDA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{38B3D583-F8F1-4EA9-9163-A2C2DE9B408C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{0155C8CA-6EDE-4E39-BD94-D5F5D5F9A6CE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe

FirewallRules: [{4657F890-6E28-4ABC-B979-3947B979ABB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{37D48367-0D10-48B3-BCCA-4A517DCBD17B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{B09E334C-CA3F-44AB-989C-CC15A0B29087}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{350E6958-F5B3-4219-A59F-0388A2A557F2}] => (Allow) C:\Users\nele\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{3EDD2F47-0C6A-4D4C-8E59-2C443BEC0EE8}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE

FirewallRules: [{71DEA4C3-2E45-4C4C-B579-6C6A0D5D31FE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE

FirewallRules: [{33501526-9B4D-4ECA-85EC-9B267C10B160}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{9B2EDD26-3122-42D6-9CDA-308B8D37375F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{7E589AD1-B993-4737-92A3-F02A1FC25994}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{C6D5D70B-777E-4566-B2E4-6719579EDDE3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{3962F2D1-9922-404C-979D-61B218F40BDA}] => (Allow) C:\Users\nele\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

FirewallRules: [TCP Query User{74FAACFD-024B-4544-864E-A6794BA0F79F}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [uDP Query User{FDE116CE-3540-453E-948A-A89960CBB42C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [{06AA2F2F-4926-4C8A-9BB2-256FAD09E23D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exe

FirewallRules: [{BE5F66D4-8E4F-4F46-B145-916D0E4338E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exe

FirewallRules: [{A88648A1-777C-4AA2-9B7A-1773DA4D428D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exe

FirewallRules: [{0C9782B7-1886-42B7-8127-32BDC0CA275E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Football Manager 2014\fm.exe

FirewallRules: [TCP Query User{780C7D31-0E07-4514-98C5-D1B7D841A65B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [uDP Query User{7A2F8D87-B08E-46DC-8CAB-FDE2C041E641}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe

FirewallRules: [{9D199768-5E07-459B-A391-0F47664151ED}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{F10FE5CE-DB14-4515-9872-C5412EE19B51}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{B0731064-424E-48C1-AF45-88ADE2D3B16F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{9C267989-BAFE-4F06-8B7C-BB139468B55B}] => (Allow) LPort=2869

FirewallRules: [{EF52EE58-C211-4D55-82DA-53566D044D6D}] => (Allow) LPort=1900

FirewallRules: [{431A513B-B9D6-4D5D-AF1C-AA3E48C00EA7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{0BAC3109-561B-4CE2-B066-30424B91C084}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe

FirewallRules: [{6F593D47-8EBD-42DF-B104-0B18C9B0940F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe

FirewallRules: [{556BC192-839D-48C4-9293-4B156F47104A}] => (Allow) C:\Users\nele\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

FirewallRules: [{0489726D-FD2E-4D98-83FD-FC093031D8F8}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{7A14CA27-E1BF-4183-BC84-FD62E9E69CB7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{47AC1EFE-3AE7-49E5-A263-911720947574}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{2C1FEB40-5265-4BE2-97D8-91F8EA1A2A5D}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{4DEBA70B-87AD-44CC-BA1F-5FA4F3F99D65}] => (Allow) C:\Users\nele\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [TCP Query User{B1922B95-17F2-46B6-88A9-A71588C2E8A5}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [uDP Query User{40E97BEC-BEA7-419B-B933-C7AD70E7A5EB}C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\nele\appdata\roaming\dropbox\bin\dropbox.exe

FirewallRules: [{922C626C-9F00-40DD-AFE0-F86039AB9A02}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{9C5DAF29-896A-41CB-9E8F-22CFD309D847}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe

FirewallRules: [{5723E951-8684-4D25-B696-EB238EDA82E8}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe

FirewallRules: [TCP Query User{9184DB6C-1828-4307-8E42-1015CB06EAA2}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exe

FirewallRules: [uDP Query User{95C59811-07CA-4EB9-90B5-5CB65C16452A}C:\program files (x86)\cloud spot\cloudspot.exe] => (Allow) C:\program files (x86)\cloud spot\cloudspot.exe

FirewallRules: [TCP Query User{4324F66E-61F2-42D8-B7D7-6AA3192FCE0B}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exe

FirewallRules: [uDP Query User{6CE6CF79-0B86-4FE0-93F3-09603C556D7E}C:\users\nele\appdata\local\popcorn time\nw.exe] => (Block) C:\users\nele\appdata\local\popcorn time\nw.exe

FirewallRules: [{B9F105CA-0F51-4C6E-B13C-E673D4BFB632}] => (Allow) C:\WINDOWS\explorer.exe

FirewallRules: [{FEDCDE37-1637-46E1-AF73-85E16D3AC5AF}] => (Allow) C:\WINDOWS\system32\rundll32.exe

==================== Faulty Device Manager Devices =============

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (11/09/2015 05:11:47 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10240.16566, time stamp: 0x56277dbe

Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x55fa4b76

Exception code: 0xc0000005

Fault offset: 0x0000000000060f73

Faulting process ID: 0x1fe4

Faulting application start time: 0xMicrosoftEdge.exe0

Faulting application path: MicrosoftEdge.exe1

Faulting module path: MicrosoftEdge.exe2

Report ID: MicrosoftEdge.exe3

Faulting package full name: MicrosoftEdge.exe4

Faulting package-relative application ID: MicrosoftEdge.exe5

Error: (11/09/2015 05:01:47 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10240.16566, time stamp: 0x56277dbe

Faulting module name: MicrosoftEdge.exe, version: 11.0.10240.16566, time stamp: 0x56277dbe

Exception code: 0xc0000409

Fault offset: 0x0000000000313369

Faulting process ID: 0xa10

Faulting application start time: 0xMicrosoftEdge.exe0

Faulting application path: MicrosoftEdge.exe1

Faulting module path: MicrosoftEdge.exe2

Report ID: MicrosoftEdge.exe3

Faulting package full name: MicrosoftEdge.exe4

Faulting package-relative application ID: MicrosoftEdge.exe5

 

Error: (11/09/2015 02:49:46 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: microsoftedgecp.exe, version: 11.0.10240.16384, time stamp: 0x559f3853

Faulting module name: MMDevApi.dll, version: 10.0.10240.16384, time stamp: 0x559f3a70

Exception code: 0xc0000005

Fault offset: 0x000000000001f81e

Faulting process ID: 0x4c98

Faulting application start time: 0xmicrosoftedgecp.exe0

Faulting application path: microsoftedgecp.exe1

Faulting module path: microsoftedgecp.exe2

Report ID: microsoftedgecp.exe3

Faulting package full name: microsoftedgecp.exe4

Faulting package-relative application ID: microsoftedgecp.exe5

Error: (11/09/2015 02:04:56 PM) (Source: Google Update) (EventID: 20) (User: NELEPADDYHOME)

Description: Network Request Error.

Error: 0x8007277a. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x8007277a. Http s

 

Error: (11/09/2015 11:04:56 AM) (Source: Google Update) (EventID: 20) (User: NELEPADDYHOME)

Description: Network Request Error.

Error: 0x8007277a. Http status code: 0.

Url=https://www.facebook.com/omaha/update.php

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=IE, wpad=1, script=.

trying CUP:WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying WinHTTP.

Send request returned 0x8007277a. Http status code 0.

trying CUP:iexplore.

Send request returned 0x80004005. Http status code 0.

Trying config: source=, direct connection.

trying CUP:WinHTTP.

Send request returned 0x8007277a. Http s

Error: (11/09/2015 09:23:55 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10240.16384, time stamp: 0x559f38cb

Faulting module name: MosHostCore.dll, version: 10.0.10240.16384, time stamp: 0x559f3908

Exception code: 0xc0000005

Fault offset: 0x00000000000096f2

Faulting process ID: 0x53d8

Faulting application start time: 0xsvchost.exe_MapsBroker0

Faulting application path: svchost.exe_MapsBroker1

Faulting module path: svchost.exe_MapsBroker2

Report ID: svchost.exe_MapsBroker3

Faulting package full name: svchost.exe_MapsBroker4

Faulting package-relative application ID: svchost.exe_MapsBroker5

 

Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 413) (User: )

Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (11/09/2015 09:22:31 AM) (Source: ESENT) (EventID: 488) (User: )

Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

 

Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 413) (User: )

Description: SettingSyncHost (5352) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.

Error: (11/09/2015 09:22:20 AM) (Source: ESENT) (EventID: 488) (User: )

Description: SettingSyncHost (5352) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ".  The create file operation will fail with error -1032 (0xfffffbf8).

 

System errors:

=============

Error: (11/09/2015 05:17:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)

Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}

 

Error: (11/09/2015 05:12:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error:

%%1069

 

Error: (11/09/2015 05:12:18 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:

%%50

 

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

 

Error: (11/09/2015 05:12:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/09/2015 05:12:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (11/09/2015 05:12:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (11/09/2015 05:12:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

 

Error: (11/09/2015 05:11:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

Error: (11/09/2015 05:11:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s).

 

Error: (11/09/2015 05:11:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: The IconMan_R service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.

 

CodeIntegrity:

===================================

  Date: 2015-11-09 17:34:44.194

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-09 17:34:44.172

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-09 17:11:12.323

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-09 17:11:12.297

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-09 15:38:22.662

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-09 15:38:22.574

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-09 15:38:22.483

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-09 15:38:22.401

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

  Date: 2015-11-09 15:38:22.320

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-11-09 15:38:22.231

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

 

==================== Memory info ===========================

Processor: Intel® Core i3-3110M CPU @ 2.40GHz

Percentage of memory in use: 30%

Total physical RAM: 8084.27 MB

Available physical RAM: 5602.22 MB

Total Virtual: 10900.27 MB

Available Virtual: 8533.56 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:907.27 GB) (Free:609.24 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive d: (RECOVERY) (Fixed) (Total:21.86 GB) (Free:2.63 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: F5E1212F)

 

Partition: GPT.

 

==================== End of Addition.txt ============================

Link to post
Share on other sites

OK. :)

But we're not done yet. Please go ahead and run MBAM and ESET:

Step 1

v21logo.PNG

Scan with Malwarebytes Anti-Malware.

  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.

    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:

    m21p.png

  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select

    m21p4.png

  • Return to our forum. Paste your log into your next reply and then click Finish [7].
mbamv21.gif

Step 2

Please downloadesetlogo.pngOnline Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:
settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.

    Note: This scan might take a long time! Please be patient.

  • When completed, click on Finish.
  • A log filelog.pngis created at logpath.png

    Copy and paste the content of this log file in your next reply.

esetlog.png

Note: Do not forget to re-enable your antivirus application after running the above scan!

eset.gif

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.