Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-01-2016 Ran by Frank (2016-02-04 17:44:58) Running from C:\Users\Frank\Desktop Windows 10 Home (X64) (2015-12-18 18:46:04) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1178036084-1826107637-1660614399-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1178036084-1826107637-1660614399-503 - Limited - Disabled) Frank (S-1-5-21-1178036084-1826107637-1660614399-1000 - Administrator - Enabled) => C:\Users\Frank Guest (S-1-5-21-1178036084-1826107637-1660614399-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1178036084-1826107637-1660614399-1003 - Limited - Enabled) UpdatusUser (S-1-5-21-1178036084-1826107637-1660614399-1004 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Advanced SystemCare Ultimate (Enabled - Up to date) {91A1210C-78DD-A71C-E865-63DB27C767EE} AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3DVIA player 5.0.0.20 (HKLM-x32\...\{F06365EC-061E-48C3-B761-E1816658D618}) (Version: 5.0.20 - 3DVIA) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 6500_E709_eDocs (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 6500_E709_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden 6500_E709n (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.144 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Advanced SystemCare Ultimate 9 (HKLM-x32\...\Advanced SystemCare Ultimate_is1) (Version: 9.0.1 - IObit) Airport Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden Amazon MP3 Downloader 1.0.15 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.15 - Amazon Services LLC) Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Audible Download Manager (HKLM-x32\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.) AVerMedia MiniCard Hybrid TV Tuner 1.1.64.56 (HKLM-x32\...\AVerMedia MiniCard Hybrid TV Tuner) (Version: 1.1.64.56 - AVerMedia TECHNOLOGIES, Inc.) Avery Wizard 5.0 (HKLM-x32\...\{D43E122B-C053-4545-999A-2219BF8F6422}) (Version: 5.0.3 - Avery) AxCrypt 1.7.2976.0 (HKLM\...\{F28219BA-0FBA-4515-AA4D-DF55EA186C6A}) (Version: 1.7.2976.0 - Axantum Software AB) Azteca (x32 Version: 2.2.0.95 - WildTangent) Hidden Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.) Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bluetooth by hp (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7600 - Broadcom Corporation) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden BPDSoftware (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden Brother Driver Deployment Wizard (HKLM-x32\...\{0ED38503-B69A-44B4-98BE-21BFF284A9B6}) (Version: 1.09.000 - Brother) Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.) BufferChm (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Build-a-lot (x32 Version: 2.2.0.95 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.2615 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dashlane (HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\Dashlane) (Version: 4.0.1.98943 - Dashlane SAS) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden DocMgr (x32 Version: 140.0.65.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 140.0.100.000 - Hewlett-Packard) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Driver Booster 3.2 (HKLM-x32\...\Driver Booster_is1) (Version: 3.2 - IObit) DVD Menu Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4412 - Hewlett-Packard) DVD Menu Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.) Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.7.0.0 - SEIKO EPSON CORPORATION) Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-310 Series Printer Uninstall (HKLM\...\EPSON XP-310 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) Facebook for HP TouchSmart (HKLM-x32\...\{8AE50893-3A87-4439-9A57-942ED43F7189}) (Version: 1.1.0004 - Hewlett-Packard) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden Fax (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Free CraigsList Reader Pro from CraigsPal 4.7.6 (HKLM-x32\...\{DE1685C9-3D62-444F-9663-0FB6850CD236}) (Version: 4.7.6 - CraigsPal) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GoToMeeting 5.7.0.1172 (HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\GoToMeeting) (Version: 5.7.0.1172 - CitrixOnline) GPBaseService2 (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden HandBrake 0.9.6 (HKLM-x32\...\HandBrake) (Version: 0.9.6 - ) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Desktop Keyboard (HKLM-x32\...\HP Keyboard_is1) (Version: 1.0.0.13 - Hewlett-Packard) HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP LinkUp (HKLM-x32\...\{C1AD9241-3ADD-483F-914D-071F3E50855A}) (Version: 2.01.026 - Hewlett-Packard) HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BB760C1D-98F4-4E38-8CC4-3B67329AA981}) (Version: 1.0.6.0 - Hewlett-Packard) HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard) HP My Display TouchSmart Edition (HKLM-x32\...\{1F4DDC90-5923-4E49-A4C7-F3CCC954DCA0}) (Version: 1.03.021 - Portrait Displays, Inc.) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Officejet 6500 E709 Series (HKLM\...\{58D79E62-CFC8-4331-8469-3A1B16E1769C}) (Version: 14.0 - HP) HP Picture in Picture (HKLM-x32\...\{B5E7EB77-0977-4FF4-9F25-BC1DA9DF0713}) (Version: 1.01.023 - Portrait Displays, Inc.) HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company) HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company) HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.0.30.219 - Hewlett-Packard Company) HP TouchSmart (HKLM-x32\...\{1502291B-3C1B-4781-99F8-9D6D8C650588}) (Version: 4.0.41.0 - Hewlett-Packard) HP TouchSmart Apps Center (HKLM-x32\...\{8317485C-067B-4B5B-A2A3-9D36B7B0399E}) (Version: 4.0.0.1 - Hewlett-Packard) HP TouchSmart Calendar (HKLM-x32\...\{297FA7DE-08E5-44A6-8F66-9E26F61F4810}) (Version: 4.1.3869.29064 - Hewlett-Packard) HP TouchSmart Canvas (HKLM-x32\...\{909CE9B4-76A7-4C3D-A9AC-CE231B3E4B40}) (Version: 2.0.3917.26233 - Hewlett-Packard) HP TouchSmart eBay (HKLM-x32\...\{3D5771E2-EF71-4765-A96F-B80E9DFA3FE9}) (Version: 1.0.4025.15222 - Hewlett-Packard) HP TouchSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4913 - Hewlett-Packard) HP TouchSmart Notes (HKLM-x32\...\{1F40643A-3489-4262-B7BA-F2EC6FA0A1C8}) (Version: 4.1.3916.21107 - Hewlett-Packard) HP TouchSmart Photo (HKLM-x32\...\InstallShield_{C9DCE03F-8CB7-4146-A99C-0612D75177EA}) (Version: 4.2.4913 - Hewlett-Packard) HP TouchSmart RecipeBox (HKLM-x32\...\{20714B53-FC73-4F9C-9687-49EB237D6FD7}) (Version: 3.0.3830.27730 - Hewlett-Packard) HP TouchSmart Twitter (HKLM-x32\...\{75781594-73D9-4D7B-997F-14D41BF1513D}) (Version: 3.0.4024.33750 - Hewlett-Packard) HP TouchSmart Video (HKLM-x32\...\InstallShield_{F04BFADD-C8CA-4C86-8F20-B1D7F4F8C66C}) (Version: 4.2.4928 - Hewlett-Packard) HP TouchSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.2.3603 - Hewlett-Packard) HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.5.0.0 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPProductAssistant (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6370.0 - IDT) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.2.5.129 - IObit) iPhone Care Pro (HKLM-x32\...\iPhone Care Pro) (Version: - Tenorshare, Inc.) iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3609 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.3609 - CyberLink Corp.) Hidden LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc) Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden MarketResearch (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Touch Pack for Windows 7 (HKLM-x32\...\{8FF90DB8-6DED-44A3-B182-244FEC09012F}) (Version: 1.0.40517.00 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Movie Theme Pack for HP TouchSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4412 - Hewlett-Packard) Movie Theme Pack for HP TouchSmart Video (x32 Version: 4.1.4412 - Hewlett-Packard) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) My Net View (HKLM-x32\...\{7F9C9908-69E3-4474-A081-256F27995A18}) (Version: 1.0.12.0 - Western Digital) Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.6159 - NVIDIA Corporation) NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Office Image Extraction Wizard 4.01 (HKLM-x32\...\Office Image Extraction Wizard_is1) (Version: - RL Vision) PCLinq2 High-Speed USB Bridge Cable (HKLM-x32\...\{95381165-5D16-4CD4-9162-57799A3F3AB5}) (Version: - ) PDF Image Extraction Wizard 6.11 (HKLM-x32\...\PDF Image Extraction Wizard_is1) (Version: - RL Vision) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Personal Ancestral File 5 (HKLM-x32\...\{D94A8E22-DF2B-4107-9E51-608A60A7671D}) (Version: - ) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4817 - CyberLink Corp.) Power2Go (x32 Version: 6.1.4817 - CyberLink Corp.) Hidden ProductContext (x32 Version: 140.0.000.000 - Hewlett-Packard) Hidden QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Rapport (x32 Version: 3.5.1507.104 - Trusteer) Hidden Recipe Manager (HKLM-x32\...\{9580CFC7-24C4-4A8C-8C28-2B174109FC2A}) (Version: 1.2.0 - NutritionAnalyser.com) Recovery Manager (x32 Version: 5.5.3621 - CyberLink Corp.) Hidden Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard) RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.24.999 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 140.0.167.000 - Hewlett-Packard) Hidden SDK (x32 Version: 2.26.005 - Portrait Displays, Inc.) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden SmartWebPrinting (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden SNABU (HKLM-x32\...\{CB905CC1-1E18-42E5-86A6-2978E22BD619}) (Version: 1.0.0.0 - Royal Palm Software) Snippage (HKLM-x32\...\Snippage.B28FB424FD6880E47B18D7D649F6CC93BDE9B29B.1) (Version: 1.0 r12 - UNKNOWN) Snippage (x32 Version: 1.0.12 - UNKNOWN) Hidden SoftPerfect WiFi Guard version 1.0.3 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.3 - SoftPerfect Research) Software Updater (HKLM-x32\...\{D60071DB-459C-465C-92EF-336E65F1A436}) (Version: 4.0.1 - SEIKO EPSON CORPORATION) SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit) The Weather Channel App (HKLM-x32\...\The Weather Channel App) (Version: - ) Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TraderClock (HKLM-x32\...\TraderClock) (Version: 1.0.0.0 - BugleSoft Co.) TraderClock (x32 Version: 1.0.0.0 - BugleSoft Co.) Hidden TrayApp (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.104 - Trusteer) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden USB Super Link (HKLM-x32\...\USB Super Link) (Version: - ) Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{A3070098-A41D-42D9-B6D3-2EF15285E719}) (Version: 2.14.0605 - Samsung Electronics Co., Ltd.) Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{69258FD1-F4EE-475A-83D1-BF68C8029592}) (Version: 2.14.0402 - Samsung Electronics Co., Ltd.) Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden Vistumbler (HKLM-x32\...\Vistumbler) (Version: v10 - Vistumbler.net) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WD Print Share (HKLM-x32\...\{6F4D365D-0440-4C01-B539-70D56EBED6AF}) (Version: 2.25 - WD Corporation) WD Quick View (HKLM-x32\...\{BC682D66-153E-44E2-BEF5-9E0DC3D652DB}) (Version: 1.6.0.13 - Western Digital) WebReg (x32 Version: 140.0.213.017 - Hewlett-Packard) Hidden Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.7.46 - Webroot) WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Wise PC 1stAid 1.46 (HKLM-x32\...\Wise PC 1stAid_is1) (Version: 1.46 - WiseCleaner.com, Inc.) Wise Registry Cleaner 8.81 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.81 - WiseCleaner.com, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Frank\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {042937CB-5476-4C2A-8480-C5E036578E2B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {0BDA146C-50B6-4B7F-A627-2A2A6A31ACC9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated) Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {0F21C45D-CA55-47C2-965F-A4459C775854} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {158DC1D7-D6EC-4311-8ECE-50B756951725} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard) Task: {181D31E6-C5DC-49BF-AD71-B653E5C10803} - System32\Tasks\ASCU9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\Monitor.exe [2016-01-11] (IObit) Task: {288345DF-4CE1-44A1-B9C7-96F6C6911C13} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {2925D048-C1D3-456C-B2CC-096D4ABA12EB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {2B320DF9-7635-4095-BE7C-3D49E2E50BB4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {2DAB094C-CEE1-4808-880A-AA2C80DBB721} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {2FD7919A-819A-4298-ABCD-7496578DCD51} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {30B92806-B35A-4A9B-9511-F3D1BB6A8D06} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> No File <==== ATTENTION Task: {32CE48A1-DBCE-4B9C-B4AD-54700504C0AA} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-01-13] (IObit) Task: {35A742C1-2971-4943-A2E3-29AD462FFAAC} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {3ACF76E4-F5DF-431C-BEA2-BE70CF85AE6D} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {422724EC-92A7-4B62-8562-3F7EA37590E2} - System32\Tasks\ASCU9_SkipUac_Frank => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe [2016-01-18] (IObit) Task: {4387B4E4-E32D-42D3-83F4-615709C041B8} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-12-03] (CyberLink) Task: {448270B0-5154-498D-B24D-AE71E7DB5927} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {4EF9C94A-BEB8-4886-8EFB-6F8DC72DE967} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {53ABC437-1B0B-41C8-BFA8-0949927B2CAE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {55FDF64B-3C5A-49F4-9EC4-597B575CA285} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {57185792-9DF7-42FD-8EC5-5B8087E1189E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-27] (Hewlett-Packard) Task: {57230E4A-F89C-49E1-BD8B-14D2B33724E3} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {5754A217-C89E-447C-B4A8-6B43D5FA639C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft) Task: {5BB1A6C3-C384-49BF-B0A8-093F899ED1DB} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION Task: {5C7F1131-CC94-4EFC-A98F-BFC1AB598597} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {5E1EEF58-B843-4C10-B960-ABF64DC428C0} - System32\Tasks\HPCeeScheduleForFrank => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {60C6872D-D8C5-4B88-8980-45D08F81447E} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {633D4E36-2308-4725-AF2D-D3AB2D395416} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {63E37A31-8A98-4CF9-B273-61792AB85B87} - System32\Tasks\Driver Booster SkipUAC (Frank) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-01-18] (IObit) Task: {66373DB8-4A8D-49A8-88A9-7AC45A9257AE} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {676AA134-440B-46E0-8865-785F44CF5266} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION Task: {76028AB5-AC97-4F06-8327-7D5A47A19935} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {8019363D-BCAD-4773-B90D-F17D42075CBA} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {85CC90DB-61DC-44CA-A651-5E2E72BC9F37} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-11-04] (Hewlett-Packard) Task: {8CB44539-7EFB-4B61-9618-F1943864CF05} - System32\Tasks\WiseCleaner\AidSkipUAC => C:\Program Files (x86)\Wise\Wise PC 1stAid\WisePCAid.exe [2015-08-21] (WiseCleaner.com) Task: {8D77A25D-FD6A-481A-B0D6-9678902CB9A5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {8D96AAC7-1AEC-445C-A984-BEAE907C5DCE} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> No File <==== ATTENTION Task: {8E7ACC57-EA88-4E25-A18A-18A0F734049F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd) Task: {8F5C559E-E477-43EB-B941-7DD3C31879AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {97D57FBC-B035-440C-88E7-9E676CD64057} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {99A3CE4B-D181-40B9-B286-9DA58349F19C} - System32\Tasks\EPSON XP-310 Series Invitation {C754C292-4D62-4461-9022-DB69AD119639} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-27] (SEIKO EPSON CORPORATION) Task: {9EE88514-786B-4C6B-B761-AD00A3815399} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {A0DD4BBE-DFA7-484F-A472-8CC10B662FD9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {A15FADD9-A8F9-40B0-B3A7-B36B829A65AE} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> No File <==== ATTENTION Task: {A2EB7834-8D72-48AB-B7AE-6171F38D5A5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {A8062493-9C07-47E7-8CB4-C2F65BA45374} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {ABE81196-0AAC-419A-993A-CA0F9FA7E738} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {AEE197DE-9BC3-416B-9BCA-3AEB87544930} - System32\Tasks\Leader Technologies\LTCM Client\New Message Check - Frank => C:\Program Files (x86)\LTCM Client\ltcmClient.exe [2011-04-07] (Leader Technologies Inc.) Task: {AEF4279E-913D-4173-B0EC-27F26E284041} - System32\Tasks\{E2C00A32-8C09-469E-BAAC-916A2906484B} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?page=tsPlugin Task: {B0783751-AFAE-4BFF-B02A-3C74BBADC98E} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {B2C6EC4B-DF4C-4AE3-A088-20727EFD9C7C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {B972D528-19EF-44A7-A5DA-66CF6294C0BE} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {BB891099-3F04-45DA-8DFA-066AB33B0F7D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {BD7DE124-0785-4D4A-BEB0-B7D7C5048040} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {C0F395F2-9715-4314-A840-2E6C417F6A32} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {C19BDFF1-811C-45D2-8F0B-E3C2C9CF6DD4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {C6429797-F491-4F5C-BD36-6AC08CF60D18} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {CC39C6E8-2239-4B86-88F4-6A4B47A2927F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {CD974F37-C850-4DAE-AACA-9C81C556C06E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {CE03E4D4-A363-477A-A7FE-A7C094A3C965} - System32\Tasks\{6992AE66-69D8-429B-AEC8-FD850DD65EBC} => pcalua.exe -a C:\Users\Frank\Desktop\g2m_codec.exe -d C:\Users\Frank\Desktop Task: {CE59A062-AD3D-4430-8C8A-8A0B266DE50E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company) Task: {D54891AB-8544-4435-87C6-291CA103E192} - System32\Tasks\EPSON XP-310 Series Update {C754C292-4D62-4461-9022-DB69AD119639} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE [2013-02-27] (SEIKO EPSON CORPORATION) Task: {DD8E2FC7-7569-41BE-A567-09CA51F4F606} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {DF5CF847-6586-4E3C-96A4-DA2B0259AB7F} - System32\Tasks\{006A4917-4E9B-44B0-89A5-AF56734D7622} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?page=tsMain Task: {EE44F1BC-3A65-4249-BBAC-F4DEB17CDF61} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F2511BEE-366D-49C8-BB06-D1D74AAAE162} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {F3581632-524A-41A6-B77E-D0F8AB8CE95B} - System32\Tasks\{37580DA6-652A-4389-859F-B03D9683FF9F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?page=tsMain Task: {F3B08B1B-283E-4C07-847F-84E720AC0CFC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {F63F0F48-EF9D-4EDB-A84E-00AAC7FB73BE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-12] (Microsoft Corporation) Task: {F7414645-8491-42DE-8ABF-BA8611EDC25E} - System32\Tasks\Uninstaller_SkipUac_Frank => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-01-18] (IObit) Task: {F9677769-3C14-4F7D-9B64-5910930A441C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {FCE0BDB0-A651-4609-BA07-0D459FDC3A40} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\ASCU9_SkipUac_Frank.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ASC.exe Task: C:\WINDOWS\Tasks\EPSON XP-310 Series Invitation {C754C292-4D62-4461-9022-DB69AD119639}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE Task: C:\WINDOWS\Tasks\EPSON XP-310 Series Update {C754C292-4D62-4461-9022-DB69AD119639}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLBE.EXE:/EXE:{C754C292-4D62-4461-9022-DB69AD119639} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForFrank.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Frank.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-21 14:55 - 2005-04-21 23:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll 2015-10-30 02:18 - 2015-10-30 02:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-18 13:18 - 2015-11-24 14:32 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-12-18 17:46 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-18 17:46 - 2015-11-22 05:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-18 17:45 - 2015-12-06 23:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 17:45 - 2015-12-06 23:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-18 17:45 - 2015-12-06 23:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2016-01-12 15:30 - 2016-01-04 20:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-12 15:30 - 2016-01-04 20:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-27 16:20 - 2016-01-16 00:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-27 16:20 - 2016-01-16 00:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-02-22 10:37 - 2016-01-19 12:48 - 00227712 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\Dashlane.exe 2015-02-22 10:37 - 2016-01-19 12:48 - 00285568 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\DashlanePlugin.exe 2011-06-30 10:59 - 2009-07-02 16:58 - 00406016 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe 2016-01-22 16:03 - 2016-01-22 16:03 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-26 11:43 - 2016-01-26 11:43 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.122.14020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-01-26 11:43 - 2016-01-26 11:43 - 14870016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.122.14020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-19 14:06 - 2015-11-19 14:06 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.122.14020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2015-07-20 11:06 - 2015-12-23 18:31 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2015-07-21 14:54 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2016-01-23 11:49 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madExcept_.bpl 2016-01-23 11:49 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madBasic_.bpl 2016-01-23 11:49 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\madDisAsm_.bpl 2016-01-20 11:35 - 2016-01-19 12:47 - 00343936 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 00433536 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 00467328 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 32424832 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 00299392 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 06175104 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 07339904 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 13635456 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 02259840 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.0.1.98943.dll 2016-01-20 11:35 - 2016-01-19 12:47 - 00353664 _____ () C:\Users\Frank\AppData\Roaming\Dashlane\4.0.1.98943\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.0.1.98943.dll 2016-01-23 11:49 - 2015-12-23 18:32 - 00899872 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\webres.dll 2016-01-23 11:49 - 2015-12-23 18:31 - 00625440 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\ProductStatistics.dll 2016-01-29 10:58 - 2016-01-27 12:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll 2016-01-29 10:58 - 2016-01-27 12:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll 2015-09-11 16:42 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2015-09-11 16:42 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2015-09-11 16:42 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2016-01-22 16:03 - 2016-01-22 16:03 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 16:03 - 2016-01-22 16:03 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\123simsen.com -> www.123simsen.com There are 7777 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2015-01-21 16:05 - 00001993 ____A C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com 0.0.0.0 cdn.bispd.com 0.0.0.0 cdn.bisrv.com There are 3 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Frank\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 64.6.64.6 - 64.6.65.6 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Frank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: DT HPO => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPO MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: TBHostSupport => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Frank\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin HKLM\...\StartupApproved\Run: => "BeatsOSDApp" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1178036084-1826107637-1660614399-1000\...\StartupApproved\Run: => "Advanced SystemCare 9" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{172163A7-8A8F-4179-B4E3-8F91EECB6C71}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{2D8931C9-4EA0-474A-85BC-9D7EA469502F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{80A27CE7-35F7-4059-9F35-670C20862ADF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A0D0727D-7720-4728-A733-7D7F0AD70581}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6AD53DBD-BDA7-4552-845A-0780870C2EDA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D5EEF54D-6AC7-4E22-9FBE-36060BAE5AE5}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe FirewallRules: [{EA00D086-AC76-4EAC-8137-ED4254DAF19F}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe FirewallRules: [{9F15D6C6-584B-495E-96D8-E9E70AB36EC0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe FirewallRules: [{FB24B17C-B788-4B59-B05D-AB771D954665}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe FirewallRules: [{537362A9-F186-4FBD-8447-776DE495839C}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe FirewallRules: [{778C340E-3131-4902-A754-D13E0053C2E1}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe FirewallRules: [{645C599B-DF16-45DA-9D0D-97DA9A36583E}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{DB909A88-26CB-4C5D-AAE2-839480E2966C}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{AB2CAFAE-D06E-4A32-A822-9E20B94B432D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{6F531F17-8E5B-42AE-A189-9D9BBE1F980C}] => (Allow) LPort=2869 FirewallRules: [{E7439133-21EE-4B69-B884-9BC6DE5F8689}] => (Allow) LPort=1900 FirewallRules: [{2C8B16C6-43A0-4C85-A625-D42372038EB1}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{7F0D2F01-2FA1-41B2-BC33-A494609DF076}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{059B5270-8BA2-434E-851A-8B20DFC48641}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{87BD5DFA-C2EB-4323-AC12-C30C74304CE4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{0F3913D9-C586-4B47-A79F-3789D9A068DE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe FirewallRules: [{644D007C-1A63-47D8-A47A-55F53CC17056}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe FirewallRules: [{B6DAD406-2E62-4C82-BD54-0F535A3B48CC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{2A4C575E-0B0E-4CBA-9AC1-DD8714BA1BF9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{E839BAEC-05DF-480C-BF19-5A783ED01428}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{0BFD22F1-2E86-4B4C-8B68-1786D3CFC500}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe FirewallRules: [{881500B1-B358-40F7-A492-A0B87420530F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{2ADA91EE-6F4A-457A-B0AA-1E4909D2D1AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{D54E8394-68DA-4650-8D68-145956FFF092}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe FirewallRules: [{5BF13BD9-29D2-4325-B850-1C9AC4BE90E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe FirewallRules: [{C25FE713-0A29-400B-ADAE-D4D8D84E0628}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{B3823C12-12AA-42FE-8CA6-6E8347218CD3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{CF067EF9-9BCD-4B8D-9904-21DA430052BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{7E3FE0D4-0957-418D-80A9-D0D3B85D42A6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{81326620-CD48-4460-A3B1-268F8CE483E3}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{7B116824-818E-44FA-8942-FE0A332183CE}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{B33DE334-9315-4C31-B1FE-F91A56551F8A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{EC17A099-1F40-4F5D-8D8C-7A9754B0B1A4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{3B25391F-636C-4286-B228-5BBCADE2A273}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe FirewallRules: [{0A57BABB-24AD-4E56-9789-5784615F66C3}] => (Allow) C:\Program Files (x86)\Western Digital\WD Print Share\WDPrintShare.exe FirewallRules: [{7FD0CC1D-0A7B-461D-9222-D54327C4CB89}] => (Allow) C:\Program Files (x86)\Western Digital\WD Print Share\WDPrintShare.exe FirewallRules: [{74BE06EC-93E5-4CE7-AE58-413F3BF09323}] => (Allow) LPort=7436 FirewallRules: [TCP Query User{B698C535-5879-4205-92E4-13ACE94BDF44}C:\program files (x86)\western digital\wd print share\wdprintshare.exe] => (Allow) C:\program files (x86)\western digital\wd print share\wdprintshare.exe FirewallRules: [UDP Query User{5C19732D-B4D7-494D-9503-860F9FF3A0DA}C:\program files (x86)\western digital\wd print share\wdprintshare.exe] => (Allow) C:\program files (x86)\western digital\wd print share\wdprintshare.exe FirewallRules: [TCP Query User{5843FA1F-E08B-4398-80B6-911D760B72BA}C:\program files (x86)\western digital\my net view\mynetview.exe] => (Allow) C:\program files (x86)\western digital\my net view\mynetview.exe FirewallRules: [UDP Query User{02466A40-8332-480E-B4E5-B5C788513BAE}C:\program files (x86)\western digital\my net view\mynetview.exe] => (Allow) C:\program files (x86)\western digital\my net view\mynetview.exe FirewallRules: [{7D7AC891-0F0F-45C3-B074-1DFAD1EF86B0}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe FirewallRules: [{4A5588BE-1ECD-4BE5-AEA4-C81B7034125E}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe FirewallRules: [TCP Query User{1D6D2B45-B00C-4E35-A562-1FC6B90D0004}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [UDP Query User{D744DA1F-B7BC-4DC5-9D05-165A05C15BCF}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe FirewallRules: [{FC9ED105-B4FC-455C-B67A-CA73875DCB2C}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE FirewallRules: [{8DACA39D-B4C9-4E05-B77E-9BD5FAEFCFF3}] => (Allow) LPort=54925 FirewallRules: [{14E10679-092E-4E5A-AB99-4A34E92258D9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{281A7930-8F6C-4C98-986A-DD67333285C5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{552F45BA-0A87-4CFA-BF82-3E8CBA1C0206}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{5D53A676-8EB5-4145-B4CB-31DF5FBA3713}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{404F0BEF-C577-4BAE-8E29-2234134ED0B0}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{A3333D29-E900-40E1-8573-4C323AC568B3}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{845B38DB-2F05-44B6-8C08-94D616F8B49C}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe FirewallRules: [{99127BD3-EB5F-4C0A-8DBE-9A01849B2539}] => (Allow) C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate\AutoUpdate.exe FirewallRules: [{9EA85B1B-D95F-4AD4-8AC2-C8263D601BD1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 22-01-2016 16:42:39 Scheduled Checkpoint 27-01-2016 16:55:08 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/04/2016 12:16:16 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (02/02/2016 01:37:09 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (02/01/2016 01:01:33 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/31/2016 11:45:27 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/31/2016 10:05:21 AM) (Source: MsiInstaller) (EventID: 1024) (User: Touchsmart1) Description: Product: Adobe Acrobat Reader DC - Update '{AC76BA86-7AD7-0000-2550-AC0F0A4E5800}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft.com/fwlink/?LinkId=23127 Error: (01/30/2016 07:41:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 50909485 Error: (01/30/2016 07:41:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 50909485 Error: (01/30/2016 07:41:25 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (01/29/2016 12:23:00 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. Error: (01/29/2016 12:23:00 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest. System errors: ============= Error: (02/03/2016 06:18:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_838dc7b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/03/2016 06:18:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_838dc7b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/03/2016 06:18:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_838dc7b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/03/2016 06:18:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_838dc7b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/03/2016 10:54:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_80ab7c4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/03/2016 10:54:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_80ab7c4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/03/2016 10:54:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_80ab7c4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/03/2016 10:54:11 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_80ab7c4 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/02/2016 06:42:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_6813e19 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/02/2016 06:42:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_6813e19 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-01-28 10:56:26.338 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-13 13:42:00.893 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-07 13:40:26.938 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-02 15:30:53.449 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-25 14:43:29.049 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-20 10:08:07.230 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-19 17:41:09.104 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-18 13:45:48.349 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-18 13:38:33.518 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-12-18 13:34:35.514 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Percentage of memory in use: 33% Total physical RAM: 10220.75 MB Available physical RAM: 6792.2 MB Total Virtual: 20460.75 MB Available Virtual: 16456.03 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1842.47 GB) (Free:1691.55 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:20.01 GB) (Free:2.44 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: () (Fixed) (Total:29.8 GB) (Free:14.24 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: C71517FA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1842.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=20 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 29.8 GB) (Disk ID: 7490F0B9) Partition 1: (Not Active) - (Size=29.8 GB) - (Type=0C) ==================== End of Addition.txt ============================