Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-08-2015 Ran by Roger (2015-08-17 10:37:54) Running from C:\Users\Roger\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3060642483-2203438337-4272554016-500 - Administrator - Disabled) => C:\Users\Administrator Guest (S-1-5-21-3060642483-2203438337-4272554016-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3060642483-2203438337-4272554016-1005 - Limited - Enabled) Roger (S-1-5-21-3060642483-2203438337-4272554016-1001 - Administrator - Enabled) => C:\Users\Roger RogerGmail (S-1-5-21-3060642483-2203438337-4272554016-1008 - Administrator - Enabled) => C:\Users\RogerGmail ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - ) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House) ABC News (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\Pokki_e183bfa127af5c9dcf3023b06ad8503cbe2f0163) (Version: 1.0.0.46422 - Pokki) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\{0E3C52E0-B4F1-4D1E-B172-E390813BD9FE}) (Version: 12.1.8.158 - Adobe Systems, Inc) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.1245.72250 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 3.1.1245.72250 - Alcor Micro Corp.) Hidden ArcSoft Print Creations - Brochure (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version: - ArcSoft) ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft) ArcSoft Print Creations (HKLM-x32\...\{F626E006-C06C-466A-B133-92C1991385CA}) (Version: - ArcSoft) CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform) CryptoPrevent (HKLM-x32\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC) CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform) Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc) DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.63.0.1160 - Innovative Solutions) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.6 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.4 - Lenovo) Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) EPSON Web-To-Page (HKLM-x32\...\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}) (Version: - ) EPSON WorkForce 600 Series Printer Uninstall (HKLM\...\EPSON WorkForce 600 Series) (Version: - SEIKO EPSON Corporation) FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies) Game Arcade (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\Pokki_8c0fb60d03e3ff6fd84a1ee0ac970f06a99b8304) (Version: 1.0.2.40574 - Pokki) Glary Utilities 5.31 (HKLM-x32\...\Glary Utilities 5) (Version: 5.31.0.51 - Glarysoft Ltd) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.) Host App Service (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\Pokki) (Version: 0.269.7.738 - Pokki) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6431.0 - IDT) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Internet TV (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\Pokki_00d88092408ab87e0c38ae805c0dedbc153f0975) (Version: 1.0.0.50244 - Pokki) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited) Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.301.1 - Vimicro) Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.) Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG) Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.17.1 - ELAN Microelectronic Corp.) Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden Lenovo Service Bridge (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\cbe8636f7dd0cf1d) (Version: 1.3.0.0 - Lenovo) Lenovo Solution Center (HKLM\...\{F02F4A8B-1A5F-45B8-9B74-AAF21A2B1BCC}) (Version: 2.1.002.00 - Lenovo Group Limited) Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo) Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.) Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5987 - Lenovo) Lumosity (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\Pokki_f4851c333c5e94cace866778759653e2f096986c) (Version: 1.0.0.49465 - Pokki) M8 Free Clipboard (HKLM-x32\...\{B8F52797-70E5-4484-AC5E-5C1931E9BBE1}) (Version: 20.12 - M8 Software) Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla) Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro) OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Safer Updater (HKLM-x32\...\Safer Updater) (Version: 1.1.0.6 - Safer Technologies, Inc.) Sawbuck (HKLM-x32\...\{459BFE07-FCF3-4274-AC8B-8E8DDA7214BA}) (Version: 0.6.8.0 - Google Inc) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.) Start Menu (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\Pokki_Start_Menu) (Version: 0.269.7.738 - Pokki) Sudoku (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\sudoku-b7ffee4c1b47dfe45597d9b34ed723a9) (Version: - Softgames GmBH) SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1200 - SUPERAntiSpyware.com) TechCrunch (HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\Pokki_cea32fc95a838fa2e9ada17d03cd89641789c58b) (Version: 1.0.0.46548 - Pokki) TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector) UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo) UserGuide (x32 Version: 1.0.0.9 - Lenovo) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Driver Package - Lenovo (ACPIVPC) System (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo) Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo) WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3060642483-2203438337-4272554016-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 03-08-2015 16:47:14 Checkpoint by HitmanPro 10-08-2015 14:17:25 Checkpoint by HitmanPro 10-08-2015 15:54:07 DMX_DriverMax Driver Installation 10-08-2015 15:55:11 DMX_DriverMax Driver Installation 11-08-2015 15:51:25 DMX_DriverMax Driver Installation 13-08-2015 15:50:18 DMX_DriverMax Driver Installation 13-08-2015 18:15:51 DMX_DriverMax Driver Installation ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2015-08-15 04:21 - 00450771 ___RA C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {052981D6-AEF1-4D9D-82BE-824B68AEDCC2} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-08-03] (Glarysoft Ltd) Task: {06E68CEF-6ABB-4127-A68C-5D5E2B68507E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.) Task: {06E782C6-8976-462F-8164-7AA98157D017} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-3060642483-2203438337-4272554016-1001 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\Roger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {0B9B5870-5770-4B88-9439-1981C5C5852F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.) Task: {1B883996-50B6-45A6-BA4F-FCA56463B029} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-12] (Microsoft Corporation) Task: {46EC69F0-F416-4934-A68C-8BBCC862366D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-30] (Dropbox, Inc.) Task: {4AA2C759-E345-413A-90BD-2B4D7B91C4B9} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] () Task: {4F467649-B0F6-4BC5-A7CD-A4EBAE91FE9A} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.) Task: {5B23E889-084B-4405-A2A0-52EBC96CCF73} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {5CA68153-4EC9-45CF-8F19-10F57AFA89F0} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-15] () Task: {5E59D615-89F6-40F7-8F75-3B58169E4C46} - System32\Tasks\CryptoMonitor_SU => C:\Program Files\EasySync Solutions\EasySync CryptoMonitor\CryptoMonitor.exe Task: {8BD5008D-FDD8-4D23-9026-C971769702DA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.) Task: {95C03629-6336-449B-B3CF-D3ADAADBF381} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2015-07-22] (Innovative Solutions) Task: {9C61963C-76ED-4D2B-AB7A-ABEE9492F50F} - System32\Tasks\SaferUpdateTaskSCUD => C:\Program Files (x86)\Safer Technologies\Safer Updater\SaferUpdater.exe [2015-05-18] (Safer Technologies, Inc.) Task: {9F978457-8C33-496D-B30F-0474A344F4D1} - System32\Tasks\UpdateDetector => C:\Program Files (x86)\Glarysoft\Update Detector 5\UpdateDetector.exe Task: {9FC1A079-CCC9-427F-A743-3CE6AD2A1BC8} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-03-06] (Lenovo) Task: {A7039992-7167-480E-9FD3-6DC91275180A} - System32\Tasks\Pokki => %LOCALAPPDATA%\Pokki\Engine\HostAppServiceUpdater.exe Task: {A84A7E31-18B5-423A-92F5-49750865645F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-15] (Lenovo) Task: {AA989788-20A8-465D-8E3A-5996450676B2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-30] (Dropbox, Inc.) Task: {AE0042B4-DB78-4458-99D2-D4C7FEDD9EC6} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-08-03] (Glarysoft Ltd) Task: {BCA88136-E0FD-47DA-8422-3961E43020EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd) Task: {BD987BBB-8969-420B-BFB5-24CF7C05E07B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.) Task: {CF44C781-1D15-4B29-BB0F-85FE8EFC35E3} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-15] (Lenovo) Task: {DB77ACE1-6147-474C-83E0-4835B6F666E0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated) Task: {FE43A48D-F4BE-402A-983A-3A12C60939C8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-22] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2013-08-17 08:22 - 2012-04-24 06:43 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2013-08-17 08:34 - 2013-08-17 08:34 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe 2013-08-17 08:34 - 2013-08-17 08:34 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll 2015-05-17 17:43 - 2012-01-20 14:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll 2015-07-03 06:22 - 2015-07-05 12:01 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll 2015-07-13 11:16 - 2015-06-01 21:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-11-21 12:59 - 2014-11-21 12:59 - 00462592 _____ () C:\Program Files (x86)\Lenovo\Lenovo Messenger\NotificationsViewHost.exe 2015-05-18 13:51 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-05-18 13:51 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-08-03 06:06 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-05-18 13:51 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-08-12 17:45 - 2015-08-07 20:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll 2015-08-12 17:45 - 2015-08-07 20:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll 2015-08-17 10:15 - 2015-08-17 10:15 - 00071168 _____ () c:\users\roger\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjt3cip.dll 2015-06-03 12:23 - 2015-08-05 16:49 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll 2015-06-03 12:23 - 2015-08-05 16:49 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-30 09:03 - 2015-08-05 16:49 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-06-03 12:23 - 2015-08-05 16:49 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll 2015-06-07 16:02 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll 2015-06-07 16:02 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll 2015-07-10 11:32 - 2015-07-22 09:47 - 00008760 _____ () C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll 2013-08-17 08:12 - 2012-07-18 14:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-08-03 03:03 - 2015-08-03 03:03 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll 2015-07-18 11:32 - 2015-07-18 11:32 - 01020928 _____ () C:\Users\Roger\AppData\Roaming\Mozilla\Firefox\Profiles\zin00jgu.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll 2014-08-13 09:27 - 2014-08-13 09:27 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll 2014-07-29 13:34 - 2014-07-29 13:34 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Roger\OneDrive:ms-properties AlternateDataStreams: C:\Users\Roger\OneDrive.old:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7866 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Roger\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\smokiesa.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "SDTray" HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3060642483-2203438337-4272554016-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{58FCEBED-D809-48C9-A73E-238D30649DFA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3DFE7BCF-17D7-4AD7-A344-3F76EA853F55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{247121DB-5332-499D-872A-8C67946E67D3}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE FirewallRules: [{13722B45-B8C4-48AC-BA2F-D105A3DEB851}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{5B32D93D-D608-432E-944E-1B5D538A5FB4}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [TCP Query User{82B2D9DB-B308-4BDD-9111-CB7E6447FFC4}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{36EF95C2-170E-4BD4-AB5D-AD79B35F5BCB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{A9A3A581-39A3-49E1-8A19-8D58C7876638}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{3627397F-8770-42AE-A3A8-EBEB08CB4888}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{D6D6CFE0-BBFE-46D4-96BD-54AAEB014CF2}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{FE1BC8E5-8145-422D-8703-DDA2C98C965B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{32F396D9-6B7C-4D88-94EA-E365140DAE88}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe FirewallRules: [UDP Query User{A16EE37E-DB12-4E21-9B8B-C5BA58EA50D0}C:\windows\system32\settingsynchost.exe] => (Allow) C:\windows\system32\settingsynchost.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Faulty Device Manager Devices ============= Name: Multifunction Device Description: Multifunction Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Multifunction Device Description: Multifunction Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Multifunction Device Description: Multifunction Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Multifunction Device Description: Multifunction Device Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/15/2015 11:02:28 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Integrator.exe version 5.31.0.51 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 20a0 Start Time: 01d0d76a00426347 Termination Time: 2703 Application Path: C:\Program Files (x86)\Glary Utilities 5\Integrator.exe Report Id: 9e3e7042-435e-11e5-bec7-54bef732ab92 Faulting package full name: Faulting package-relative application ID: Error: (08/15/2015 10:52:10 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Integrator.exe version 5.31.0.51 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1030 Start Time: 01d0d68e5fa6ce6a Termination Time: 437 Application Path: C:\Program Files (x86)\Glary Utilities 5\Integrator.exe Report Id: 244af618-435d-11e5-bec7-54bef732ab92 Faulting package full name: Faulting package-relative application ID: Error: (08/15/2015 06:30:45 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2198 Start Time: 01d0d744b150e16e Termination Time: 4294967295 Application Path: C:\WINDOWS\syswow64\backgroundTaskHost.exe Report Id: a55b113b-4338-11e5-bec7-54bef732ab92 Faulting package full name: Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftMahjong Error: (08/15/2015 06:17:10 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program backgroundTaskHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 7fc Start Time: 01d0d742d3e28b4e Termination Time: 4294967295 Application Path: C:\WINDOWS\system32\backgroundTaskHost.exe Report Id: c724f35d-4336-11e5-bec7-54bef732ab92 Faulting package full name: AntaraSoftware.AlarmClockHD_3.3.0.3_neutral__7jhd16s0b93qm Faulting package-relative application ID: App Error: (08/15/2015 05:01:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROGERPC) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail failed with error: -2147483621 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/15/2015 04:58:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ROGERPC) Description: Package microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe+ppleae38af2e007f4358a809ac99a64a67c1 was terminated because it took too long to suspend. Error: (08/15/2015 04:29:36 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program LiveComm.exe version 17.5.9600.20911 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1764 Start Time: 01d0d6df6c3afb53 Termination Time: 4294967295 Application Path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe Report Id: c06755ab-4327-11e5-bec7-54bef732ab92 Faulting package full name: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe Faulting package-relative application ID: ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/15/2015 04:29:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ROGERPC) Description: Package microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe+ppleae38af2e007f4358a809ac99a64a67c1 was terminated because it took too long to suspend. Error: (08/14/2015 08:38:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROGERPC) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (08/14/2015 08:38:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROGERPC) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (08/17/2015 10:30:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home. Error: (08/17/2015 10:13:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 Error: (08/17/2015 10:13:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. Error: (08/17/2015 10:12:31 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 10:08:45 AM on ‎8/‎17/‎2015 was unexpected. Error: (08/17/2015 06:53:55 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home. Error: (08/16/2015 06:09:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home. Error: (08/15/2015 08:16:12 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home. Error: (08/14/2015 08:51:31 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home. Error: (08/14/2015 08:38:14 AM) (Source: DCOM) (EventID: 10001) (User: ROGERPC) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable Error: (08/14/2015 08:38:14 AM) (Source: DCOM) (EventID: 10001) (User: ROGERPC) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server15612Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable Microsoft Office: ========================= Error: (08/15/2015 11:02:28 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Integrator.exe5.31.0.5120a001d0d76a004263472703C:\Program Files (x86)\Glary Utilities 5\Integrator.exe9e3e7042-435e-11e5-bec7-54bef732ab92 Error: (08/15/2015 10:52:10 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Integrator.exe5.31.0.51103001d0d68e5fa6ce6a437C:\Program Files (x86)\Glary Utilities 5\Integrator.exe244af618-435d-11e5-bec7-54bef732ab92 Error: (08/15/2015 06:30:45 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: backgroundTaskHost.exe6.3.9600.17415219801d0d744b150e16e4294967295C:\WINDOWS\syswow64\backgroundTaskHost.exea55b113b-4338-11e5-bec7-54bef732ab92Microsoft.MicrosoftMahjong_2.4.1412.2202_x86__8wekyb3d8bbweMicrosoftMahjong Error: (08/15/2015 06:17:10 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: backgroundTaskHost.exe6.3.9600.174157fc01d0d742d3e28b4e4294967295C:\WINDOWS\system32\backgroundTaskHost.exec724f35d-4336-11e5-bec7-54bef732ab92AntaraSoftware.AlarmClockHD_3.3.0.3_neutral__7jhd16s0b93qmApp Error: (08/15/2015 05:01:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROGERPC) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail-2147483621 Error: (08/15/2015 04:58:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ROGERPC) Description: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe+ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/15/2015 04:29:36 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: LiveComm.exe17.5.9600.20911176401d0d6df6c3afb534294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exec06755ab-4327-11e5-bec7-54bef732ab92microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1 Error: (08/15/2015 04:29:31 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ROGERPC) Description: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe+ppleae38af2e007f4358a809ac99a64a67c1 Error: (08/14/2015 08:38:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROGERPC) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284 Error: (08/14/2015 08:38:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ROGERPC) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147009284 CodeIntegrity: =================================== Date: 2015-08-17 10:35:42.247 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-17 10:34:49.153 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-17 10:34:43.950 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-17 10:25:23.333 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-17 10:25:23.229 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-17 10:25:23.031 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. Date: 2015-08-17 10:16:45.738 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\EEL64A.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU 2030M @ 2.50GHz Percentage of memory in use: 57% Total physical RAM: 3986.27 MB Available physical RAM: 1684.69 MB Total Virtual: 5394.27 MB Available Virtual: 2697.37 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:423.68 GB) (Free:373.38 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.51 GB) NTFS Drive e: (PUPPY STICK) (Removable) (Total:7.45 GB) (Free:7.25 GB) FAT32 Drive f: (CDROM) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 3580926C) Partition: GPT. ======================================================== Disk: 1 (Size: 7.5 GB) (Disk ID: 0900F6BD) Partition 1: (Active) - (Size=7.5 GB) - (Type=0C) ==================== End of log ============================