Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-11-2015 Ran by Doris (2015-11-11 14:50:50) Running from C:\Users\Doris\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WUS60T7B Windows 7 Home Premium Service Pack 1 (X64) (2012-10-20 21:22:53) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-891251935-3120285653-2804985873-500 - Administrator - Disabled) Doris (S-1-5-21-891251935-3120285653-2804985873-1000 - Administrator - Enabled) => C:\Users\Doris Guest (S-1-5-21-891251935-3120285653-2804985873-501 - Limited - Enabled) Kevin (S-1-5-21-891251935-3120285653-2804985873-1003 - Administrator - Enabled) => C:\Users\Kevin Mcx1-DORIS-PC (S-1-5-21-891251935-3120285653-2804985873-1004 - Limited - Enabled) => C:\Users\Mcx1-DORIS-PC ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Trend Micro Titanium (Disabled - Up to date) {68F968AC-2AA0-091D-848C-803E83E35902} AV: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Trend Micro Titanium (Disabled - Up to date) {D3988948-0C9A-0693-BE3C-BB4CF86413BF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee Anti-Virus and Anti-Spyware (Disabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden 7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.1.110 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.) Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps) Dell Stage (HKLM-x32\...\{0F99CA59-7CB4-4167-A43A-4B1D5E584281}) (Version: 1.6.301.0 - Fingertapps) Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft) Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.) Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell) FormatFactory 3.8.0.0 (HKLM-x32\...\FormatFactory) (Version: 3.8.0.0 - Free Time) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden HP ePrint (HKLM-x32\...\{2794875B-6CCF-48B8-84A5-5B10DB98BEE6}) (Version: 14.0.14176.1823 - Hewlett-Packard) HP LaserJet Professional M1530 MFP Series (HKLM-x32\...\{74280B5D-A0AF-46c5-9C85-D9EA078262F1}) (Version: - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HPLaserJetHelp_LearnCenter (HKLM-x32\...\{B2AA0F22-E167-4C4A-BAE2-E0025028E61B}) (Version: 1.02.0000 - Hewlett-Packard) hppLaserJetService (x32 Version: 002.015.00599 - Hewlett-Packard) Hidden hppM1530LaserJetService (x32 Version: 001.008.00477 - Hewlett-Packard) Hidden hppTLBXFXM1530 (x32 Version: 001.012.00948 - Hewlett-Packard) Hidden hpzTLBXFX (x32 Version: 006.015.01163 - Hewlett-Packard) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Learn It Now Spanish Premier - Content (HKLM-x32\...\D8CF00F7-B9C9-49A1-AA8D-F7660A9A7137) (Version: 1.0 - Transparent Language, Inc.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.163.2 - McAfee, Inc.) McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 14.0.4121 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.184 - McAfee, Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4727.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 41.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1 - Mozilla) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4727.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4727.1003 - Microsoft Corporation) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PointerReader (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{763bdca1}) (Version: - PointerReader) <==== ATTENTION QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RealDownloader (x32 Version: 1.3.4 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6554 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1208 - SUPERAntiSpyware.com) Trend Micro Titanium (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 2.20 - Trend Micro Inc.) TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-891251935-3120285653-2804985873-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\actxprxy.dll () <==== ATTENTION ==================== Restore Points ========================= 09-11-2015 17:15:02 Removed Trend Micro Titanium. 09-11-2015 21:28:32 Windows Update 10-11-2015 13:36:27 Windows Backup 11-11-2015 03:01:27 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 19:34 - 2015-11-10 23:49 - 00450831 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15464 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {11A37059-F462-4B08-BFF0-8736B23EEDA4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation) Task: {1FD96811-7F55-431B-B277-124FCB3AF693} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-891251935-3120285653-2804985873-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-08-12] (RealNetworks, Inc.) Task: {24A15F65-F3B2-4435-B8A1-468ADD47835A} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe [2013-05-27] (NCH Software) Task: {250BD334-9C08-4892-97AA-D272096BAAED} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-891251935-3120285653-2804985873-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.) Task: {30607B12-00DA-401E-A220-2C087B9E1472} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Doris-PC-Doris Doris-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-05-28] (Microsoft Corporation) Task: {3B335764-45E1-43C3-BEB5-143A4856A1B2} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2011-12-13] (PC-Doctor, Inc.) Task: {3C099D5F-BA20-4D11-9926-5DAE0D959E01} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-06-01] (McAfee, Inc.) Task: {3F1EBE7B-0FF4-44C7-84D3-0B6BEDDED466} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-12-13] (PC-Doctor, Inc.) Task: {4C97F91B-1673-400A-8F8D-C1FF7B922AA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe Task: {6A708789-C202-4BBB-B369-397881A6AB9A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-05-19] (Microsoft Corporation) Task: {6FE2DE8F-2389-42BD-80D5-3A9AB8F67880} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-05-28] (Microsoft Corporation) Task: {707BFA40-7FC8-478E-B6E3-C440983582AA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {71172E34-6B81-4FAB-BAE7-E1BCBBDE3494} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {71914E0B-68BC-49BF-BDF5-81A65BCBF98D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {7971C60D-2898-460D-9F74-2000D08D236D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-891251935-3120285653-2804985873-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.) Task: {A347B817-4D1F-4DC1-8F45-420CE8499B77} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-DORIS-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation) Task: {A351F3EA-7651-4C83-8C2A-25890056C7B4} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\mcafee\Platform\McUICnt.exe [2015-07-21] (McAfee, Inc.) Task: {AA55C9D3-929C-4B66-AAC7-8E63D705F05B} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-13] (PC-Doctor, Inc.) Task: {ACC8B3C1-5F20-46AB-A06D-59982B2A70DC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-891251935-3120285653-2804985873-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.) Task: {B72BC9C3-5E4E-4D68-90FF-EDACB75030EC} - System32\Tasks\{CDBB3003-7180-4DA3-96D6-9AB82D6E1727} => pcalua.exe -a "C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|16.0 Task: {CDCE0FEF-AEB5-4F8D-91C9-D2BDDF5AD06C} - System32\Tasks\{981DCB0E-CA7D-461D-9849-771EED5634FC} => C:\Program Files\McAfee Security Scan\3.11.163\McUICnt.exe [2013-09-11] (McAfee, Inc.) Task: {DF641A56-024A-4B0A-8944-69DE620BE659} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-891251935-3120285653-2804985873-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.) Task: {E3537691-4736-4A10-93D0-F5C5E9FA18BB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-05-12] (Microsoft Corporation) Task: {E5765BCA-5F12-4D69-8149-AEE9CBBEB5D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {F278912E-2671-42DF-B66B-48116DF441AC} - \YourFile DownloaderUpdate -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 6f6b2351-9e11-41d2-83e9-f6acd56bf525.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 908b65ea-dae6-40a6-a5ce-e3ffc38c34f4.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe ==================== Loaded Modules (Whitelisted) ============== 2015-05-19 20:57 - 2015-05-19 20:57 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-03-09 18:45 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2012-06-04 19:42 - 2012-01-26 19:49 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2015-05-19 12:17 - 2015-05-19 12:17 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2015-05-05 05:42 - 2015-05-05 05:42 - 01754296 _____ () C:\Program Files\Microsoft Office 15\root\office15\tmpod.dll 2015-05-19 12:19 - 2015-05-19 12:19 - 00022696 _____ () C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconvpxy.dll 2014-10-15 03:52 - 2014-10-15 03:52 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll 2012-06-04 19:35 - 2011-11-29 18:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-06-04 19:33 - 2011-12-16 11:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\.DS_Store:AFP_AfpInfo ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7867 more sites. IE trusted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\sharepoint.com -> hxxps://maricopa.sharepoint.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-891251935-3120285653-2804985873-1000\...\123simsen.com -> www.123simsen.com There are 7867 more sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-891251935-3120285653-2804985873-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Doris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 68.105.28.11 - 68.105.29.11 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) MpsSvc => Firewall Service is not running. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: Adobe LM Service => 3 MSCONFIG\Services: AdobeActiveFileMonitor13.0 => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeUpdateService => 2 MSCONFIG\Services: Amsp => 2 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: HP LaserJet Service => 3 MSCONFIG\Services: NAUpdate => 3 MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2 MSCONFIG\Services: ZAtheros Wlan Agent => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Doris^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AIM for Windows => "C:\Users\Doris\AppData\Local\AOL\AIM\aim.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe MSCONFIG\startupreg: MSASCui => "C:\PROGRA~3\MSASCui.exe" MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900 MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: PSUAMain => "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RegSvcs_32 => "C:\PROGRA~3\RegSvcs_32.exe" MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s MSCONFIG\startupreg: Stage Remote => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe -Quiet MSCONFIG\startupreg: TabTip32 => "C:\PROGRA~3\TabTip32.exe" MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot MSCONFIG\startupreg: ToolboxFX => "C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{2543614E-5D65-4BCF-8E64-7BC32EBDA825}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{9502583F-F800-492F-A98A-38F183F3752F}] => (Allow) LPort=2869 FirewallRules: [{3F3F5229-213F-4F22-83C3-0E929F5A6443}] => (Allow) LPort=1900 FirewallRules: [{11D06EC5-D6A4-4FF4-8DE9-AD02DDE84706}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{F77E1C7C-54D0-4DBB-9F20-B1F778583D08}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [TCP Query User{B0637D0A-8AD6-4E49-86F0-A9C5D3F6B27B}C:\program files (x86)\dell\stage remote\stageremoteservice.exe] => (Block) C:\program files (x86)\dell\stage remote\stageremoteservice.exe FirewallRules: [UDP Query User{40526454-F333-4181-98B4-37338CF7490E}C:\program files (x86)\dell\stage remote\stageremoteservice.exe] => (Block) C:\program files (x86)\dell\stage remote\stageremoteservice.exe FirewallRules: [{C96F752D-B3F3-4B16-9C48-F14FE2564BD0}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe FirewallRules: [{7E33EE03-24EA-4988-A925-4AE764881779}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe FirewallRules: [{51D16B1F-FD83-40A2-95B4-569D320C8F23}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe FirewallRules: [{88DB42BE-414C-457D-8C97-58195D493E64}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe FirewallRules: [{7C5A278C-FD77-456C-84DA-227B8664AA87}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe FirewallRules: [{570314A8-03CB-42F2-A959-08C7CBBFAEA7}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\DMR.exe FirewallRules: [{94310DCB-0064-45EA-9DFE-FD2CF0C35027}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe FirewallRules: [{01766245-02A5-413D-AC97-D9D086D26279}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\Controller.exe FirewallRules: [{61DDCB9F-543A-4529-BC7E-95E4C7BA6A60}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\InstallerHelp.exe FirewallRules: [{20D1902C-39C9-46FB-91AB-4783BC6043AC}] => (Allow) C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe FirewallRules: [{B0722B24-9CF3-44B2-95B2-85A34447F95B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{FD7AA9FB-94A2-4F3B-A702-4C32819D25A1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{134DC00F-86CF-478C-8893-8B41DA4FD7FC}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{97EBBD79-90BF-4918-AD06-8750E4271D2B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{1CF97DCB-B336-41DB-AB5B-ABE2CF2825A1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{8B55521E-750D-4A4B-B988-5628E59E2988}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{BB61412C-A8E1-4FBA-B38B-000D9485D83F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{87F08DB9-45C5-4036-A577-967C2B50BD38}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{F701FA72-6F32-4355-95D3-10953BFCE0B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{32AF2FE5-C96D-4CA1-AEF1-28D422AD471D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{7B89EDC7-4AD7-4051-B04C-BAE517BDFFE8}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{B76927CD-5B0D-48C2-9C3E-847B5E658B23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BF3BA171-0291-4687-A928-7464A2F353EB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{038AC7A6-0278-4EE3-8F9B-1AAB15080836}] => (Allow) C:\Users\Doris\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{58015F3F-5EA3-4F8B-B7A7-AE7D81A41251}] => (Allow) C:\Users\Doris\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{CD45C3C0-3B96-42B8-890E-BDD2D94556A7}] => (Allow) C:\Users\Doris\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9480405D-AB4B-4BCD-8E12-E420DEC2DF03}] => (Allow) C:\Users\Doris\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{24FD622F-D224-4C07-9D4C-40C09323EDAF}] => (Allow) C:\Users\Doris\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{177D2B72-0DC7-4CA0-810C-70CFA9D406C7}] => (Allow) C:\Users\Doris\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{E75A2EBB-663E-4AA4-A9DF-D7CB7DFAAE9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{7C11192A-6E60-4DC3-A778-C74754E68DFE}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe FirewallRules: [{A5406807-616E-4F0E-A790-46A0E561DD23}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe ==================== Faulty Device Manager Devices ============= Name: Microsoft Virtual WiFi Miniport Adapter Description: Microsoft Virtual WiFi Miniport Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (11/11/2015 02:28:53 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (11/11/2015 02:28:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/11/2015 02:28:09 PM) (Source: ESENT) (EventID: 454) (User: ) Description: DllHost (3376) WebCacheLocal: Database recovery/restore failed with unexpected error -543. Error: (11/11/2015 02:28:07 PM) (Source: ESENT) (EventID: 453) (User: ) Description: DllHost (3376) WebCacheLocal: Database C:\Users\Doris\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat requires logfiles 5330-5340 (C:\Users\Doris\AppData\Local\Microsoft\Windows\WebCache\V01014D2.log - C:\Users\Doris\AppData\Local\Microsoft\Windows\WebCache\V01.log) in order to recover successfully. Recovery could only locate logfiles up to 5339 (DllHost0). Error: (11/11/2015 01:06:45 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (11/11/2015 01:05:01 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/11/2015 12:34:30 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. Error: (11/11/2015 12:34:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/11/2015 12:23:36 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (11/11/2015 12:23:27 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Component identity found in manifest does not match the identity of the component requested. Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. Error: (11/11/2015 02:53:01 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. CodeIntegrity: =================================== Date: 2014-09-10 23:51:48.658 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-10 23:51:48.658 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-10 23:51:21.904 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-10 03:46:19.606 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-10 03:46:19.544 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-09-10 03:44:05.708 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-16 03:45:36.252 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-16 03:45:36.174 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-08-16 03:43:46.362 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. Date: 2014-07-10 00:32:50.271 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU G630 @ 2.70GHz Percentage of memory in use: 92% Total physical RAM: 3974.16 MB Available physical RAM: 313.37 MB Total Virtual: 7948.33 MB Available Virtual: 1523.07 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:449.18 GB) (Free:232.81 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: A2F36C50) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=16.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=449.2 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================