Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015 Ran by Owner (2016-01-06 06:26:14) Running from C:\Users\Owner\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2014-08-26 01:37:50) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-103068557-1708720007-3558950971-500 - Administrator - Disabled) Guest (S-1-5-21-103068557-1708720007-3558950971-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-103068557-1708720007-3558950971-1002 - Limited - Enabled) Owner (S-1-5-21-103068557-1708720007-3558950971-1000 - Administrator - Enabled) => C:\Users\Owner ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AV: Emsisoft Anti-Malware (Enabled - Up to date) {9C1B43E7-A69A-E012-4F20-AD6C27446402} AS: Emsisoft Anti-Malware (Enabled - Up to date) {277AA203-80A0-EF9C-7590-961E5CC32EBF} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 4K Video Downloader 3.6 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.6.4.1795 - Open Media LLC) 7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - ) ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.631.5823 - ABBYY) ABBYY FineReader 9.0 Sprint (x32 Version: 9.00.631.5823 - ABBYY) Hidden Acrok HD Video Converter Ver 4.0.37.595 (HKLM-x32\...\{C5338CAA-5760-4A1C-9E8D-DA4D63085177}_is1) (Version: - ) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.0.12510 - Adobe Systems Inc.) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.) Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - ) Any Video Converter 5.8.1 (HKLM-x32\...\Any Video Converter) (Version: 5.8.1 - Anvsoft) Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ArcSoft PhotoBase 3 (HKLM-x32\...\{C1D14C0D-FDAA-4DF2-8441-A902805CCE8C}) (Version: - ) ArcSoft PhotoStudio 5 (HKLM-x32\...\{03F1CC67-5BD8-4C36-8394-76311B2AE69A}) (Version: - ) Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.13.0 - Asmedia Technology) Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software) AVerMedia A835 USB DVB-T 8.2.64.64 (HKLM-x32\...\AVerMedia A835 USB DVB-T) (Version: 8.2.64.64 - AVerMedia TECHNOLOGIES, Inc.) AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.) AVerTV 3D (x32 Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - ) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source) CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio) CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source) Canon DR-5010C Driver (HKLM-x32\...\{A9DB83DB-A9FD-11D0-BFD1-444553540000}) (Version: 1.11.11111.10001 - Canon Electronics) CanoScan Toolbox Ver4.1 (HKLM-x32\...\{BCE46757-7674-4416-BEDB-68205A60409E}) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform) CLOX 2000 (HKLM-x32\...\ST5UNST #1) (Version: - ) ConvertHelper 3.1.1 (HKLM\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper) Cursor Attention (HKLM-x32\...\Cursor Attention) (Version: - ) Customwiz For Kodi (HKLM-x32\...\{16801E38-3E91-44A3-9049-DF5D34D037E9}) (Version: 45.45.45 - Customwiz For Kodi) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Delete Doctor 2.3 (HKLM-x32\...\Delete Doctor) (Version: 2.3 - ) Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION) DuckCapture Standard 2.7 (HKLM-x32\...\DuckCapture_is1) (Version: 2.7 - DuckLink) DVDFab Decrypter 2.9.2.2 (HKLM-x32\...\DVDFab Decrypter_is1) (Version: - Fengtao Software Inc.) Emsisoft Anti-Malware (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.0 - Emsisoft Ltd.) Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.3.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print 2 (HKLM-x32\...\{02A312B5-1542-47B6-BFE9-F51358C39E86}) (Version: 2.4.0.0 - SEIKO EPSON CORPORATION) Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2) Epson Event Manager (HKLM-x32\...\{BECE9CCD-83F6-4BAA-9B26-227DF7D2E932}) (Version: 3.01.0000 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-200 Series Printer Uninstall (HKLM\...\EPSON XP-200 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden Free Flash to MP4 Converter (2.3.2.1) (HKLM-x32\...\Free Flash to MP4 Converter_is1) (Version: 2.3.2.1 - Amazing Studio) Free MP4 Video Converter version 5.0.63.913 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.63.913 - DVDVideoSoft Ltd.) Free PDF Converter Utilities 8.6.4 (HKLM-x32\...\Free PDF Converter Utilities_is1) (Version: - FreeAudioVideoSoftTech, Inc.) Free PDF To PPT Converter (HKLM-x32\...\{F0712F9D-4B28-4AED-9AA5-BEE9B0B533D5}) (Version: 1.0.0 - Free PDF Solutions) Free PDF to Word Converter 2.0 (HKLM-x32\...\Free PDF to Word Converter_is1) (Version: - Free-PDF-to-Word.com) Free Video Capture 7.8.5 (HKLM-x32\...\Free Video Capture_is1) (Version: - SightFiesta Co., Ltd.) Free Video Cutter Joiner 10.4 (HKLM-x32\...\{8C5A4758-C782-4200-B337-DB3466D33ADD}}_is1) (Version: 10.4 - DVDVideoMedia, Inc.) Free Video Joiner (HKLM-x32\...\{14FA6DD9-92ED-493D-A937-81A78870E08A}_is1) (Version: - FreeVideoJoiner.com) Free YouTube Download version 3.2.56.324 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.56.324 - DVDVideoSoft Ltd.) Free YouTube Downloader 4.1.448 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.) Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation) Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.5 - Ellora Assets Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - ) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation) iWisoft Flash SWF to Video Converter 3.5 (HKLM-x32\...\iWisoft Flash SWF to Video Converter_is1) (Version: 3.5.0 - www.flash-swf-converter.com) Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.00.0000 - Jasc Software Inc) Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation) Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation) K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - ) Kodi (HKU\S-1-5-21-103068557-1708720007-3558950971-1000\...\Kodi) (Version: - XBMC-Foundation) Lame ACM MP3 Codec (HKLM-x32\...\LameACM) (Version: - ) Logitech Camera Settings (HKLM-x32\...\LogiUCDPP) (Version: 1.0.568.0 - Logitech Europe S.A.) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) LP Ripper (HKLM-x32\...\LP Ripper) (Version: - ) Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean) MailWasher (HKLM-x32\...\{8D4426EF-E37B-4B1B-B061-546D7172C67D}) (Version: 7.5 - Firetrust) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Manual CanoScan 3000,3000F (HKLM-x32\...\{E088AC54-7379-4C8F-A8B6-D2381E5A1172}) (Version: - ) MFC RunTime files (x32 Version: 1.0.0 - Extensoft) Hidden Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Home and Business 2013 - en-us (HKLM\...\HomeBusinessRetail - en-us) (Version: 15.0.4779.1002 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-103068557-1708720007-3558950971-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft) Movavi Screen Capture Studio 6 (HKLM-x32\...\Movavi Screen Capture Studio 6) (Version: 6.3.0 - Movavi) Moyea Free Flash Downloader version 1.4.0.0 (HKLM-x32\...\{8ED5BF38-B9BF-4F2D-AF42-9037574A254F}_is1) (Version: 1.4.0.0 - Moyea Software Co., LTD) Mozilla Firefox 43.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 en-US)) (Version: 43.0.3 - Mozilla) MULTIFIT visualization tool (HKLM-x32\...\14AF7854-4BCC-4E9C-927A-849E36B82DDF) (Version: 1.7 - Multi Fit) Multifit_Elearning (HKLM-x32\...\com.MultifitElearning) (Version: 1.9 - UNKNOWN) Multifit_Elearning (x32 Version: 1.9 - UNKNOWN) Hidden My MP4Box GUI 0.5.5.4 (HKLM\...\{470F4A33-DA87-4CF5-9E5A-42BD4F218B39}_is1) (Version: 0.5.5.4 - Matt Bodin) MyHeritage Family Tree Builder (HKLM-x32\...\Family Tree Builder) (Version: 7.0.0.7143 - MyHeritage.com) Nero 6 (HKLM-x32\...\Nero - Burning Rom!UninstallKey) (Version: - ) Nero Media Player (HKLM-x32\...\NMPUninstallKey) (Version: - ) NeroVision Express 2 (HKLM-x32\...\NeroVision!UninstallKey) (Version: - ) Network Guide EPSON XP-200 Series (HKLM-x32\...\EPSON XP-200 Series Netg) (Version: - ) NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - ) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4779.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4779.1002 - Microsoft Corporation) Hidden Paragon Backup and Recovery™ 14 Free (HKLM\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software) PDFill PDF Editor with FREE Writer and FREE Tools (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 12.0 - PlotSoft LLC) PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - ) PowerDVDPoint Lite (HKLM-x32\...\{C9CD97C8-AFED-447F-9663-24DD150A08E9}) (Version: 3.6.00 - DigitalOfficePro) QuickTime Alternative 1.81 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 1.81 - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.) RealWorld Cursor Editor (HKLM-x32\...\{25A344BB-378D-4E51-9A39-780755012B2D}) (Version: 13.1.0 - RealWorld Graphics) Recoveryfix for Outlook Evaluation ver 14.09 (HKLM-x32\...\Recoveryfix for Outlook Evaluation ver_is1) (Version: - Lepide Software Pvt.Ltd.) Remo Repair Outlook [PST] (HKLM\...\{9F198151-82C8-4AE0-9290-4248B416BDF4}_is1) (Version: 3.0.0.11 - Remo Software) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.15045.4 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Screen Recorder 1.0 (HKLM-x32\...\{4CEC58D7-3667-4C30-8AB1-13ED2A5487FA}_is1) (Version: 1.0.0.4 - hxxp://freerecorders.com) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TechUtilities (HKLM\...\TechUtilities_is1) (Version: 1.1.1.7 - Seven Servos Software Pvt Ltd.) TEncoder Video Converter version 3.7.0 (HKLM-x32\...\{7B1F9D22-568D-4109-B128-040BF8A932FC}_is1) (Version: 3.7.0 - ozok) TurboCAD Professional v6 (HKLM-x32\...\TurboCAD Professional v6) (Version: - ) TurboCAD v6 Symbols (HKLM-x32\...\TurboCAD v6 Symbols) (Version: - ) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) User's Guide EPSON XP-200 Series (HKLM-x32\...\EPSON XP-200 Series Useg) (Version: - ) VDownloader 4.1.1650 (HKLM\...\{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1) (Version: - Vitzo Limited) Video Download Capture version 5.0.8 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 5.0.8 - APOWERSOFT LIMITED) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WinX DVD Author 6.3.5 (HKLM-x32\...\WinX DVD Author_is1) (Version: - DigiartySoft, Inc.) Wondershare Video Converter Ultimate(Build 8.1.3.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.1.3.0 - Wondershare Software) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.4 - Xvid Team) YouTube Free Downloader 1.6.0.0 (HKLM-x32\...\YouTube Free Downloader_is1) (Version: 1.6.0.0 - AbyssMedia.com) YouTube Song Downloader (HKLM-x32\...\{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1) (Version: 10.3 - Abelssoft) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-103068557-1708720007-3558950971-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {14837160-8641-4FC8-8704-1054E3D24F56} - System32\Tasks\{F155F973-60F2-4C9A-92F2-2CB6649E3AC0} => pcalua.exe -a C:\Users\Owner\Desktop\swftools-0.9.0.exe -d C:\Users\Owner\Desktop Task: {2C17A2BA-F809-433A-9D0B-7B024C944C32} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation) Task: {37D38D12-3512-468B-B74C-AB1D175AB4F7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-01-05] (AVAST Software) Task: {405F0640-8375-41A1-A7AD-3B1DBC5F3A57} - System32\Tasks\{61DB53B8-411F-4170-9B78-66551CEAC354} => C:\Program Files\CamStudio 2.7\Recorder.exe [2015-02-20] (CamStudio Group) Task: {40881B30-88D3-4C15-AE1F-937929D83132} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {5A301AA5-1C4D-4A36-8043-5BE5A0A32BA8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {643C3088-5024-49C9-9CCA-16AE4D0BE962} - System32\Tasks\{6B920768-D4CE-4B48-B719-65B26164B307} => C:\Program Files\CamStudio 2.7\Recorder.exe [2015-02-20] (CamStudio Group) Task: {726BD754-BDF4-4036-B3BD-C07B6ECC7AC5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-06] (Microsoft Corporation) Task: {7FB15E48-2D88-4CC3-8159-42D8DD9B346B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {8407B92C-3DDF-4CE7-A93C-7F390D94F580} - \DNSBEECHER -> No File <==== ATTENTION Task: {931CFBFE-4689-437C-BB07-B943000D2165} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-20] (Piriform Ltd) Task: {A0ADEF3D-46E9-47E9-A304-769849B71686} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software) Task: {BD14D4BA-476F-4E62-ACE3-45EE80DC0AB1} - System32\Tasks\AutoBeam => c:\programdata\{0ea02cd9-fb24-36c1-0ea0-02cd9fb2b367}\pdfescape free pdf editor.exe <==== ATTENTION Task: {CB1F23FC-30D1-4628-BBCB-2CA5C9455908} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-06] (Microsoft Corporation) Task: {CB7BB823-62A4-4D0E-8631-D51ABCE49ECD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {D2517DEB-6F86-40E4-BA59-4FCCD6E0BA79} - System32\Tasks\{38BF66B8-0000-4949-8462-C68637CE56AB} => C:\Program Files\CamStudio 2.7\Recorder.exe [2015-02-20] (CamStudio Group) Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc Task: {E82DF0E5-0EB2-4319-9A79-B42ECEB4B933} - System32\Tasks\{65BF7A87-0144-4BAB-BCFB-C51A446716E5} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E088AC54-7379-4C8F-A8B6-D2381E5A1172}\Setup.exe" Task: {F367B9D1-B2A0-4AAB-B7E4-99229D3B4EE4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation) Task: {FFC676CD-567A-41DF-8E40-31699982A7D3} - System32\Tasks\TechUtilities => C:\Program Files\TechUtilities\TechUtilities.exe [2015-08-28] (Seven Servos Software, Pvt Ltd.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\AutoBeam.job => c:\programdata\{0ea02cd9-fb24-36c1-0ea0-02cd9fb2b367}\pdfescape free pdf editor.exe <==== ATTENTION Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\TechUtilities.job => C:\Program Files\TechUtilities\TechUtilities.exe-t1C:\Program Files\TechUtilities\TechUtilities.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-09-16 09:15 - 2015-09-02 02:04 - 08901184 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2010-07-15 14:44 - 2010-07-15 14:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2015-06-17 09:56 - 2015-02-27 14:38 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll 2015-11-14 10:43 - 2013-10-23 15:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll 2015-03-20 18:12 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-09-15 14:25 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-26 11:42 - 2013-05-07 17:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 2015-08-14 09:41 - 2011-04-01 16:52 - 00403456 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe 2015-08-14 09:42 - 2012-10-17 17:24 - 00163840 ____R () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe 2015-05-21 12:34 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-08-26 11:47 - 2014-10-03 17:36 - 00457616 _____ () C:\Windows\system32\igfxTray.exe 2016-01-05 12:39 - 2016-01-05 12:39 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-01-05 12:39 - 2016-01-05 12:39 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-01-06 04:45 - 2016-01-06 04:45 - 02808832 _____ () C:\Program Files\AVAST Software\Avast\defs\16010501\algo.dll 2016-01-05 12:39 - 2016-01-05 12:39 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll 2015-02-18 15:19 - 2015-02-18 15:19 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPBridgeDLL.dll 2015-02-18 15:19 - 2015-02-18 15:19 - 04647424 _____ () C:\Program Files (x86)\Firetrust\MailWasher\MWPappDLL.dll 2014-10-12 02:41 - 2014-10-12 02:41 - 00061952 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTBridge.dll 2014-10-12 02:41 - 2014-10-12 02:41 - 00272384 _____ () C:\Program Files (x86)\Firetrust\MailWasher\FTClientNode.dll 2014-08-26 11:42 - 2016-01-06 06:07 - 00028160 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll 2014-08-26 11:42 - 2013-05-07 17:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll 2015-08-14 09:42 - 2012-06-09 20:33 - 00053248 ____R () C:\Program Files (x86)\Common Files\AVerMedia\dll\MsgLog.DLL 2015-06-13 08:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-06-13 08:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-06-13 08:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-06-13 08:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-06-13 08:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2016-01-05 12:39 - 2016-01-05 12:39 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-10-22 11:28 - 2015-10-22 11:28 - 17599688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll 2015-03-12 10:05 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:4DF56F2E AlternateDataStreams: C:\ProgramData\TEMP:E5A9D792 AlternateDataStreams: C:\ProgramData\TEMP:F169C698 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 12:34 - 2016-01-04 11:21 - 00000967 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-103068557-1708720007-3558950971-1000\Control Panel\Desktop\\Wallpaper -> DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Drive Manager Real-Time.lnk => C:\Windows\pss\Samsung Drive Manager Real-Time.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CursorAttention.lnk => C:\Windows\pss\CursorAttention.lnk.Startup MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup MSCONFIG\startupreg: ABBYY Screenshot Reader Bonus => "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun MSCONFIG\startupreg: BingSvc => C:\Users\Owner\AppData\Local\Microsoft\BingSvc\BingSvc.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: Clarus Drive Manager => C:\Program Files (x86)\Clarus\Samsung Drive Manager\Drive Manager.exe -Hide MSCONFIG\startupreg: CustomwizKodi => C:\Program Files (x86)\Customwiz For Kodi\Customwiz For Kodi\CustomwizKodi.exe MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: emsisoft anti-malware => "c:\program files\emsisoft anti-malware\a2guard.exe" /d=60 MSCONFIG\startupreg: EPLTarget => MSCONFIG\startupreg: Family Tree Builder Update => C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe MSCONFIG\startupreg: FreeVideoDownloader => C:\Program Files (x86)\33download.com\Free Video Downloader\FreeVideoDownloader.exe MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe" MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: IgfxTray => "C:\Windows\system32\igfxtray.exe" MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: NeroFilterCheck => C:\Windows\system32\NeroCheck.exe MSCONFIG\startupreg: Persistence => "C:\Windows\system32\igfxpers.exe" MSCONFIG\startupreg: PicPick Start => "C:\Program Files (x86)\PicPick\picpick.exe" /startup MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TinyTake by MangoApps => "C:\Program Files (x86)\MangoApps\TinyTake by MangoApps\TinyTake by MangoApps.exe" NOTOPENCONTEXTMENU MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: VDownloader => "C:\Program Files\VDownloader\VDownloader4.exe" /silent MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{DD2F89EC-C489-4A7D-8390-7D2B7CF6A539}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe FirewallRules: [{D9428D1E-A1CF-461E-871C-6D1C39FAC9C7}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe FirewallRules: [{FF7FB93B-B27B-445B-9A2A-4A41B34FA3E2}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [{D292585E-371D-4524-9B5D-BA187F865E44}] => (Allow) C:\Program Files (x86)\EPSON Software\ECPrinterSetup\ENPApp.exe FirewallRules: [TCP Query User{8555A467-C1BC-42A0-ABB4-21162E515C5C}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{3837B596-0F7E-4F2F-B11D-69D1E95435AA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [TCP Query User{B63AD94F-D970-42A9-8218-14AE7C915B4D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{05DBD726-9FB8-46EB-B9CA-E4108BA92022}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{72440CCC-5E29-4E14-9C02-E066CCB7A69B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{DF47B85B-233B-4ED2-A0F7-D9CB3BAD6833}] => (Allow) C:\Users\Owner\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{9C6ABA63-E0E6-473A-851E-73C985AE2B60}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe FirewallRules: [{D53F1F8C-3E9C-481A-8CB2-CB639113ABA8}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe FirewallRules: [{F04BB80C-029B-4A03-A906-7C33D7E87647}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll FirewallRules: [{4634CD24-150C-4664-8899-4C5699EC1B71}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll FirewallRules: [{04BF6590-4DDF-47BF-A55A-EB13656DA90D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll FirewallRules: [{667A7A05-7CCE-4BB8-80D1-19B37266E742}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll FirewallRules: [{6FE81F43-1DE4-4B31-B1C2-7B0B8491C52C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll FirewallRules: [{06BB9ADB-79F5-4F11-BFB7-68015EC31FAC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll FirewallRules: [{F60C4E43-F7D1-493F-80CB-76B465490397}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll FirewallRules: [{6DEE0F71-8B8D-4D11-90F1-D3799334F10A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll FirewallRules: [{349389FC-F879-4F8D-9273-7090E5957CDC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll FirewallRules: [{5C139F52-DE7F-4C73-9B0D-8C84A59B0C97}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll FirewallRules: [{127F9465-B9BA-47F8-BE87-689C170D1B45}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll FirewallRules: [{DBAF86E5-A293-422D-8CEC-B339E083291F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll FirewallRules: [{7B8463DE-B162-42C8-A9AD-391A5E3B2B23}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4AB0227E-7847-469E-AB85-BB094570773A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{42BE6F3C-3884-4273-AA01-497854DEB169}] => (Allow) LPort=2869 FirewallRules: [{65AB828A-A678-40FB-8D6C-F30258E6B167}] => (Allow) LPort=1900 FirewallRules: [{B04FA27D-1A77-4D5C-997E-3BA086B78D7A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6DD07E70-CC5A-4C29-A707-196CBB496BE4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D441E783-3BE3-480E-9D1D-744FA23A5FA3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2BFCEA28-108B-4ACC-8EDA-FB0303DEAD55}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B256FF26-C568-489C-ABA7-B5FD460660E6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{436A18D0-C7A8-4C7C-9F6D-1E18F2390B0D}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{4A4005BB-2DDD-4BDB-8AE6-30111CB316FB}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{B77BA49C-6B3E-4760-BB13-F4910B48B19B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9EC2C753-5C39-42EF-8836-5321BC29B866}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 06-01-2016 05:59:22 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (01/06/2016 06:09:17 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/06/2016 05:22:18 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program adwcleaner_5.028.exe version 5.0.2.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 2cc Start Time: 01d147ee29c3195f Termination Time: 4 Application Path: C:\Users\Owner\Desktop\Cleaners\adwcleaner_5.028.exe Report Id: Error: (01/06/2016 05:14:25 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/06/2016 04:44:49 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/05/2016 07:48:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/05/2016 06:51:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/05/2016 06:18:51 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/05/2016 03:21:27 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/05/2016 02:39:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/05/2016 08:35:37 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (01/06/2016 06:09:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (01/06/2016 06:09:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (01/06/2016 06:09:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (01/06/2016 06:09:59 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (01/06/2016 06:09:59 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (01/06/2016 06:09:59 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (01/06/2016 06:09:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: %%-2140993535 Error: (01/06/2016 06:09:50 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Peer Name Resolution Protocol service terminated with the following error: %%-2140993535 Error: (01/06/2016 06:09:50 AM) (Source: PNRPSvc) (EventID: 102) (User: ) Description: 0x80630801 Error: (01/06/2016 06:07:50 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{a9ba8646-fde1-11e4-af1b-806e6f6e6963} cannot be read. CodeIntegrity: =================================== Date: 2015-10-16 10:12:19.042 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:12:18.698 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:12:18.340 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:12:17.965 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:12:17.341 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:11:50.150 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:11:49.807 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:11:49.417 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:11:49.043 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. Date: 2015-10-16 10:11:48.419 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\avg_remover_stf_x86_2013_3341.exe because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz Percentage of memory in use: 63% Total physical RAM: 3965.6 MB Available physical RAM: 1465.28 MB Total Virtual: 7929.41 MB Available Virtual: 4450.79 MB ==================== Drives ================================ Drive c: (Windows 7 Drive) (Fixed) (Total:931.41 GB) (Free:719.1 GB) NTFS Drive f: (XP-Data) (Fixed) (Total:71.22 GB) (Free:32.92 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 97BE5B6A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: CB210205) Partition 1: (Not Active) - (Size=71.2 GB) - (Type=07 NTFS) Partition 2: (Active) - (Size=394.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================