Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2015 Ran by catma_000 at 2015-04-13 10:13:09 Running from C:\Users\catma_000\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon) <==== ATTENTION Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.) Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation) Bingo Cafe (HKU\S-1-5-21-1319240991-3494267394-1717728235-1005\...\Bingo Cafe) (Version: - ) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Conexant SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.12.0 - Conexant) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dark Parables 3 Rise of the Snow Queen Collectors Edition 1.00 (HKLM-x32\...\Dark Parables 3 Rise of the Snow Queen Collectors Edition 1.00) (Version: - ) Dark Strokes Sins of the Fathers Collectors Edition 1.00 (HKLM-x32\...\Dark Strokes Sins of the Fathers Collectors Edition 1.00) (Version: - ) Dark Tales 2 Edgar Allan Poes The Black Cat Collectors Edition 1.00 (HKLM-x32\...\Dark Tales 2 Edgar Allan Poes The Black Cat Collectors Edition 1.00) (Version: - ) Dark Tales 3 Edgar Allan Poes The Premature Burial CE 1.00 (HKLM-x32\...\Dark Tales 3 Edgar Allan Poes The Premature Burial CE 1.00) (Version: - ) Death Under Tuscan Skies A Dana Knightstone Novel 2 Collectors Edition 1.00 (HKLM-x32\...\Death Under Tuscan Skies A Dana Knightstone Novel 2 Collectors Edition 1.00) (Version: - ) Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.5 - Dell Inc.) Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.5 - Dell Inc.) Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell) Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 10.0 - Dell) Depths of Betrayal Collectors Edition 1.00 (HKLM-x32\...\Depths of Betrayal Collectors Edition 1.00) (Version: - ) Echoes of the Past The Castle of Shadows Collectors Edition 1.00 (HKLM-x32\...\Echoes of the Past The Castle of Shadows Collectors Edition 1.00) (Version: - ) Elevated Installer (x32 Version: 2.1.8 - Garmin Ltd or its subsidiaries) Hidden Enigma 7 1.00 (HKLM-x32\...\Enigma 7 1.00) (Version: - ) Escape from Frankensteins Castle 1.00 (HKLM-x32\...\Escape from Frankensteins Castle 1.00) (Version: - ) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Eternal Journey New Atlantis Collectors Edition 1.00 (HKLM-x32\...\Eternal Journey New Atlantis Collectors Edition 1.00) (Version: - ) Experiment 1.00 (HKLM-x32\...\Experiment 1.00) (Version: - ) Fabled Legends The Dark Piper Collectors Edition 1.00 (HKLM-x32\...\Fabled Legends The Dark Piper Collectors Edition 1.00) (Version: - ) Fierce Tales The Dogs Heart Collectors Edition 1.00 (HKLM-x32\...\Fierce Tales The Dogs Heart Collectors Edition 1.00) (Version: - ) Film Fatale BFG 1.00 (HKLM-x32\...\Film Fatale BFG 1.00) (Version: - ) Flux Family Secrets The Book of Oracles 1.00 (HKLM-x32\...\Flux Family Secrets The Book of Oracles 1.00) (Version: - ) Forbidden Secrets Alien Town Collectors Edition 1.00 (HKLM-x32\...\Forbidden Secrets Alien Town Collectors Edition 1.00) (Version: 1.00 - Games) Freemake Video Converter version 4.0.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.3 - Ellora Assets Corporation) Gardenscapes Mansion Makeover CE 1.00 (HKLM-x32\...\Gardenscapes Mansion Makeover CE 1.00) (Version: - ) Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{f8045cae-2c45-445b-a15b-f77ffe0f1956}) (Version: 2.1.8 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 2.1.8 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 2.1.8 - Garmin Ltd or its subsidiaries) Hidden Garmin Update Service (x32 Version: 2.1.8 - Garmin Ltd or its subsidiaries) Hidden Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries) Ghost Encounters Deadwood 1.00 (HKLM-x32\...\Ghost Encounters Deadwood 1.00) (Version: - ) Golden Trails 3 The Guardians Creed 1.00 (HKLM-x32\...\Golden Trails 3 The Guardians Creed 1.00) (Version: - ) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Grim Tales The Legacy Collectors Edition 1.00 (HKLM-x32\...\Grim Tales The Legacy Collectors Edition 1.00) (Version: - ) Grim Tales The Wishes Collectors Edition 1.00 (HKLM-x32\...\Grim Tales The Wishes Collectors Edition 1.00) (Version: - ) Guardian Dragons New 1.00 (HKLM-x32\...\Guardian Dragons New 1.00) (Version: - ) GUPlayer (remove only) (HKLM-x32\...\GUPlayer) (Version: - ) Haunted Halls Fears from Childhood Collectors Edition 1.00 (HKLM-x32\...\Haunted Halls Fears from Childhood Collectors Edition 1.00) (Version: - ) Heaven and Hell Angelos Quest 1.00 (HKLM-x32\...\Heaven and Hell Angelos Quest 1.00) (Version: - ) Hidden Mysteries Return to Titanic 1.00 (HKLM-x32\...\Hidden Mysteries Return to Titanic 1.00) (Version: - ) Hidden Mysteries Royal Family Secrets 1.00 (HKLM-x32\...\Hidden Mysteries Royal Family Secrets 1.00) (Version: - ) House of 1000 Doors The Palm of Zoroaster Collectors Edition 1.00 (HKLM-x32\...\House of 1000 Doors The Palm of Zoroaster Collectors Edition 1.00) (Version: - ) HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Help (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP Deskjet 3050A J611 series Product Improvement Study (HKLM\...\{A772BF60-20A5-4279-A18B-B9D8DBC9B30A}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations) HP Product Detection (HKLM-x32\...\{42D10994-A566-495D-A5E7-D0C6B5C6B35C}) (Version: 11.14.0006 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden iCloud (HKLM\...\{D0CB24F4-084F-40DE-B6B9-A03626E682F0}) (Version: 2.1.1.3 - Apple Inc.) Inspector Magnusson Murder On The Titanic 1.00 (HKLM-x32\...\Inspector Magnusson Murder On The Titanic 1.00) (Version: - ) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation) iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle) Jet Bingo (HKU\S-1-5-21-1319240991-3494267394-1717728235-1005\...\Jet Bingo) (Version: - ) Living Legends Ice Rose Collectors Edition 1.00 (HKLM-x32\...\Living Legends Ice Rose Collectors Edition 1.00) (Version: - ) Lost City of Z 1.00 (HKLM-x32\...\Lost City of Z 1.00) (Version: - ) Love Chronicles The Spell Collectors Edition 1.00 (HKLM-x32\...\Love Chronicles The Spell Collectors Edition 1.00) (Version: - ) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 37.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-GB)) (Version: 37.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla) Nat Geo Adventure Ghost Fleet 1.00 (HKLM-x32\...\Nat Geo Adventure Ghost Fleet 1.00) (Version: - ) Rapport (x32 Version: 3.5.1404.75 - Trusteer) Hidden Recipe Hub toolbar (HKLM-x32\...\RecipeHub_2jbar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) TotalRecipeSearch Toolbar (HKLM-x32\...\TotalRecipeSearch_14bar Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.75 - Trusteer) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) YTD Toolbar v10.9 (HKLM-x32\...\{D065A3E2-6502-4EA2-91D3-FE98B72B6CDE}) (Version: 10.9 - Spigot, Inc.) <==== ATTENTION ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 11-04-2015 20:58:23 Removed Adblock Plus for IE (32-bit and 64-bit) 12-04-2015 09:16:56 Restore Point Created by FRST ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0B0C4A89-888E-4400-B2B4-70B80C31D908} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.) Task: {106D0C58-619B-4199-AB38-0A235EF1B0D8} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.) Task: {15E34D96-86DD-41C5-BEB5-BB457682FBBC} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.) Task: {20AFA765-DEDB-477F-9FF5-F72775E9D5DC} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation) Task: {27FA629B-B8E9-456C-AD62-08EF7A09AD5B} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard) Task: {3FDAAE6E-3971-4785-8BFD-E51D95E59791} - System32\Tasks\HPCustParticipation HP Deskjet 3050A J611 series => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {42EBF3C2-A1B2-4820-9A63-6FA346A0B0E3} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-12] (Adobe Systems Incorporated) Task: {487CA2F5-19B5-4BF5-99E5-B1143D4149D9} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {54FD991C-2EA9-4FA6-BF4F-1DE7EFFFA0C4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {5D8F56F4-A613-473D-BE71-BA22A300E9CB} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {7B13CEF5-D065-48E6-A1E7-330705D23A53} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] () Task: {7D88F6CF-3B70-402E-85E8-84C483E9BF3C} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2012-12-17] (Apple Inc.) Task: {8F4A638A-6CBA-4994-991C-8626521E7DB3} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {9110A2F2-172E-4F3F-9849-A5440125D054} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation) Task: {9273A96A-219F-4C6E-9A56-3EE547FBC250} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-03-11] (Microsoft Corporation) Task: {B0466165-BD2D-4FC2-990D-78FA16E55778} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation) Task: {B2B4AB74-9443-402E-996B-EB77E90BBD78} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink) Task: {D21E4F20-929A-49FA-A2E8-C7020326989D} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe ==================== Loaded Modules (whitelisted) ============== 2015-04-12 19:37 - 2015-04-12 19:37 - 00531456 _____ () c:\windows\xag.exe 2015-04-12 19:37 - 2015-04-12 19:37 - 00523264 _____ () c:\windows\mxag.exe 2012-12-17 17:14 - 2012-12-17 17:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll 2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-08-22 03:19 - 2013-08-22 02:54 - 00174592 _____ () C:\WINDOWS\system32\WinMetadata\Windows.UI.winmd 2013-08-22 03:19 - 2013-08-22 02:54 - 00050176 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Data.winmd 2013-08-22 03:19 - 2013-08-22 02:54 - 00030208 _____ () C:\WINDOWS\system32\WinMetadata\Windows.Foundation.winmd 2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-23 16:04 - 2014-03-23 16:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2012-11-01 00:37 - 2012-06-07 23:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2012-11-01 00:32 - 2012-07-18 15:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\catma_000\OneDrive:ms-properties AlternateDataStreams: C:\Users\Ginette\OneDrive:ms-properties AlternateDataStreams: C:\Users\Ginette\OneDrive.old:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1319240991-3494267394-1717728235-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ginette\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Photo Gallery Wallpaper.jpg HKU\S-1-5-21-1319240991-3494267394-1717728235-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\catma_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\photo gallery wallpaper.jpg DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "CLVirtualDrive" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "TotalRecipeSearch Search Scope Monitor" HKLM\...\StartupApproved\Run32: => "TotalRecipeSearch_14 Browser Plugin Loader" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKU\S-1-5-21-1319240991-3494267394-1717728235-1005\...\StartupApproved\Run: => "GarminExpressTrayApp" HKU\S-1-5-21-1319240991-3494267394-1717728235-1005\...\StartupApproved\Run: => "HP Deskjet 3050A J611 series (NET)" ==================== Accounts: ============================= Administrator (S-1-5-21-1319240991-3494267394-1717728235-500 - Administrator - Disabled) catma_000 (S-1-5-21-1319240991-3494267394-1717728235-1005 - Administrator - Enabled) => C:\Users\catma_000 Ginette (S-1-5-21-1319240991-3494267394-1717728235-1001 - Administrator - Enabled) => C:\Users\Ginette Guest (S-1-5-21-1319240991-3494267394-1717728235-501 - Limited - Disabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/13/2015 06:28:06 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. System errors: ============= Error: (04/13/2015 06:48:42 AM) (Source: Ntfs) (EventID: 138) (User: ) Description: The transaction resource manager at C:\ encountered a fatal error and was shut down. The data contains the error code. Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2130 CPU @ 3.40GHz Percentage of memory in use: 34% Total physical RAM: 6013.55 MB Available physical RAM: 3966.77 MB Total Pagefile: 7357.55 MB Available Pagefile: 4860.78 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:918.45 GB) (Free:854.05 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2F06AA7B) Partition: GPT Partition Type. ==================== End Of Log ============================