Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016 Ran by jthompson (2016-02-08 10:52:39) Running from C:\Users\mqc874\Desktop Windows 7 Professional Service Pack 1 (X64) (2012-11-20 05:01:46) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3444927048-3976517198-3392661973-1004 - Limited - Disabled) Batwings (S-1-5-21-3444927048-3976517198-3392661973-500 - Administrator - Enabled) => C:\Users\Batwings FirstUser (S-1-5-21-3444927048-3976517198-3392661973-1005 - Administrator - Enabled) => C:\Users\FirstUser NotForUse (S-1-5-21-3444927048-3976517198-3392661973-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: System Center Endpoint Protection (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: System Center Endpoint Protection (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden 7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov) Absolute Time Corrector (HKLM-x32\...\ATC) (Version: 10.3.0.3405 - FlexibleSoft Co.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated) Advanced Serial Port Terminal 6 (Build 6.0.382) (HKLM-x32\...\Advanced Serial Port Terminal_is1) (Version: - ELTIMA Software) AnalogX PortMapper (HKLM-x32\...\AnalogX PortMapper) (Version: - AnalogX) Andy OS (HKLM-x32\...\Andy OS) (Version: 0.41 - Andy OS, Inc) Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ARRIS Standard Template (HKLM-x32\...\{FCF4E903-F062-4D87-9621-41E83E89C1BA}) (Version: 6.6.3 - ARRIS) AT&T Connect Participant Application v9.0.82 (HKLM-x32\...\{1F3A6960-8470-4C84-820C-EBFFAF4DA580}) (Version: 9.0.82 - AT&T Inc.) Aventail Access Manager (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.63.241 - SonicWALL Inc) Aventail Access Manager (x32 Version: 10.63.241 - SonicWALL Inc) Hidden Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.63.241 - SonicWALL Aventail) Aventail Web Proxy Agent (HKLM-x32\...\{9B0B46B3-10DF-4ADA-9501-0129D784563D}) (Version: 10.63.210 - SonicWALL Inc) BitTorrent (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.) BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden Canon iP100 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP100_series) (Version: - Canon Inc.) Canon iP100 series User Registration (HKLM-x32\...\Canon iP100 series User Registration) (Version: - ) Canon Setup Utility 2.4 (HKLM-x32\...\Canon Setup Utility 2.4) (Version: - ) Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) Cisco IP Communicator (HKLM-x32\...\{EAC94DF2-C780-4954-924F-0EE3780A75D1}) (Version: 8.6.3.0 - Cisco Systems, Inc.) Cisco WebEx Meetings (HKLM-x32\...\{F9291FF7-D7E5-4C33-828B-EF9EEA5BE62B}) (Version: 8.29.0.179 - Cisco WebEx LLC) Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Cisco WebEx Productivity Tools (HKLM-x32\...\{F98F7139-0458-4DD0-94A6-C23FB28C05E3}) (Version: 2.82.501.10008 - Cisco WebEx LLC) Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix) Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.) Configuration Manager Client (Version: 5.00.8239.1000 - Microsoft Corporation) Hidden Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.392 - Corel Inc.) CP2102 USB to UART Bridge (Driver Removal) (HKLM-x32\...\NETGCOMM&0846&1100) (Version: - NETGEAR Inc.) Crystal Reports 11.5 Embedded Reporting (HKLM-x32\...\{EE29418D-6255-41CA-9670-998313085A48}) (Version: 1.00.0000 - Your Company Name) CVE-2012-4792 (HKLM\...\{6631f21e-4389-4c67-9b10-cf2b559b8d4a}.sdb) (Version: - ) CVE-2012-4792 (HKLM\...\{a1447a51-d8b1-4e93-bb19-82bd20da6fd2}.sdb) (Version: - ) CVE-2013-3893 (HKLM\...\{55aab41f-5d5c-abdf-4568-baef76587bd7}.sdb) (Version: - ) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.94 - NCH Software) Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden DisplayLink Core Software (HKLM\...\{DF3F0788-16F0-4894-9748-677409D69100}) (Version: 7.9.630.0 - DisplayLink Corp.) DisplayLink Graphics (HKLM\...\{2B3CC359-0B1C-4C84-B914-0B3BE0907EC2}) (Version: 7.9.658.0 - DisplayLink Corp.) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.11 - Dolby Laboratories Inc) Fitbit Connect (HKLM-x32\...\{9EC69368-C1C7-48BA-AD93-01EFC142DDF9}) (Version: 2.0.0.6630 - Fitbit Inc.) Free Serial Port Terminal (HKLM-x32\...\Free Serial Port Terminal) (Version: 1.0.0.710 - ) Genie Wifi (HKLM-x32\...\Genie Wifi) (Version: 1.0.0.1132 - oppoos.com) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) GlobalProtect (HKLM\...\{AFC5AA46-A32E-4912-BB84-2331F2EFE7D0}) (Version: 2.3.2 - Palo Alto Networks) Google Apps Migration For Microsoft Outlook® 4.0.27.0 (HKLM-x32\...\{8806AF1D-5161-489E-9E17-086CCC518931}) (Version: 4.0.27.0 - Google, Inc.) Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.) Google Chrome (HKLM-x32\...\{E59AB510-8AEA-36BC-91D5-B25791AD224F}) (Version: 48.0.2564.103 - Google, Inc.) Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google) Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google) Google Talk (remove only) (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - ) Google Talk Plugin (HKLM-x32\...\{E0C1FBC8-4C22-3671-AE2C-0D2A67E0AAA9}) (Version: 4.3.2.14360 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GoToMeeting 7.11.0.4400 (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\GoToMeeting) (Version: 7.11.0.4400 - CitrixOnline) Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot) inSSIDer 3 (HKLM-x32\...\{CDF246AE-C6E3-438F-AA76-21700DCC15F6}) (Version: 3.0.6.42 - MetaGeek, LLC) Integrated Camera Driver Installer Package Ver.1.2.1.18 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.18 - RICOH) Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel) Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden Intel(R) IPP Run-Time Installer 5.2 for Windows* on IA-32 (HKLM-x32\...\{38F48AED-66D8-464C-993E-C7296C7A199B}) (Version: 5.2.0.2 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) Network Connections 20.4.207.0 (HKLM\...\PROSetDX) (Version: 20.4.207.0 - Intel) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation) Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless Software (HKLM-x32\...\{e6f0207e-ac43-48a9-bfff-3d879b45694d}) (Version: 18.12.1 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IntelliAdmin Network Administrator - Remove (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\IntelliAdmin_NetworkAdministrator33) (Version: - ) i-Sound Recorder Pro 7.2.1.0 (HKLM-x32\...\i-Sound Recorder for Windows 7_is1) (Version: 7.2.1.0 - AbyssMedia.com) iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Juniper Networks Network Connect 6.5.0 (HKLM-x32\...\Juniper Network Connect 6.5.0) (Version: 6.5.0.15203 - Juniper Networks) Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\Juniper_Setup_Client) (Version: 7.2.4.25005 - Juniper Networks, Inc.) Kingo ROOT version 1.3.6.2289 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.3.6.2289 - Kingosoft Technology Ltd.) KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.131 - PandoraTV) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - ) Lenovo Patch Utility (HKLM-x32\...\{A7BB9BBD-DFE4-4276-820A-7CD141FC09E6}) (Version: 1.3.0.007 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited) LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) LiveAction Client 4.2.2 (HKLM\...\7129-7318-7633-3110) (Version: 4.2.2 - ActionPacked Networks) MB Cleaner (HKLM-x32\...\{0DFE77A9-44E0-4243-82AC-78A2CBB20F7E}) (Version: 1.1.0 - ARRIS Group, Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft Visio Compatibility Pack (HKLM-x32\...\{95150000-005B-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visio Viewer 2010 (HKLM-x32\...\{95140000-0052-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility) Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC) Mozilla Firefox 22.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 en-US)) (Version: 22.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyFreeCodec (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\MyFreeCodec) (Version: - ) On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.71.03 - ) OnGuard 2013 (HKLM-x32\...\{A44BDA66-3D79-4BA2-B727-8AD85A3C4287}) (Version: 6.6.287 - Lenel Systems International Inc.) Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - PhotoScape) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software) Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.10 - NCH Software) Quinta System Software version 1.2.3 (HKLM-x32\...\{B708E051-2DF2-46CE-BFAA-00F713998788}_is1) (Version: 1.2.3 - beyerdynamic Gmbh) RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6617 - Realtek Semiconductor Corp.) RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Savings Bond Wizard (HKLM-x32\...\Savings Bond Wizard) (Version: - ) Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden Service Pack 1 for Microsoft Office 2013 (KB2817430) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com) System Center Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation) ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.20 - ) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.34.0 - Lenovo) ThinkVantage Fingerprint Software (HKLM\...\{479016BF-5B8D-445F-BE15-A187F25D81C8}) (Version: 5.9.6.7084 - Authentec Inc.) TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc) TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc) Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version: - Microsoft) Verizon Download Manager (HKLM-x32\...\{E80D12A4-71F5-49E6-9598-6ADB0DBC7AE8}) (Version: 47 - SupportSoft) Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{A3070098-A41D-42D9-B6D3-2EF15285E719}) (Version: 2.14.0605 - Samsung Electronics Co., Ltd.) Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{B5300E76-AA13-4542-8E0E-776A280FE47E}) (Version: 2.14.0503 - Samsung Electronics Co., Ltd.) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation) Windows Firewall Configuration Provider (HKLM\...\{109A5A16-E09E-4B82-A784-D1780F1190D6}) (Version: 1.2.3412.0 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 1.10.8 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, hxxp://www.wireshark.org) YouCam (x32 Version: 3.1.5324 - CyberLink Corp.) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\3277\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {019096FE-3AE2-4538-BBA0-D105CF98C1B5} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Client Upgrade Task => C:\Windows\ccmsetup\ccmsetup.exe [2015-06-25] (Microsoft Corporation) Task: {073B5CC6-6E9F-4BD2-AC25-8FF3663C63D7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {1382CC51-E9F7-4220-B023-9851073D3159} - System32\Tasks\SUPERAntiSpyware Scheduled Task a8fe8680-abe2-45e8-8d8b-466c8abc0456 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {1CD49712-697D-4337-8EF9-538729E4C14A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {240B5A93-A4C0-4FF0-A3CD-A5FC775131D9} - System32\Tasks\G2MUploadTask-S-1-5-21-1830819319-1975652134-394877016-74296 => C:\Program Files (x86)\Citrix\GoToMeeting\4400\g2mupload.exe [2016-02-08] (Citrix Online, a division of Citrix Systems, Inc.) Task: {259233DC-58D0-4BB3-87D9-160BD201DD83} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {2654E8D4-64F4-467D-83C8-E6E8B68EDE96} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {2957108D-5DE6-4787-BD6D-BAA4FAB591C3} - System32\Tasks\G2MUpdateTask-S-1-5-21-1830819319-1975652134-394877016-74296 => C:\Program Files (x86)\Citrix\GoToMeeting\4400\g2mupdate.exe [2016-02-08] (Citrix Online, a division of Citrix Systems, Inc.) Task: {34E1E6D2-426D-47B5-B824-A564BF0AE68C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526UA => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {380BDB0B-E765-4330-9C6D-5527E764F03D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {3C056302-7118-4275-A713-AE1CFF9B5074} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069UA1cf8eeef8d4135a => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {426E3E91-06E9-4E2B-901A-0CA80A5E6052} - System32\Tasks\{CDB47E39-60D3-4ED8-8B32-94D257EA54CA} => pcalua.exe -a C:\Users\mqc874\Downloads\HPDesignjetT770andT1200PrinterSeriesPS3.exe -d C:\Users\mqc874\Downloads Task: {45FAE5DD-CA99-439B-9104-6D59066B438C} - System32\Tasks\{550AE9AC-EB04-4F47-BBDE-59EE68A650C8} => pcalua.exe -a C:\Users\mqc874\Downloads\sbwsetup.exe -d C:\Users\mqc874\Downloads Task: {46544FEA-E281-4622-83DE-7ED740D23147} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection Task: {4F91490E-3C33-4AD1-801D-84C149537508} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: {515EB812-14E3-4426-A178-41A7B29D046E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526Core => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {5265EDB6-384B-49D6-A1C5-937E7B1E97F4} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: {5A882AE6-EF08-4CDE-9CE7-A5124EDEFF55} - System32\Tasks\{B4A48740-CFE6-4E2F-9153-B6C67ADE198E} => pcalua.exe -a "C:\Program Files (x86)\Wireshark\Wireshark.exe" -d C:\Users\mqc874 Task: {67D7662D-BD9D-45A4-B9CB-7DB4F011E7A5} - System32\Tasks\{BAE44836-4D46-4904-8EF2-011C1A0E61C5} => pcalua.exe -a "D:\language\ENU\USB Console Driver\CP2102_Installer.exe" -d "D:\language\ENU\USB Console Driver" Task: {87B4F4E0-E7B1-4061-BEB1-7837EEA865E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {9D439FC3-2670-493F-BA96-F6719A562DDE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {A7FCA400-9506-4454-8785-E75306650063} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [2015-04-14] (Microsoft Corporation) Task: {B085D290-8A5F-4CD3-8262-09EF70407937} - System32\Tasks\SUPERAntiSpyware Scheduled Task e98c4c5a-8f87-4354-b7ea-3b9df25865ab => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {B40DEDD2-E761-45AB-93E7-9EC160E9E0D3} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: {B921213F-7994-4D0A-8D3E-A3498BDC4BEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069Core1cf8eeef8b826ea => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {C109B5AE-8D02-40A7-8D80-E6BD9B7A1A79} - System32\Tasks\DiskUpdate => C:\Drivers\Apps\Fix for Issue of HDD with HDP Detection\Diskupdt\DiskUpdate.exe [2009-02-10] () Task: {C8B2ECBF-5D3B-45D8-9C4C-38A62564C417} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {CBD6C08B-2A2F-47CA-91A9-856F338AA182} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-06-14] (CyberLink) Task: {D2D4DDE5-0146-451D-81E7-25BEDB594936} - System32\Tasks\{2B3F1867-FBE4-456E-9A30-6F409587AC4B} => pcalua.exe -a C:\Users\mqc874\Downloads\ntptool20.exe -d C:\Users\mqc874\Downloads Task: {D5A600C7-9066-4A5F-A005-39FE790D4161} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated) Task: {DF4911AC-638C-4E23-AA66-3F160CF256C3} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1830819319-1975652134-394877016-74296 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\TEMP.ARRS.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {FC62654C-E045-4B07-A044-0E50E1054744} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1830819319-1975652134-394877016-74296.job => C:\Program Files (x86)\Citrix\GoToMeeting\4400\g2mupdate.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1830819319-1975652134-394877016-74296.job => C:\Program Files (x86)\Citrix\GoToMeeting\4400\g2mupload.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526Core.job => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526UA.job => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069Core1cf8eeef8b826ea.job => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069UA1cf8eeef8d4135a.job => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a8fe8680-abe2-45e8-8d8b-466c8abc0456.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e98c4c5a-8f87-4354-b7ea-3b9df25865ab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2013-04-26 05:47 - 2013-04-26 05:47 - 00234792 _____ () C:\Windows\ngmsi.dll 2013-05-06 09:37 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-11-10 15:45 - 2015-11-10 15:45 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2011-03-07 06:07 - 2011-03-07 06:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-10-16 08:41 - 2015-10-16 08:41 - 01613032 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll 2015-11-18 15:57 - 2015-11-18 15:57 - 06736552 _____ () C:\Program Files (x86)\Microsoft Office\Office15\lynchtmlconv.exe 2015-03-05 02:42 - 2015-03-05 02:42 - 00050840 _____ () C:\Program Files (x86)\Genie Soft\Genie Wifi\MGCommon.dll 2012-10-10 14:45 - 2011-08-02 03:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2012-10-10 14:45 - 2011-08-02 03:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2013-01-12 05:35 - 2013-01-12 05:35 - 00181632 _____ () C:\Program Files (x86)\Common Files\Lenel\LnlCmn.Utilities.COM.dll 2012-10-22 02:17 - 2012-10-22 02:17 - 00142264 _____ () C:\Program Files (x86)\Common Files\Lenel Shared\LNVSuite Client Components\7.0\LnrBoschCapu.dll 2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll 2015-03-27 01:29 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-03-27 01:29 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-03-27 01:29 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-03-27 01:29 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-03-27 01:29 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2011-04-27 12:22 - 2011-04-27 12:22 - 00031744 _____ () C:\Users\mqc874\AppData\Local\ATT Connect\Participant\IwRegVC90.dll 2011-04-21 10:10 - 2011-04-21 10:10 - 00418304 _____ () C:\Users\mqc874\AppData\Local\ATT Connect\Participant\exchndl.dll 2014-12-11 16:40 - 2014-12-11 16:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll 2015-02-10 13:13 - 2015-02-10 13:13 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\Office15\tmpod.dll 2014-01-23 14:55 - 2014-01-23 14:55 - 00022696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\lynchtmlconvpxy.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2012-10-10 14:41 - 2012-02-21 11:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-10-13 15:07 - 2015-10-13 15:07 - 01032360 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll 2015-11-10 15:45 - 2015-11-10 15:45 - 08901184 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2016-02-04 23:53 - 2016-02-03 02:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll 2016-02-04 23:53 - 2016-02-03 02:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\29361337.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\29361337.sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7866 more sites. IE trusted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\arrisi.com -> hxxp://arris-mysites.arrisi.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\123simsen.com -> www.123simsen.com There are 7866 more sites. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-08-26 15:08 - 2015-12-28 17:58 - 00451085 ____R C:\Windows\system32\Drivers\etc\hosts 144.189.28.14 secnet.access.motorola.com144.187.33.12 emea-blue.access.motorola.com127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com There are 15463 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1830819319-1975652134-394877016-74296\Control Panel\Desktop\\Wallpaper -> DNS Servers: 10.35.151.2 - 10.43.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{4FF054E8-8273-43F5-8626-305897E278B9}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{7038E8CB-7990-4DDB-AB25-8697C1BC1F55}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe FirewallRules: [{7FDE20A8-9FF6-45F6-8A68-EB38E89B01FB}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe FirewallRules: [{A249BC80-1B65-49AA-BA68-A05A4CD6DF32}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe FirewallRules: [{6EBFC7F8-F009-411E-AFC4-41B01B29D5CC}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe FirewallRules: [TCP Query User{E7E4D29C-BDE6-46AC-80FC-02B25483D6BE}C:\program files (x86)\polycom\polycom cma desktop\callcontrol.exe] => (Allow) C:\program files (x86)\polycom\polycom cma desktop\callcontrol.exe FirewallRules: [UDP Query User{5281E2AB-7E0A-4F63-ADAA-ADAD552A8F3A}C:\program files (x86)\polycom\polycom cma desktop\callcontrol.exe] => (Allow) C:\program files (x86)\polycom\polycom cma desktop\callcontrol.exe FirewallRules: [TCP Query User{1FEC54A0-241B-4E75-8EE9-936E9A25010C}C:\program files (x86)\polycom\polycom cma desktop\mediaprocessor.exe] => (Allow) C:\program files (x86)\polycom\polycom cma desktop\mediaprocessor.exe FirewallRules: [UDP Query User{1C79C0F9-7E4D-4634-B72C-E75EE2EF4FA4}C:\program files (x86)\polycom\polycom cma desktop\mediaprocessor.exe] => (Allow) C:\program files (x86)\polycom\polycom cma desktop\mediaprocessor.exe FirewallRules: [TCP Query User{09DCAEDB-9773-414D-8D37-176E25DF1B03}C:\program files (x86)\analogx\portmapper\pmapper.exe] => (Allow) C:\program files (x86)\analogx\portmapper\pmapper.exe FirewallRules: [UDP Query User{73A722E3-7E47-4B39-91CA-6D7D57D29D2A}C:\program files (x86)\analogx\portmapper\pmapper.exe] => (Allow) C:\program files (x86)\analogx\portmapper\pmapper.exe FirewallRules: [{4367D22D-A4B9-485A-A234-647E12C038BD}] => (Allow) C:\Windows\CCM\RemCtrl\CmRcService.exe FirewallRules: [{7D5B68C3-41F7-41B0-B1E9-C007BADF43EC}] => (Allow) C:\Program Files (x86)\OnGuard\AreaAccessManager.exe FirewallRules: [{4AC206B2-68BB-418D-9C38-BC6615A1A763}] => (Allow) C:\Program Files (x86)\OnGuard\AreaAccessManager.exe FirewallRules: [{4DBB3088-6233-49FB-9E6D-7141602F8359}] => (Allow) C:\Program Files (x86)\OnGuard\AreaAccessManager.exe FirewallRules: [{DE9B1D7D-12D4-4299-9EA8-AE67FD5F3625}] => (Allow) C:\Program Files (x86)\OnGuard\AreaAccessManager.exe FirewallRules: [{1DC29222-EC59-4C0E-870C-A9D9727736E4}] => (Allow) C:\Windows\SysWOW64\OPCENUM.EXE FirewallRules: [{F8523BED-FAFC-434C-9827-BCB7E5C1420B}] => (Allow) C:\Windows\SysWOW64\OPCENUM.EXE FirewallRules: [{5E9648EA-B860-49C3-AD89-81562DFD9E45}] => (Allow) C:\Windows\SysWOW64\OPCENUM.EXE FirewallRules: [{BF7A6EC3-EE43-4795-AB5A-7F33B74EBFE9}] => (Allow) C:\Windows\SysWOW64\OPCENUM.EXE FirewallRules: [{05C22742-3A32-4D8B-96FE-2B780F0337D0}] => (Allow) C:\Program Files (x86)\OnGuard\LnlPTZTourServer.exe FirewallRules: [{C63AE550-EA89-41D7-9923-95740D99518F}] => (Allow) C:\Program Files (x86)\OnGuard\LnlPTZTourServer.exe FirewallRules: [{145E913C-B89D-4D79-8812-F3C565618C07}] => (Allow) C:\Program Files (x86)\OnGuard\LnlPTZTourServer.exe FirewallRules: [{AE5B0611-3A6A-4C95-83EC-A3DCA7F7DB3C}] => (Allow) C:\Program Files (x86)\OnGuard\LnlPTZTourServer.exe FirewallRules: [{2FF62406-E282-4663-AFC4-AD1271282668}] => (Allow) C:\Program Files (x86)\OnGuard\LSLServer.exe FirewallRules: [{7FA134C0-3DDE-41A5-84C3-C8BB8867C17D}] => (Allow) C:\Program Files (x86)\OnGuard\LSLServer.exe FirewallRules: [{35593D57-77B3-4E87-A2F6-155D8F98C72A}] => (Allow) C:\Program Files (x86)\OnGuard\LSLServer.exe FirewallRules: [{D34DCA5D-F787-429A-BFE3-760F77F15B94}] => (Allow) C:\Program Files (x86)\OnGuard\LSLServer.exe FirewallRules: [{1E9C93EA-2B89-41FB-A756-1640A7FFC39B}] => (Allow) C:\Program Files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe FirewallRules: [{67AD5DC2-B63A-4201-B708-EC40B42F957C}] => (Allow) C:\Program Files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe FirewallRules: [{BC8F42BE-D2E3-4A48-A85D-B38653D526A0}] => (Allow) C:\Program Files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe FirewallRules: [{9A8BD8F6-827D-4A06-82AA-11117A22DC47}] => (Allow) C:\Program Files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe FirewallRules: [{5414E7FD-9494-4A89-A05C-D1E1C598E750}] => (Allow) LPort=135 FirewallRules: [{C67FC032-F0AC-43B6-B32B-8265F6CC6C1A}] => (Allow) LPort=135 FirewallRules: [{A08EA42E-262E-4A66-BF75-CF69B7A8A6BD}] => (Allow) C:\Users\mqc874\AppData\Local\iLivid\iLivid.exe FirewallRules: [{E515B6D8-E3D8-4DE9-92AB-789A6BEE65F7}] => (Allow) C:\Users\mqc874\AppData\Local\iLivid\iLivid.exe FirewallRules: [{5DD06196-EABC-4D14-8587-7C705806A5BF}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe FirewallRules: [{092F4368-72F0-44E3-98EA-FCBDCC135E1C}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe FirewallRules: [{D0139B9B-7064-44EA-84D7-C4C5CC926973}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{A2C1D91B-8846-411D-A6D1-BF9617FEB2ED}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{62F0AEFB-6340-454C-9200-D9B070506AA3}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{0CE916A0-A8E2-46B9-ABEB-EF22793A2C8D}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{B5AC9C89-C098-4480-86E3-76E42F503238}] => (Allow) C:\Windows\CCM\RemCtrl\CmRcService.exe FirewallRules: [{B769B8F3-D97B-456A-BA50-799E4C9C6307}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe FirewallRules: [{D847D125-F02D-438A-822A-250C0E8E60CF}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{26D17E82-CBA0-44D5-8FEE-E80B4E56CE43}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{46C54E80-8EC7-45F8-B358-0E9B641E8956}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{AD225BD1-DE12-4032-899F-57FEDB0AF7BB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{F54E4B47-044F-4D14-B1A6-3ADC94FDC397}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{5A4187A0-E26F-44FA-9DA8-E0E740195250}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{5E93E396-A059-4500-B354-B090574F9174}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{23E61130-43CF-4218-AA10-2DEA9FAE32FE}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jrrp.exe FirewallRules: [{AC46ADD6-E9B5-4387-87E0-C342D64C0CB3}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jrrp.exe FirewallRules: [{67E150DC-8DD7-43F4-BBAD-CC86B48B0593}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jbp.exe FirewallRules: [{66482EB2-CA6E-4C86-BF31-C784A8D1BCE1}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jbp.exe FirewallRules: [{7DBF4867-4DF9-4D97-BB98-A875F850E5A1}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jwmpp.exe FirewallRules: [{E141182F-7987-4FE7-A1F6-C6B9EA8917FB}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jwmpp.exe FirewallRules: [{7022D35A-0D3F-480A-945C-158E47DA70C4}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe FirewallRules: [{E6209926-C4AC-47FF-AC50-723B977EEA4A}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe FirewallRules: [{3E912F52-F43E-4758-BDF3-B95FD0170069}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{3F165741-F1BC-4D3F-AF65-1305666CD62A}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{08BC5840-BA96-4F6A-BBFD-2C87D094B738}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{06F15003-89EC-4EA7-9A2A-BDE67463D535}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{78CE2E67-7913-404C-8975-85733F22D083}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{33513DD7-EF08-4E01-82EB-F9B2519E6339}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{A561E204-CEE5-46B3-ABCE-2830538783EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{E3CA09F6-CF9A-4DF3-910D-6515AF71969E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{9A20AB56-38FC-4F62-8D39-80E21D578E5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{36C029C5-1754-4F59-AD54-492B63B56BA5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{117C308B-557A-4A73-96B0-6E8A65BCB114}] => (Allow) C:\Windows\CCM\RemCtrl\CmRcService.exe FirewallRules: [{9C9829E4-36FE-4AA4-A420-4B0D6131545F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{FAA1F31E-2C23-4ABE-B8E9-A05DFB31929D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{45AC55CD-6021-461F-85F4-7EE1ACD4F8B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{60A5DC63-0F3A-4F48-AB66-8680EED2B1B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C998D5EA-3E81-40F3-A51D-FF927EABC3FD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{BEF4E068-FCEC-4715-A26B-811349D21EAE}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{C14065AB-8E53-44FA-8890-89D9D0A43B47}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{751CDE4F-65E1-48BE-8379-FBCADB7C6E9B}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{E67577DE-8CA2-40FF-91AB-395C4750C921}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{5DE6964D-7515-413E-BB0D-8C9BB42823B9}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{8ADAE537-17C5-419F-8DC7-4A3E817C3E4B}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{DC883AA2-9906-4D2A-9C0C-6A90F01990F4}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{739B73B3-C68B-4632-87A6-45D285AE265E}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{FEDF22F8-8212-4784-AF05-2C1FF42B9BCE}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{74335C75-83DD-4155-BF40-4A43334BD091}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{99FD83BF-7116-4D85-91BF-ECCD20A29AF0}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{6A954337-E23C-4F5A-BE7E-B7E730B5BD9C}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{12D0A2CB-CCAB-441B-A037-9AD963A877AE}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{BEA3F2F8-B3EA-4DF4-A79B-3AACE55F6882}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{D5B87909-2700-4C82-AD26-1AF16BBC8C37}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{58547D43-E708-450C-AB09-A7B62A79D29B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{91D2C7E8-CCA0-43F9-888E-5E70377958E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{80E30613-668F-4C82-B193-80D39AA77047}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Restore Points ========================= 08-02-2016 09:26:29 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/08/2016 09:08:55 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARRS) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (02/08/2016 08:53:48 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/07/2016 01:08:40 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARRS) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (02/07/2016 12:53:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/07/2016 11:48:31 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/06/2016 11:32:08 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARRS) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (02/06/2016 04:31:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/06/2016 04:29:02 PM) (Source: Windows Search Service) (EventID: 3100) (User: ) Description: Unable to initialize the filter host process. Terminating. Details: Access is denied. (HRESULT : 0x80070005) (0x80070005) Error: (02/06/2016 02:50:21 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: Windows cannot access the file for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Windows Explorer because of this error. Program: Windows Explorer File: The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: 00000000 Disk type: 0 Error: (02/06/2016 02:50:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000096 Fault offset: 0x001cf885 Faulting process id: 0x2cb4 Faulting application start time: 0xexplorer.exe0 Faulting application path: explorer.exe1 Faulting module path: explorer.exe2 Report Id: explorer.exe3 System errors: ============= Error: (02/08/2016 08:55:56 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/08/2016 08:54:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/08/2016 08:53:46 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (02/08/2016 08:53:45 AM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The QsRUMAgent service was unable to log on as ARRS\Qmigrator with the currently configured password due to the following error: %%1326 To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (02/07/2016 12:56:06 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/07/2016 12:55:14 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: ARRS) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. Error: (02/07/2016 12:54:51 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/07/2016 12:53:50 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: cdrom Error: (02/07/2016 12:53:42 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1055) (User: NT AUTHORITY) Description: The processing of Group Policy failed. Windows could not resolve the computer name. This could be caused by one of more of the following: a) Name Resolution failure on the current domain controller. b) Active Directory Replication Latency (an account created on another domain controller has not replicated to the current domain controller). Error: (02/07/2016 12:53:40 PM) (Source: NETLOGON) (EventID: 5719) (User: ) Description: This computer was not able to set up a secure session with a domain controller in domain ARRS due to the following: %%1311 This may lead to authentication problems. Make sure that this computer is connected to the network. If the problem persists, please contact your domain administrator. ADDITIONAL INFO If this computer is a domain controller for the specified domain, it sets up the secure session to the primary domain controller emulator in the specified domain. Otherwise, this computer sets up the secure session to any domain controller in the specified domain. CodeIntegrity: =================================== Date: 2016-02-08 08:55:33.487 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-07 12:55:52.935 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-07 11:49:56.886 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-06 23:31:35.328 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-06 14:29:44.067 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-06 12:19:04.969 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-05 19:53:51.711 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-05 13:20:36.410 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-05 12:22:17.883 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-05 11:34:55.107 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz Percentage of memory in use: 72% Total physical RAM: 3792.79 MB Available physical RAM: 1050.63 MB Total Virtual: 7583.79 MB Available Virtual: 3600.21 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:167.68 GB) (Free:11.28 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 5E8ECD54) Partition 1: (Active) - (Size=167.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================