Additional scan result of Farbar Recovery Scan Tool (x64) Version:18-01-2016 Ran by HANNANs MAIN (2016-01-24 12:12:34) Running from C:\Users\HANNANs MAIN\Downloads Windows 7 Professional Service Pack 1 (X64) (2014-06-30 05:30:20) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3000898737-217439702-1717454642-500 - Administrator - Disabled) Guest (S-1-5-21-3000898737-217439702-1717454642-501 - Limited - Disabled) HANNANs MAIN (S-1-5-21-3000898737-217439702-1717454642-1000 - Administrator - Enabled) => C:\Users\HANNANs MAIN HomeGroupUser$ (S-1-5-21-3000898737-217439702-1717454642-1007 - Limited - Enabled) INTERNET and EMAIL (S-1-5-21-3000898737-217439702-1717454642-1001 - Limited - Enabled) => C:\Users\INTERNET and EMAIL Sony Reader #2 (S-1-5-21-3000898737-217439702-1717454642-1008 - Administrator - Enabled) => C:\Users\Sony Reader #2 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Internet Security (Enabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Microsoft Security Essentials (Enabled - Out of date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Out of date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: Norton Internet Security (Enabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.09 - GIGABYTE) µTorrent (HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) calibre 64bit (HKLM\...\{2342B0FF-6738-4AD5-9BD2-563C55ED9D63}) (Version: 2.28.0 - Kovid Goyal) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte) Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek) DMIView B8.0717.01 (HKLM-x32\...\{3EE1008C-11A1-4F4F-8DB7-27573924DE78}) (Version: 1.4 - Gigabyte) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden Easy Tune 6 B10.1024.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B10.1024.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden Elevated Installer (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden e-tax 2014 (HKLM-x32\...\{42D5C0B2-A309-4F84-9BD7-5DDDFE6C09E1}) (Version: 2.10.788 - Australian Taxation Office) Face_Wizard B10.1005.01 (HKLM-x32\...\{E76FCE6B-9999-4250-8C75-B2DA4AD41268}) (Version: 1.00.0000 - Gigabyte) Free Audio Converter version 5.0.56.128 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.56.128 - DVDVideoSoft Ltd.) Free MP4 Video Converter version 5.0.46.820 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.46.820 - DVDVideoSoft Ltd.) Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.) Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{b292f4e5-60ca-4bb8-8810-e5f908c3c1ff}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden iCare Data Recovery Professional 4.6.4 (HKLM-x32\...\iCare Data Recovery Professional_is1) (Version: - iCare Software) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.266.3 - McAfee, Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Image Composite Editor (HKLM\...\{B821CDAA-34DE-46FD-87C9-E6EE7158DB5D}) (Version: 1.4.4 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 43.0.4 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 en-US)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyDriveConnect 4.0.7.2442 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.7.2442 - TomTom) Nero 8 Essentials (HKLM-x32\...\{10B5900B-1217-458E-B3DA-E0A2E4A01033}) (Version: 8.10.366 - Nero AG) Norton Internet Security (HKLM-x32\...\NIS) (Version: 18.7.2.3 - Symantec Corporation) ON_OFF Charge B10.0427.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) Online Plug-in (x32 Version: 14.3.100.10 - Citrix Systems, Inc.) Hidden Paragon Partition Manager™ 2014 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software) QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Reader for PC (HKLM-x32\...\{D279DFB7-97A3-439D-8BE9-95D8AFA68562}) (Version: 2.4.01.10241 - Sony Corporation) RealDownloader (x32 Version: 18.1.2.176 - RealNetworks, Inc.) Hidden RealDownloader (x32 Version: 18.1.2.179 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.2 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.26.902.2010 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6194 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden Self-service Plug-in (x32 Version: 4.3.100.10167 - Citrix Systems, Inc.) Hidden Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION Smart 6 B10.1023.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE) Solid YouTube Downloader and Converter 6.2.0.1 (HKLM-x32\...\{1E911896-3755-4272-99B1-4D18D24D0E19}_is1) (Version: - DreamVideoSoft,Inc.) Splashtop Connect IE (HKLM-x32\...\{F9F5EF72-18CF-4DCF-A721-EC86B94DAC46}) (Version: 1.1.12.1 - Splashtop Inc.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 5.0.0.0 - Stellar Information Systems Ltd) Update Manager B10.0728.1 (HKLM-x32\...\{2913C8E7-612B-47DA-B18D-A23E1A1B16E3}) (Version: 1.00.0000 - Gigabyte) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Web Companion (HKLM-x32\...\{6fe952c2-897a-42bb-8df9-7fe31f40dbf2}) (Version: 2.1.1265.2535 - Lavasoft) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation) WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0875B8FE-5303-42DB-BCF2-C028D5A06BE2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-06] (Microsoft Corporation) Task: {095867A2-F65A-4650-A8C0-F9B461A7EE3F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2015-10-29] () Task: {0E87EB17-72B3-4F1E-811F-A9AAAA824EAE} - System32\Tasks\Inst_Rep => C:\Users\HANNANs MAIN\AppData\Local\Installer\Install_11042\nslBC30.tmp [2016-01-20] () <==== ATTENTION Task: {122E5B9D-CBCB-4020-A617-0D82320406E8} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3000898737-217439702-1717454642-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.) Task: {31E46497-8FA1-4E14-A08B-6DCD131EF382} - System32\Tasks\IBUpd2 => C:\Users\HANNANs Task: {323A98AF-2BF2-45AA-96D9-0A2BC1CDFBB6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {3C5B669B-9878-42B4-ACB9-B560FA406BFD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {4C77EE6F-EEE6-4379-81D1-9E716C2BBA02} - System32\Tasks\Frarnuxof => C:\ProgramData\Frarnuxof\1.0.7.1\nooxsovi.exe [2016-01-23] () Task: {56928D47-9832-4522-863E-68ADBAD9B355} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {5F6F9F7C-4975-4033-BAD6-895BD2726841} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated) Task: {5F779B95-D049-4B6C-8A53-E844AAC897FF} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation) Task: {87360316-F61B-4547-AF6D-9EB418B508EB} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-09] (Dropbox, Inc.) Task: {948DD062-983A-41C9-ABFB-4D1D84B827A1} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2015-11-04] () Task: {94A796FD-E686-4A71-8C88-E1FEDBE97D0D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3000898737-217439702-1717454642-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.) Task: {9A7D0054-245E-4FDF-BE1D-B70C834EF5AC} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-06] (Microsoft Corporation) Task: {AAA1B54F-A96C-4851-AF3B-4C25A50FF97F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {B16C6302-EACD-4D23-ABC5-CCAB4D7A360B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {B8DD3F8C-E777-484E-8A4C-6ED6E3583615} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-09] (Dropbox, Inc.) Task: {BCCE3DDF-C38A-45E8-A4C7-46E2F06612E5} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe [2012-06-08] (Symantec Corporation) Task: {BE6B53DF-BDAA-411E-B8A5-0E56725B8FFB} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3000898737-217439702-1717454642-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2015-11-04] (RealNetworks, Inc.) Task: {D169FCA8-8B36-4E3D-92C4-28A9873692FC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3000898737-217439702-1717454642-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-11-04] (RealNetworks, Inc.) Task: {DBDA89A2-4327-436A-9A92-3885E0AA843D} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3000898737-217439702-1717454642-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2015-11-04] (RealNetworks, Inc.) Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc Task: {E7188AFC-5440-4865-B735-F94376C97B29} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {E9AEAF8C-C745-41EA-96BC-81AF2E889FCB} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-08-06] (Symantec Corporation) Task: {EEBF828C-53CD-46AF-BD20-73F0944C9849} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\HANNANs MAIN\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Games.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> /c "start hxxp://socialgames.splashtop.com/redirectGames/?oem=protobcu01^&os=Windows^&p=H67A-UD3H-B3^&pv=1.1.12^&v=1^&flv=^&c=3081^&t=e494e99a96d533538bccca08af565816^&l=en-AU" ==================== Loaded Modules (Whitelisted) ============== 2014-07-03 18:59 - 2009-11-05 08:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-01-23 08:54 - 2016-01-23 08:54 - 00156672 _____ () C:\ProgramData\Frarnuxof\1.0.7.1\nooxsovi.exe 2016-01-20 11:08 - 2016-01-20 11:08 - 00274432 _____ () C:\Program Files (x86)\00000000-1453282982-0000-0000-1C6F65AB92E7\knscB556.tmpfs 2015-11-04 15:20 - 2015-11-04 15:20 - 00033088 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2015-12-14 08:29 - 2015-12-14 08:29 - 00017168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe 2015-12-14 08:29 - 2015-12-14 08:29 - 00008976 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00028432 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll 2016-01-20 19:43 - 2016-01-20 19:43 - 00416256 _____ () C:\Program Files (x86)\00000000-1453282982-0000-0000-1C6F65AB92E7\hnssF3E4.tmp 2016-01-20 19:43 - 2016-01-20 19:43 - 00307712 _____ () C:\Program Files (x86)\00000000-1453282982-0000-0000-1C6F65AB92E7\jnsxD49F.tmp 2014-06-30 16:47 - 2014-06-30 16:47 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll 2008-03-25 17:21 - 2014-07-02 12:21 - 00219760 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe 2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-11-04 13:28 - 2015-11-04 13:28 - 00719632 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe 2014-08-25 21:40 - 2015-12-11 01:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2015-02-09 22:37 - 2015-12-11 01:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2015-02-09 22:37 - 2015-12-11 01:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-08-25 21:40 - 2015-12-11 01:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-08-25 21:40 - 2015-12-11 01:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2015-02-09 22:37 - 2015-12-11 01:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-11-04 15:20 - 2015-11-04 15:20 - 00037720 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2015-11-04 15:19 - 2015-11-04 15:19 - 00039768 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2015-11-04 15:20 - 2015-11-04 15:20 - 00037728 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll 2014-07-03 19:12 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2014-07-03 19:12 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2014-07-03 19:12 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-07-03 19:12 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2014-07-03 19:12 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2010-10-24 14:58 - 2014-07-02 12:22 - 02887751 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Normal.dll 2010-10-22 19:02 - 2014-07-02 12:22 - 00651327 _____ () C:\Program Files (x86)\GIGABYTE\ET6\work.dll 2010-01-12 17:09 - 2014-07-02 12:22 - 01331266 _____ () C:\Program Files (x86)\GIGABYTE\ET6\SF.dll 2008-05-07 15:22 - 2008-05-07 15:22 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\CIAMIB.dll 2010-10-19 10:59 - 2014-07-02 12:21 - 00069632 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GPTT.dll 2009-12-22 16:52 - 2014-07-02 12:23 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\ycc.dll 2010-06-24 15:50 - 2010-06-24 15:50 - 00094208 _____ () C:\Program Files (x86)\GIGABYTE\ET6\IccLibDll.dll 2010-09-30 08:45 - 2010-09-30 08:45 - 00126976 _____ () C:\Program Files (x86)\GIGABYTE\ET6\StabilityLib.dll 2014-07-02 12:26 - 2014-07-02 12:26 - 00024576 _____ () C:\Program Files (x86)\GIGABYTE\ET6\STT.dll 2010-10-19 20:27 - 2014-07-02 12:22 - 01499200 _____ () C:\Program Files (x86)\GIGABYTE\ET6\OCK.dll 2009-10-21 14:07 - 2014-07-02 12:21 - 01335358 _____ () C:\Program Files (x86)\GIGABYTE\ET6\HM.dll 2010-10-21 20:50 - 2014-07-02 12:21 - 01433674 _____ () C:\Program Files (x86)\GIGABYTE\ET6\GVTunner.dll 2003-02-14 14:11 - 2003-02-14 14:11 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Sound.dll 2010-06-10 15:52 - 2014-07-02 12:19 - 01318984 _____ () C:\Program Files (x86)\GIGABYTE\ET6\AMD8.dll 2010-03-12 05:40 - 2014-07-02 12:22 - 03860520 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Platform.dll 2010-03-12 05:40 - 2014-07-02 12:21 - 00579616 _____ () C:\Program Files (x86)\GIGABYTE\ET6\Device.dll 2010-10-22 10:41 - 2014-07-02 12:21 - 00311296 _____ () C:\Program Files (x86)\GIGABYTE\ET6\MFCCPU.DLL 2015-12-14 08:29 - 2015-12-14 08:29 - 00113424 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00044304 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Common.Platform.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00010000 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.UpdateComponents.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00272656 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00022288 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.AvastWrapper.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00046864 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00012560 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00120080 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll 2015-12-14 08:29 - 2015-12-14 08:29 - 00036112 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll 2015-12-01 21:20 - 2015-12-01 21:20 - 00089360 _____ () C:\Program Files (x86)\Real\RealPlayer\CrashRpt\CrashRpt1402.dll 2015-12-01 21:19 - 2015-12-01 21:19 - 00022312 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll 2015-12-01 21:19 - 2015-12-01 21:19 - 01520936 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avformat-55.dll 2015-12-01 21:19 - 2015-12-01 21:19 - 04274984 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avcodec-55.dll 2015-12-01 21:19 - 2015-12-01 21:19 - 00322856 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\avutil-52.dll 2014-10-24 21:34 - 2014-10-24 21:34 - 00880640 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\fsk.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00040264 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMediaPlayers.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00239944 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\Fskin.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00026952 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskinLocalize.dll 2014-04-25 21:46 - 2014-04-25 21:46 - 00798720 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskSecurity.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00125256 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskDocumentViewer.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00016200 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskPower.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00024904 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskNetInterface.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00017224 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskMobileMediaDevice.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00015176 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\FskTimeHardware.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00034632 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ticket.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00018760 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookDeviceNotifier.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00092488 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ebookUsb.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00149832 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\readerAppHelper.dll 2014-10-24 21:35 - 2014-10-24 21:35 - 00178504 _____ () C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\USBDetector.dll 2015-12-13 13:34 - 2015-10-31 10:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2015-12-13 13:33 - 2015-10-31 11:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd 2015-12-13 13:33 - 2015-10-31 10:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2015-12-13 13:34 - 2015-10-31 10:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2015-12-13 13:34 - 2015-10-31 10:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2015-12-13 13:34 - 2015-12-09 07:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2015-12-13 13:33 - 2015-10-31 10:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2015-12-13 13:34 - 2015-12-09 07:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2015-12-13 13:34 - 2015-10-31 10:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2015-12-13 13:34 - 2015-12-09 07:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd 2015-12-13 13:34 - 2015-12-09 07:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2015-12-13 13:33 - 2015-10-31 11:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2015-12-13 13:34 - 2015-12-09 07:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2015-12-13 13:33 - 2015-10-31 11:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2015-12-13 13:34 - 2015-10-31 11:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2015-12-13 13:34 - 2015-12-09 07:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-13 13:34 - 2015-10-31 10:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2015-12-13 13:33 - 2015-10-31 10:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2015-12-13 13:33 - 2015-10-31 11:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2015-12-13 13:33 - 2015-12-09 07:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2015-12-13 13:34 - 2015-10-31 11:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2015-12-13 13:33 - 2015-12-09 07:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2015-12-13 13:34 - 2015-12-09 07:36 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2015-11-04 13:20 - 2015-11-04 13:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll 2015-12-01 21:19 - 2015-12-01 21:19 - 00653608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll 2015-11-04 13:28 - 2015-11-04 13:28 - 00077584 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2bf7ecd8-bffc-11e5-9883-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2bf7ecd9-bffc-11e5-9883-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2bf7ecda-bffc-11e5-9883-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2bf7ecdb-bffc-11e5-9883-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2bf7ecdc-bffc-11e5-9883-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2bf7ecdd-bffc-11e5-9883-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2c8a45ff-bcf3-11e5-827a-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2c8a4600-bcf3-11e5-827a-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2c8a4601-bcf3-11e5-827a-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2c8a4602-bcf3-11e5-827a-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2c8a4603-bcf3-11e5-827a-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{2c8a4604-bcf3-11e5-827a-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{f7ccf01d-bf5b-11e5-a152-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{f7ccf01e-bf5b-11e5-a152-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{f7ccf01f-bf5b-11e5-a152-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{f7ccf020-bf5b-11e5-a152-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{f7ccf021-bf5b-11e5-a152-1c6f65ab92e7} AlternateDataStreams: C:\Windows\system32\Drivers\sdfhgdf.sys:{f7ccf022-bf5b-11e5-a152-1c6f65ab92e7} AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7865 more sites. IE trusted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\webcompanion.com -> hxxp://webcompanion.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3000898737-217439702-1717454642-1000\...\123simsen.com -> www.123simsen.com There are 7865 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 12:34 - 2016-01-21 20:52 - 00450864 ____R C:\Windows\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info There are 15465 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3000898737-217439702-1717454642-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HANNANs MAIN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 - 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{20317BFF-8444-46C6-A1DB-DF5915B935C5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{15A9B8DB-3F6A-4729-A2C2-653767FFF67C}] => (Allow) LPort=2869 FirewallRules: [{7A17D30E-A7B8-4FCE-8D0D-10F263CDD09B}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{56956A1A-DADF-4799-94E8-670FCD23BC63}C:\users\internet and email\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\internet and email\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{0A849686-8AC6-4049-83E0-091550E6C8AF}C:\users\internet and email\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\internet and email\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{7440E201-EF15-4B8A-BA83-1E19DBB6368A}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe FirewallRules: [UDP Query User{8E08B4AD-8310-4D9A-A60C-C4B411504196}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe FirewallRules: [TCP Query User{D8520DF3-A2C3-42DA-B005-616B6369A827}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe FirewallRules: [UDP Query User{841189E2-9F6B-4EC1-8C8F-25F67945C3E2}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe FirewallRules: [{36109581-881B-4EBE-BD9A-8C73866D55E8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B9F353D8-2F40-4954-8ADB-D63CF27F024A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{7BF618FC-CD1C-4A4C-8B3A-8A81BFF07408}C:\users\internet and email\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\internet and email\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{EF7D32D0-CA5F-4808-ADD4-38D2BD9D373C}C:\users\internet and email\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\internet and email\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{F1FC6797-D390-49D5-A015-48B2DB9D29CB}] => (Allow) C:\Users\INTERNET and EMAIL\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6087F17F-8A90-4F75-A8C6-6F0660445AF0}] => (Allow) C:\Users\INTERNET and EMAIL\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{6FB1C221-C1E5-4E19-A1D2-2207EF54551A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{C186E074-E394-4CC2-9AD7-9D5DE83A356F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{58762716-9522-4926-9AC7-0AF54BFAC742}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe FirewallRules: [UDP Query User{41945DC9-4F51-47A3-BA6C-7858EB590547}C:\program files (x86)\gigabyte\updmanager\runupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\runupd.exe FirewallRules: [TCP Query User{DBEF9804-E5C6-485A-A346-913E24ABF383}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe FirewallRules: [UDP Query User{CAE35752-D40E-4017-84C2-1DB619582455}C:\program files (x86)\gigabyte\updmanager\gbtupd.exe] => (Allow) C:\program files (x86)\gigabyte\updmanager\gbtupd.exe FirewallRules: [{DDC0F040-2644-4078-BD0B-D0285AAF7F79}] => (Allow) LPort=7770 FirewallRules: [{CC3C2D5A-ED41-4026-AD6F-2E19AB9A1EE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{110E2F16-09A6-4240-9747-B83575FBA6EF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{EB07503A-5BA8-41F6-BF0B-EB286EB83EE5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{3FA662E2-EAE4-462C-AAA4-59CD062D3D51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{78DE9EB4-8A00-48AF-BED9-28AEDDAD13CC}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{E5EE256F-A0E1-430C-A479-A23ADD8FEC70}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{90EF56FD-FB94-46E8-AF8B-66FD3ACD53D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3B421501-0282-42EB-9D1F-643BB64EC9E7}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe FirewallRules: [TCP Query User{A24FA1AD-F6E1-4AA1-AEAB-DD2F0B2F5497}C:\users\internet and email\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\internet and email\appdata\roaming\utorrent\updates\3.4.5_41372.exe FirewallRules: [UDP Query User{59ACA81E-FD8C-4588-B1F5-DC25F0C2BFA1}C:\users\internet and email\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\internet and email\appdata\roaming\utorrent\updates\3.4.5_41372.exe FirewallRules: [{74E5C149-1465-4D3D-9983-3FC42CAD8F3A}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [TCP Query User{81271075-1A70-43A5-AA27-0BD9DDEAE421}C:\users\hannans main\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hannans main\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{C6E714BB-BBA8-45A2-BE99-103F9D5909CC}C:\users\hannans main\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\hannans main\appdata\roaming\utorrent\utorrent.exe FirewallRules: [{F9576F2F-31B0-4A4A-963F-2CF914F0B2F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{CE3B6ED6-7AD9-486D-8B2F-A4FDB1CD60E7}] => (Allow) C:\Users\HANNANs MAIN\AppData\Local\BrowserAir\Application\BrowserAir.exe FirewallRules: [{0E15A04C-BC88-496A-BD04-397300C7955B}] => (Allow) C:\Program Files (x86)\Microsoft.NET\v2.0.507237\msnetcore.exe FirewallRules: [{64655445-7193-48A9-9979-966E9626D903}] => (Allow) C:\Program Files (x86)\Microsoft.NET\v2.0.507237\client.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 06-12-2015 19:00:28 Windows Backup 08-12-2015 21:39:16 Windows Update 10-12-2015 03:00:11 Windows Update 13-12-2015 12:38:17 Windows Update 13-12-2015 19:00:12 Windows Backup 17-12-2015 12:38:45 Windows Update 19-12-2015 03:00:10 Windows Update 20-12-2015 19:00:19 Windows Backup 22-12-2015 07:14:35 Windows Update 26-12-2015 07:14:48 Windows Update 27-12-2015 19:00:33 Windows Backup 29-12-2015 18:05:27 Windows Update 02-01-2016 18:05:28 Windows Update 03-01-2016 20:09:31 Windows Backup 06-01-2016 19:37:40 Windows Update 10-01-2016 02:26:41 Windows Update 10-01-2016 19:00:22 Windows Backup 13-01-2016 11:31:38 Windows Update 14-01-2016 03:00:14 Windows Update 15-01-2016 03:00:18 Windows Update 17-01-2016 19:00:32 Windows Backup 18-01-2016 18:32:58 Windows Update 21-01-2016 19:54:27 Revo Uninstaller's restore point - WindoWeather 1.0 21-01-2016 20:03:51 Revo Uninstaller's restore point - DNS Unlocker version 1.4 21-01-2016 23:39:11 Removed League of Legends 22-01-2016 21:16:46 Windows Update 22-01-2016 22:39:28 Windows Update 23-01-2016 14:36:40 Revo Uninstaller's restore point - GamesDesktop 027.005010215 23-01-2016 14:38:43 Revo Uninstaller's restore point - RegClean Pro 23-01-2016 14:40:22 Revo Uninstaller's restore point - PlayGem 1.0 23-01-2016 14:42:27 Revo Uninstaller's restore point - TV Time 23-01-2016 14:50:33 Revo Uninstaller's restore point - Opera Stable 34.0.2036.50 23-01-2016 14:56:59 Revo Uninstaller's restore point - Google Toolbar for Internet Explorer 24-01-2016 11:59:51 Revo Uninstaller's restore point - speed browser ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/24/2016 11:55:15 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/23/2016 03:13:38 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/23/2016 02:35:12 PM) (Source: ESENT) (EventID: 215) (User: ) Description: WinMail (6464) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed. Error: (01/23/2016 08:17:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/22/2016 09:06:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/21/2016 11:35:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/21/2016 03:03:32 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (01/20/2016 08:08:35 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program BrowserAir.exe version 47.0.0.3 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 4ec Start Time: 01d1536a5f27aa77 Termination Time: 7 Application Path: C:\Users\HANNANs MAIN\AppData\Local\BrowserAir\Application\BrowserAir.exe Report Id: Error: (01/20/2016 08:04:21 PM) (Source: ESENT) (EventID: 215) (User: ) Description: WinMail (6948) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed. Error: (01/20/2016 07:57:35 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (01/23/2016 05:55:52 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (01/23/2016 02:35:09 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (01/23/2016 02:34:56 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {D085A4AB-CAB1-4729-9DF8-FCEEDDBD19E4} Error: (01/23/2016 09:03:54 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: The default transaction resource manager on volume G: encountered a non-retryable error and could not start. The data contains the error code. Error: (01/23/2016 09:03:54 AM) (Source: volsnap) (EventID: 16) (User: ) Description: The shadow copies of volume G: were aborted because volume G:, which contains shadow copy storage for this shadow copy, was force dismounted. Error: (01/23/2016 08:52:20 AM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The Microsoft .Net Framework v2.0.507237 ALP (X86) service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (01/22/2016 10:39:57 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {995C996E-D918-4A8C-A302-45719A6F4EA7} Error: (01/21/2016 11:44:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 115.28.0.0 Update Source: %NT AUTHORITY51 Update Stage: 4.8.0204.00 Source Path: 4.8.0204.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (01/21/2016 11:44:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.213.3421.0 Update Source: %NT AUTHORITY51 Update Stage: 4.8.0204.00 Source Path: 4.8.0204.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (01/21/2016 11:44:59 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.213.3421.0 Update Source: %NT AUTHORITY51 Update Stage: 4.8.0204.00 Source Path: 4.8.0204.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\NETWORK SERVICE Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Percentage of memory in use: 38% Total physical RAM: 8109.42 MB Available physical RAM: 4973.57 MB Total Virtual: 16217.05 MB Available Virtual: 12762.39 MB ==================== Drives ================================ Drive c: (DISK1) (Fixed) (Total:299.9 GB) (Free:127.14 GB) NTFS Drive e: (DISK1 ) (Fixed) (Total:300.2 GB) (Free:238.46 GB) NTFS Drive f: (DISK1) (Fixed) (Total:331.32 GB) (Free:279.08 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6C7C887A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=299.9 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=300.2 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=331.3 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================