Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01 Ran by inFidel (2015-08-05 19:34:29) Running from C:\Users\inFidel\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4041656617-1838989228-2178339868-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-4041656617-1838989228-2178339868-503 - Limited - Disabled) Guest (S-1-5-21-4041656617-1838989228-2178339868-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-4041656617-1838989228-2178339868-1004 - Limited - Enabled) inFidel (S-1-5-21-4041656617-1838989228-2178339868-1000 - Administrator - Enabled) => C:\Users\inFidel ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.) ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.662.5581 - ABBYY) Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.15) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.) AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Catalyst Install Manager (HKLM\...\{46BE800A-FA5E-71E5-93AC-EB5CBA0E86EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks) Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation) Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.1600 - Broadcom Corporation) Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1600 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4305 - CyberLink Corp.) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.) ESU for Microsoft Windows 7 SP1 (HKLM\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard) FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse) Futuremark SystemInfo (HKLM\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark) Google Chrome (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company) HP CoolSense (HKLM\...\{0D8B3696-E52D-4291-B833-9F6AEB1CC4AB}) (Version: 2.1.0 - Hewlett-Packard Company) HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Help (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{7414C891-720D-4E86-85E5-C3AA898DA9EC}) (Version: 22.50.231.0 - Hewlett-Packard Co.) HP On Screen Display (HKLM\...\{D7670221-BF9B-4DFF-B26B-5BE55A87329F}) (Version: 1.2.2 - Hewlett-Packard Company) HP Power Manager (HKLM\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company) HP QuickWeb (HKLM\...\{57D8E376-0E8A-4AFD-9040-DA2D33B7FF94}) (Version: 3.1.0.9791 - Hewlett-Packard Company) HP Setup (HKLM\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company) HP Setup Manager (HKLM\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company) HP Software Framework (HKLM\...\{31EEA563-3544-4EA1-8773-BCBF83F9627A}) (Version: 4.1.8.1 - Hewlett-Packard Company) HP Support Assistant (HKLM\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company) HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6351.0 - IDT) Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version: - ) iSkysoft Video Converter(Build 3.1.1.0) (HKLM\...\iSkysoft Video Converter_is1) (Version: - iSkysoft Software) iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.) Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle) JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Lucid Dream Preparation (HKLM\...\Lucid Dream Preparation_is1) (Version: - ) Magic ISO Maker v5.4 (build 0239) (HKLM\...\Magic ISO Maker v5.4 (build 0239)) (Version: - ) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) Notepad++ (HKLM\...\Notepad++) (Version: 6.6.8 - Notepad++ Team) Osmo4/GPAC (remove only) (HKLM\...\Osmo4) (Version: - ) PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden Ports Of Call Simulator 3d - Updater (HKLM\...\Ports Of Call Simulator 3d - Updater) (Version: - ) Ports Of Call Simulator 3d (HKLM\...\Ports Of Call Simulator 3d) (Version: - ) Ports Of Call XXL (HKLM\...\Ports Of Call XXL) (Version: - ) Ports Of Call XXL WEB installer (HKLM\...\Ports Of Call XXL WEB installer) (Version: 1.0.13 - MMS Dipl.-Ing. Rolf-Dieter Klein) QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Quintessential Player (HKLM\...\Quintessential Player) (Version: 4.51 - Quinnware) Raptr (HKLM\...\Raptr) (Version: - ) RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver and Utility (HKLM\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - ALFA NETWORK Inc..) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.1.0.1824 - GetData Pty Ltd) Recovery Manager (Version: 2.0.0 - Hewlett-Packard) Hidden Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) SpeedFan (remove only) (HKLM\...\SpeedFan) (Version: - ) Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - ) Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version: - Sublime HQ Pty Ltd) Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: - ) Topaz InFocus (HKLM\...\Topaz InFocus) (Version: 1.0.0 - Topaz Labs) Topaz InFocus (Version: 1.0.0 - Topaz Labs) Hidden Topaz Adjust 4 (HKLM\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs) Topaz Adjust 4 (Version: 4.1.0 - Topaz Labs) Hidden Topaz DeNoise 5 (HKLM\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs) Topaz DeNoise 5 (Version: 5.0.1 - Topaz Labs) Hidden Topaz Detail 2 (HKLM\...\Topaz Detail 2) (Version: 2.0.5 - Topaz Labs) Topaz Detail 2 (Version: 2.0.5 - Topaz Labs) Hidden Topaz ReMask 3 (HKLM\...\Topaz ReMask 3) (Version: 3.1.0 - Topaz Labs) Topaz ReMask 3 (Version: 3.1.0 - Topaz Labs) Hidden TunnelBear (HKLM\...\{24ab069f-4a6a-43db-a29a-ab0daf2e8f2e}) (Version: 2.2.25.0 - TunnelBear) TunnelBear (Version: 2.2.25.0 - TunnelBear) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Viber (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc) VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WinHTTrack Website Copier 3.48-19 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack) Winrar 3.93 (HKLM\...\Winrar 3.93) (Version: - ) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.27.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{219D3EAA-D5B5-9D41-67F5-C9D57885EE5A}\InprocServer32 -> C:\WINDOWS\system32\ole32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.26.7\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5999E1EE-711E-48D2-9884-851A709F543D}\localserver32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Chrome\Application\44.0.2403.130\delegate_execute.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{7B37E4E2-C62F-4914-9620-8FB5062718CC}\localserver32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A3CA1CF4-5F3E-4AC0-91B9-0D3716E1EAC3}\localserver32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{AB807329-7324-431B-8B36-DBD581F56E0B}\localserver32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncShell.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Microsoft\OneDrive\17.3.5907.0716\FileSyncApi.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.) ==================== Restore Points ========================= " & $upd1 & ": System Restore is disabled ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-04-13 19:24 - 2014-08-30 00:52 - 00000924 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 activate.adobe.com google.com serena.costa.it google.com onboardportal.serena.costa.it ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {009986E1-084C-45EA-9604-7C8FC043A1B3} - System32\Tasks\RealCreateProcessScheduledTask1255228849S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {04CD0C20-CE92-4701-90E4-D2BA660375AB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {07911280-4361-4CDF-828C-4BF3A634D1EA} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {08C614E7-0E9E-4385-80A1-B57D741C85F0} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\WINDOWS\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation) Task: {0A9D5167-ED4C-43C6-8320-980C6755F1AE} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent Task: {0B8B8675-BE25-4D7D-AAA3-50B1FA47252D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {0C72B578-D676-414D-9F9C-FF0B216A314F} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {103AAA73-BD59-4F3F-9257-15810F30E961} - System32\Tasks\HPCeeScheduleForinFidel => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {130D3600-17D9-4F5B-8475-DE5CDD5FC07C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B No Task File <==== ATTENTION Task: {13550F2C-A475-475F-AE32-F8D7682F8C40} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {16344429-ACC1-48F4-B6D1-FAE67D747FA1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {1E59CAD0-D49B-4553-88DE-227F411F5D57} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\WINDOWS\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {201CF893-BC56-46DA-8598-6F75905C9028} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {20E6881A-B853-4D82-82C7-F135398C8FCF} - System32\Tasks\{351260BE-BC63-47A8-966B-0729B8279AC5} => pcalua.exe -a C:\PROGRA~1\poc\pocxxl\UNWISE.EXE -c C:\PROGRA~1\poc\pocxxl\INSTAL~1.LOG Task: {210B29B6-A68A-4580-AC06-855728389B03} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {21C72CF3-573E-4E02-83B9-7988E7DCF53A} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2A619C9A-D49B-45E6-909A-9E4FA6A77FE2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2E55AA51-E9B8-40B5-9EA6-0A24D15DDE63} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {3299D847-22BD-4E3E-AE04-A4CCD195D12C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d No Task File <==== ATTENTION Task: {345CC02B-96C6-4045-9499-8CF2FEF41454} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3493F400-2D1E-4617-98E1-5F7439D7A881} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d No Task File <==== ATTENTION Task: {354FB93B-2CD8-4E84-B8F4-FB347026CEF3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {390EE041-756D-4926-991E-291C6C61161A} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3B7B9C63-686E-4E2D-973D-21F0828CCF44} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {3C480DB5-9C57-4D02-A3C4-6737DD9DD027} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\WINDOWS\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {3F628C45-4379-43B1-82E3-3D0AC5EF7C33} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {4885BD6E-AB34-4F93-B1BF-6F00AC56797E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {489A34B7-9791-432B-A762-FEE4D0E9562E} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {49C6F58F-98A3-4416-98C4-24BD457AC122} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {4BEFD5F4-9E85-4068-8279-BBDB61B181CB} - System32\Tasks\AdobeAAMUpdater-1.0-inFidel-1337-inFidel => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {4C61D4C0-ADF1-48A4-91D6-C64A8CE35E79} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\WINDOWS\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation) Task: {4C7B56E3-0356-4A04-B96E-6F65F43BEE41} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update Task: {50011453-BF29-42B4-9EF2-44F6535103BB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5052E9DF-601A-4784-9B89-542AE0FEF7EC} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {51FA85B2-A860-463C-99F6-73A8503B0493} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {53A86098-E92D-465A-9992-5B0DE052377E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.) Task: {55E475E8-CD21-4285-BC33-0BB31C3C0F3B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.) Task: {5AD50DD1-F8CB-44BD-8037-C916B4487505} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.) Task: {5AD99B81-4044-4598-A14C-A96AA6485E44} - System32\Tasks\RealCreateProcessScheduledTask422498102S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {5CE5009F-1260-496A-AE13-40BEF27A8EFB} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {5CFC6547-F84F-4299-A6D9-75E2E9304389} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-30] (Microsoft Corporation) Task: {5E9E1543-5646-4D83-9217-C26BFFF0EB9A} - System32\Tasks\ReclaimerUpdateXML_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.) Task: {6283D386-3EE5-4D2C-9649-D392BC8BD632} - System32\Tasks\ReclaimerUpdateFiles_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.) Task: {6451D5E9-DC34-446B-AD5B-9D75EFC36B38} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\WINDOWS\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {6862C974-65DA-4679-BDFD-4822FAEBEF23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {69CAE3B8-3FAF-456E-A76F-B310BB356FD4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {6AE39FF1-6932-4E5A-94D1-9E3A9422011C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {6CC2569D-EFD0-42A4-A0C0-FE506F7AF0ED} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\WINDOWS\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {70EFD96E-15A1-4F5C-9D80-C7DF43B7FE07} - System32\Tasks\RealCreateProcessScheduledTask1816915314S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {71121402-FCB8-4FB8-AEC9-61CDB7B26CFD} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d No Task File <==== ATTENTION Task: {7135AB65-C102-40AF-8A95-750F84E26CA4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-30] (Microsoft Corporation) Task: {71E639F9-8720-44DC-BCB3-361CCF47B5E9} - System32\Tasks\RNUpgradeHelperResumePrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.) Task: {7553ECBD-6482-4A75-8300-A8ADCB2A8CC2} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {774A65FA-58F3-4431-8C46-7078368F6A3E} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\WINDOWS\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {784017A0-41E3-423C-B4F3-CF8F69DF8C64} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {797930BC-B506-4F11-9896-4C928674405C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {7CE92BED-AF62-4F15-95DB-EFD4ACDFDCA0} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7D6D93E2-73C2-4AC5-A718-42BE28FC0578} - System32\Tasks\RealCreateProcessScheduledTask252138895S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {7F68AF9C-4412-453D-8D6E-5416A6416BB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.) Task: {82B34A9E-CDE5-485B-AB0D-18F493C00310} - System32\Tasks\RealCreateProcessScheduledTask1575878248S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {860EC9CB-A3CF-4BBB-AABD-71E1A4B14DA9} - System32\Tasks\RealCreateProcessScheduledTask3427956672S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {8639BB41-3495-443F-AC80-D6DDF2FD02A0} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {876A087C-5FFF-43A6-B68E-A269E8BFE991} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd No Task File <==== ATTENTION Task: {88742C4E-AF27-4EC0-AA61-61526B2F4601} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\WINDOWS\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {89D46697-8928-4574-A933-FBEF74F9F160} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {8BD8D26D-9B78-4CF6-9D46-9E9201ECED6B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\WINDOWS\system32\MusNotification.exe [2015-07-30] (Microsoft Corporation) Task: {8F7EB076-1391-433B-8052-A4439A675A14} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {914D56EE-A009-43F5-AF87-885CC0376D30} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {92F01956-EB7D-43FB-90B9-1B9A5D74FCFC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d No Task File <==== ATTENTION Task: {94AC54C1-45ED-4884-9B3F-E5810E0D8121} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {98CB750C-B919-409C-8666-BCE5246A5CB8} - System32\Tasks\RealCreateProcessScheduledTask977211496S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {9DD41417-F1DD-4A5E-AAD3-B08331EB3424} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.) Task: {9F2EE535-82E3-44F2-B985-975D989DB43E} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A069C56C-0897-4BA2-8D03-F6053EF86B9D} - System32\Tasks\RNUpgradeHelperLogonPrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.) Task: {A226D73C-205F-4BDB-BBF9-386875BE0DD9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A5FC74E8-BD6D-4D81-9B55-F1ADB1730C4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company) Task: {A74CD58D-5647-4741-9064-3B8F39EF2CC5} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation) Task: {B194207F-6450-4072-8F3B-321BC6E8D776} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent No Task File <==== ATTENTION Task: {B72CD943-73BF-44B2-B595-9696646795E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {BD56AF2E-907C-44C8-897A-40C9806F3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {BED9992B-B1C6-4AB7-B3C5-C88E6B6520D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {C2D86B3B-2BC1-431E-8AE1-473AC64CFB88} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated) Task: {C4878030-99B3-45D1-BC5A-106549CAD895} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.) Task: {C7F8DC2D-9D31-4DFE-A34C-1A5E18943525} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\WINDOWS\system32\ClipUp.exe [2015-07-30] (Microsoft Corporation) Task: {C93C598B-FEB8-4255-8540-FA81DA29185A} - System32\Tasks\{C4DE863C-94D5-40D1-9C25-152C05E4A3BC} => pcalua.exe -a C:\PROGRA~1\MagicISO\UNWISE.EXE -c C:\PROGRA~1\MagicISO\INSTALL.LOG Task: {C9703AB2-A3C3-4659-8085-661C02E7D346} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d No Task File <==== ATTENTION Task: {CC2282AC-B4DA-4915-BB90-D9CB1E511BEE} - System32\Tasks\RealCreateProcessScheduledTask3586971720S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {CFF52379-353C-4C55-9ACF-0752840AB3FE} - System32\Tasks\RealCreateProcessScheduledTask3278052768S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {D44DD388-5750-4948-BAAE-C734BB0EADE8} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2011-07-07] (CyberLink) Task: {D8F27312-24E5-4B50-88A5-2358182E1AB0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess No Task File <==== ATTENTION Task: {DC16CBDE-AA9E-4210-A986-8D68EA498A7D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {DD87F70B-C8AE-4ECD-9AFC-288536510545} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\WINDOWS\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation) Task: {DF510808-53FA-470A-833F-396D515B1060} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {E0BA284D-66A1-45B7-81C3-26863D50B281} - System32\Tasks\RealCreateProcessScheduledTask3543218697S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {E3FBBA84-1DB8-48C0-9156-90AB8123E65E} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {E7973815-D42D-4EDC-9FCF-88D6231943D2} - System32\Tasks\RealCreateProcessScheduledTask460272418S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {EDA8FD07-340F-4073-8D95-DB2FBBF08B12} - System32\Tasks\RealCreateProcessScheduledTask1257031909S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.) Task: {F31D7EF8-31AF-4E29-B9A4-6152E173C5CA} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {FA930F2A-9ECB-4043-836C-6C803C2FB6D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.) Task: {FB6B539D-57C2-4E39-98FD-C9D2BF921B63} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\WINDOWS\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {FED16E18-4834-4974-AD86-D8645A716F35} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent No Task File <==== ATTENTION Task: {FFCA7BB4-325D-445C-A7F2-52C08E53C1C7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig No Task File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForinFidel.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\ReclaimerUpdateFiles_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\ReclaimerUpdateXML_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe Task: C:\WINDOWS\Tasks\RNUpgradeHelperLogonPrompt_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-30 05:08 - 2015-07-30 05:08 - 00025088 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-07-27 15:07 - 2015-07-27 15:07 - 00114688 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2015-07-30 05:08 - 2015-07-30 05:08 - 00301056 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2012-06-28 21:12 - 2009-12-09 21:20 - 00126976 _____ () C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\EnumDevLib.dll 2015-07-30 05:08 - 2015-07-30 05:08 - 01769568 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-07-30 05:08 - 2015-07-30 05:08 - 01769568 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2010-03-15 11:28 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll 2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2015-07-10 10:24 - 2015-07-10 10:24 - 00288768 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 10:24 - 2015-07-10 10:24 - 00111104 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll 2015-07-27 15:07 - 2015-07-27 15:07 - 00095744 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00087040 _____ () C:\Program Files\Raptr\_ctypes.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00043008 _____ () C:\Program Files\Raptr\_socket.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00805376 _____ () C:\Program Files\Raptr\_ssl.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 05812736 _____ () C:\Program Files\Raptr\PyQt4.QtGui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00067584 _____ () C:\Program Files\Raptr\sip.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 01662464 _____ () C:\Program Files\Raptr\PyQt4.QtCore.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00494592 _____ () C:\Program Files\Raptr\PyQt4.QtNetwork.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00096256 _____ () C:\Program Files\Raptr\win32api.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00110592 _____ () C:\Program Files\Raptr\pywintypes26.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00010240 _____ () C:\Program Files\Raptr\select.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00356864 _____ () C:\Program Files\Raptr\_hashlib.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00036352 _____ () C:\Program Files\Raptr\win32process.pyd 2010-11-23 00:57 - 2010-11-23 00:57 - 00111104 _____ () C:\Program Files\Raptr\win32file.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00044544 _____ () C:\Program Files\Raptr\_sqlite3.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 00417501 _____ () C:\Program Files\Raptr\sqlite3.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00167936 _____ () C:\Program Files\Raptr\win32gui.pyd 2014-05-14 01:26 - 2014-05-14 01:26 - 00313856 _____ () C:\Program Files\Raptr\PyQt4.QtWebKit.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00127488 _____ () C:\Program Files\Raptr\pyexpat.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00009216 _____ () C:\Program Files\Raptr\winsound.pyd 2014-08-14 02:37 - 2014-08-14 02:37 - 00113171 _____ () C:\Program Files\Raptr\libvlc.dll 2014-08-14 02:37 - 2014-08-14 02:37 - 02396691 _____ () C:\Program Files\Raptr\libvlccore.dll 2010-11-23 00:56 - 2010-11-23 00:56 - 00583680 _____ () C:\Program Files\Raptr\unicodedata.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00354304 _____ () C:\Program Files\Raptr\pythoncom26.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00263168 _____ () C:\Program Files\Raptr\win32com.shell.shell.pyd 2010-11-23 00:56 - 2010-11-23 00:56 - 00324608 _____ () C:\Program Files\Raptr\PIL._imaging.pyd 2013-11-21 02:05 - 2013-11-21 02:05 - 00256000 _____ () C:\Program Files\Raptr\amd_ags.dll 2010-11-23 00:57 - 2010-11-23 00:57 - 00024064 _____ () C:\Program Files\Raptr\win32pipe.pyd 2015-07-27 21:32 - 2015-07-27 21:32 - 02551040 _____ () C:\Program Files\Raptr\ltc_host_ex.DLL 2010-11-23 00:57 - 2010-11-23 00:57 - 00141312 _____ () C:\Program Files\Raptr\gobject._gobject.pyd 2014-06-18 02:56 - 2014-06-18 02:56 - 02717595 _____ () C:\Program Files\Raptr\heliotrope._purple.pyd 2011-02-15 20:17 - 2011-02-15 20:17 - 01213633 _____ () C:\Program Files\Raptr\libxml2-2.dll 2010-11-23 01:06 - 2010-11-23 01:06 - 00055808 _____ () C:\Program Files\Raptr\zlib1.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00495680 _____ () C:\Program Files\Raptr\plugins\libaim.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 01183699 _____ () C:\Program Files\Raptr\liboscar.dll 2013-05-10 01:52 - 2013-05-10 01:52 - 00483306 _____ () C:\Program Files\Raptr\plugins\libicq.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00655356 _____ () C:\Program Files\Raptr\plugins\libirc.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 01306387 _____ () C:\Program Files\Raptr\plugins\libmsn.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00565461 _____ () C:\Program Files\Raptr\plugins\libxmpp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01640221 _____ () C:\Program Files\Raptr\libjabber.dll 2013-05-03 20:56 - 2013-05-03 20:56 - 00506276 _____ () C:\Program Files\Raptr\plugins\libyahoo.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 01053730 _____ () C:\Program Files\Raptr\libymsg.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00497782 _____ () C:\Program Files\Raptr\plugins\libyahoojp.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00603326 _____ () C:\Program Files\Raptr\plugins\ssl-nss.dll 2013-05-03 20:57 - 2013-05-03 20:57 - 00474199 _____ () C:\Program Files\Raptr\plugins\ssl.dll 2014-07-30 16:17 - 2014-07-24 19:40 - 00936656 _____ () C:\Users\inFidel\AppData\Local\Viber\Viber.exe 2014-09-27 22:34 - 2014-09-27 22:34 - 43532288 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\libViber.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00770048 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\libGLESv2.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00098304 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\qfacebook.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00172032 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\libexif.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00049152 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\libEGL.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00876544 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\platforms\qwindows.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00024576 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\imageformats\qgif.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00024576 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\imageformats\qico.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00204800 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\imageformats\qjpeg.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00221184 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\imageformats\qmng.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00016384 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\imageformats\qsvg.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00016384 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\imageformats\qtga.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00311296 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\imageformats\qtiff.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00016384 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\imageformats\qwbmp.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00638976 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\sqldrivers\qsqlite.dll 2014-09-27 22:34 - 2014-09-27 22:34 - 00032768 _____ () C:\Users\inFidel\AppData\Local\Viber\4.3.0.1453\iconengines\qsvgicon.dll 2015-07-30 05:08 - 2015-07-30 05:08 - 04319232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 10:25 - 2015-07-10 12:50 - 00377856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-07-30 05:08 - 2015-07-30 05:08 - 01181184 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-07-30 05:08 - 2015-07-30 05:08 - 01425920 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-15 12:39 - 2015-07-15 12:39 - 17448624 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:56E2E879 AlternateDataStreams: C:\Users\inFidel\Desktop\NEW-LOGO-2014.png:com.dropbox.attributes ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: ABBYY.Licensing.FineReader.Professional.9.0 => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: TunnelBearMaintenance => 3 MSCONFIG\startupfolder: C:^Users^inFidel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Dropbox Update => "C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c MSCONFIG\startupreg: Facebook Update => "C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: Google Update => "C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\update\realsched.exe" -osboot HKLM\...\StartupApproved\Run: => "HPQuickWebProxy" HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\StartupApproved\Run: => "OneDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808 FirewallRules: [{F38BFF15-E50E-4187-8426-369D6AABDF6D}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{795010D6-440A-4A01-803D-57EA1877225B}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{F8762FD3-57FF-4E15-8A90-90F2C5B5FE14}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{C421BD34-A57C-4D92-9AA3-E92DAA163EB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{18AB7373-127E-42E2-AA72-B9FBC9C3951E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{8C81D482-2533-4D4C-938F-E257F60AF7F2}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{A2B7E03B-E010-4968-A99A-C82E2107E370}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{C4998E5E-82F4-44DB-A08C-94E5ABAFADD8}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{9CAFFCC9-9E0A-4911-809B-CA1C52D63A48}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{C16841EF-920F-4323-99D5-3D3993DCD3F9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [UDP Query User{272B80D2-3BCE-42F7-B2C0-CDD78C884450}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe FirewallRules: [TCP Query User{B74A1F15-39F3-4CE2-8A7C-5F2E46B37A39}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe FirewallRules: [{65367420-F09D-46F0-A7A8-8E3AFF5E2386}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe FirewallRules: [{AEC02BD7-A6E1-421E-ADFC-D1F45C07C0FC}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe FirewallRules: [UDP Query User{60E77581-9FF8-4C73-A6F6-31EA5EDD5B70}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{5036818C-8EB0-4344-9929-64EF17FD885E}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{1A48C6AB-4E1D-413C-9378-D793A3DAA5EB}] => (Allow) LPort=53 FirewallRules: [{9CD2D101-7391-45AF-94F1-2E464E048363}] => (Allow) LPort=1542 FirewallRules: [{BA03B495-55E6-4CE0-B8A0-5EED5450DD01}] => (Allow) LPort=1542 FirewallRules: [{D7EC3FAC-2050-402C-A6B3-BCDC169A855D}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe FirewallRules: [{29A5756D-6F75-4441-AEC2-96EAE6476ED7}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe FirewallRules: [{20EDB504-9744-4606-A198-B9171F7071F8}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{596B2558-52B5-43EA-9382-68F871A3FE16}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{4ABDBE74-524E-4004-A29E-964F100DDD72}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{CDEB5FDC-6FE5-427D-970A-078496B66720}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe FirewallRules: [{25C05E15-0F88-43CA-BF88-A6699555192D}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe FirewallRules: [{503748D5-04FD-4FC0-BBEF-613EACE3B0B4}] => (Allow) C:\Program Files\EasyBits For Kids\ezDesktop.exe FirewallRules: [{EA72AEC1-BC41-41FC-8C9B-F2CC50E56246}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe FirewallRules: [{6B1C6C39-989E-45C0-85C8-30E9EE046446}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe FirewallRules: [{D7B0BF1F-5AC7-4BDE-95EA-48353153D9B2}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{8FC51FDF-9204-4114-B98C-FDE066FE7A42}] => (Allow) LPort=1900 FirewallRules: [{8A11AF01-A2E1-42FE-A548-E27057A37A69}] => (Allow) LPort=2869 FirewallRules: [{13150711-637C-4B7B-B015-927C8AFD0B34}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{39039F9F-8D77-43E0-91AB-6306136BC8A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{EEEF8D91-7116-4345-8325-9403E5AE51CE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{833ABF27-5248-4C41-A46C-D0680FEF9779}] => (Allow) C:\Program Files\Raptr\raptr.exe FirewallRules: [{62F3375D-05CF-45C8-B600-4A727C88888A}] => (Allow) C:\Program Files\Raptr\raptr.exe FirewallRules: [{16CFB5D9-5829-481C-9803-A9856D499E61}] => (Allow) C:\Program Files\Raptr\raptr_im.exe FirewallRules: [{9A6083ED-7BE8-4068-84C3-600761658BFE}] => (Allow) C:\Program Files\Raptr\raptr_im.exe FirewallRules: [{FAA6B28B-1898-4F1F-9438-276B6F76E463}] => (Allow) C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/05/2015 06:49:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: inFidel-1337) Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/05/2015 06:49:31 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LockApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: c1c Start Time: 01d0cf90718e8473 Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe Report Id: ee081b19-3b91-11e5-93d3-60d819db7858 Faulting package full name: Microsoft.LockApp_10.0.10240.16384_neutral__cw5n1h2txyewy Faulting package-relative application ID: WindowsDefaultLockScreen Error: (08/05/2015 01:27:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: inFidel-1337) Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/05/2015 01:27:32 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LockApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: cf0 Start Time: 01d0cf12126f5cb3 Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe Report Id: f05c2bfc-3b64-11e5-93d3-60d819db7858 Faulting package full name: Microsoft.LockApp_10.0.10240.16384_neutral__cw5n1h2txyewy Faulting package-relative application ID: WindowsDefaultLockScreen Error: (08/05/2015 01:27:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: inFidel-1337) Description: App Microsoft.LockApp_10.0.10240.16384_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen did not launch within its allotted time. Error: (08/05/2015 01:27:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: inFidel-1337) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/05/2015 01:52:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: inFidel-1337) Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/05/2015 01:52:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: inFidel-1337) Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/04/2015 08:54:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: inFidel-1337) Description: Activation of app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/04/2015 08:54:55 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LockApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 83c Start Time: 01d0cee24d8724bc Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe Report Id: 4a1efc50-3ada-11e5-93d3-60d819db7858 Faulting package full name: Microsoft.LockApp_10.0.10240.16384_neutral__cw5n1h2txyewy Faulting package-relative application ID: WindowsDefaultLockScreen System errors: ============= Error: (08/05/2015 05:07:28 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/05/2015 03:29:13 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/05/2015 02:02:53 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/05/2015 01:52:33 AM) (Source: DCOM) (EventID: 10010) (User: inFidel-1337) Description: Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider Error: (08/05/2015 01:52:24 AM) (Source: DCOM) (EventID: 10010) (User: inFidel-1337) Description: App.AppX8h0bdkbb5frkt9s09fvshhbvqnntmvm1.mca Error: (08/04/2015 09:05:42 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/04/2015 08:54:45 PM) (Source: DCOM) (EventID: 10010) (User: inFidel-1337) Description: App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca Error: (08/04/2015 08:20:57 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/04/2015 06:50:56 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (08/04/2015 05:14:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: %%1058 Microsoft Office: ========================= CodeIntegrity: =================================== Date: 2015-08-04 15:28:02.724 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-08-03 22:27:57.292 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-30 15:00:28.981 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD E-450 APU with Radeon(tm) HD Graphics Percentage of memory in use: 57% Total physical RAM: 3578.9 MB Available physical RAM: 1533.48 MB Total Virtual: 7162.9 MB Available Virtual: 4452.29 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:100 GB) (Free:35.67 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (Recovery) (Fixed) (Total:15.73 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32 Drive f: (Data) (Fixed) (Total:345.86 GB) (Free:152.21 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6500A13B) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15.7 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=365.6 GB) - (Type=OF Extended) ==================== End of log ============================