Additional scan result of Farbar Recovery Scan Tool (x64) Version:17-02-2016 Ran by jthompson (2016-02-17 21:16:52) Running from C:\Users\mqc874\Desktop Windows 7 Professional Service Pack 1 (X64) (2012-11-20 05:01:46) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3444927048-3976517198-3392661973-1004 - Limited - Disabled) Batwings (S-1-5-21-3444927048-3976517198-3392661973-500 - Administrator - Enabled) => C:\Users\Batwings FirstUser (S-1-5-21-3444927048-3976517198-3392661973-1005 - Administrator - Enabled) => C:\Users\FirstUser NotForUse (S-1-5-21-3444927048-3976517198-3392661973-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: System Center Endpoint Protection (Disabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: System Center Endpoint Protection (Disabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 13.2.1 - Hewlett-Packard) Hidden 7-Zip 15.06 beta (x64) (HKLM\...\7-Zip) (Version: 15.06 - Igor Pavlov) Absolute Time Corrector (HKLM-x32\...\ATC) (Version: 10.3.0.3405 - FlexibleSoft Co.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated) Advanced Serial Port Terminal 6 (Build 6.0.382) (HKLM-x32\...\Advanced Serial Port Terminal_is1) (Version: - ELTIMA Software) AnalogX PortMapper (HKLM-x32\...\AnalogX PortMapper) (Version: - AnalogX) Andy OS (HKLM-x32\...\Andy OS) (Version: 0.41 - Andy OS, Inc) Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ARRIS Standard Template (HKLM-x32\...\{FCF4E903-F062-4D87-9621-41E83E89C1BA}) (Version: 6.6.3 - ARRIS) AT&T Connect Participant Application v9.0.82 (HKLM-x32\...\{1F3A6960-8470-4C84-820C-EBFFAF4DA580}) (Version: 9.0.82 - AT&T Inc.) Aventail Access Manager (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\{72552C46-944B-4E16-BBC8-0D85F31C1800}) (Version: 10.63.241 - SonicWALL Inc) Aventail Access Manager (x32 Version: 10.63.241 - SonicWALL Inc) Hidden Aventail Connect (HKLM\...\{C338ACAC-7162-42E3-8B8C-85E5746F4A2E}) (Version: 10.63.241 - SonicWALL Aventail) Aventail Web Proxy Agent (HKLM-x32\...\{9B0B46B3-10DF-4ADA-9501-0129D784563D}) (Version: 10.63.210 - SonicWALL Inc) BitTorrent (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\BitTorrent) (Version: 7.9.5.41373 - BitTorrent Inc.) BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Burn.Now 4.5 (x32 Version: 4.5.0 - Corel Corporation) Hidden Canon iP100 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP100_series) (Version: - Canon Inc.) Canon iP100 series User Registration (HKLM-x32\...\Canon iP100 series User Registration) (Version: - ) Canon Setup Utility 2.4 (HKLM-x32\...\Canon Setup Utility 2.4) (Version: - ) Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform) Cisco IP Communicator (HKLM-x32\...\{EAC94DF2-C780-4954-924F-0EE3780A75D1}) (Version: 8.6.3.0 - Cisco Systems, Inc.) Cisco WebEx Meetings (HKLM-x32\...\{F9291FF7-D7E5-4C33-828B-EF9EEA5BE62B}) (Version: 8.29.0.179 - Cisco WebEx LLC) Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Cisco WebEx Productivity Tools (HKLM-x32\...\{F98F7139-0458-4DD0-94A6-C23FB28C05E3}) (Version: 2.82.501.10008 - Cisco WebEx LLC) Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix) Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.1.0.89 - Citrix Systems, Inc.) Configuration Manager Client (Version: 5.00.8239.1000 - Microsoft Corporation) Hidden Corel Burn.Now Lenovo Edition (HKLM-x32\...\InstallShield_{A3BE3F1E-2472-4211-8735-E8239BE49D9F}) (Version: 4.5.0 - Corel Corporation) Corel DVD MovieFactory 7 (x32 Version: 7.0.0 - Corel Corporation) Hidden Corel DVD MovieFactory Lenovo Edition (HKLM-x32\...\InstallShield_{50F68032-B5B7-4513-9116-C978DBD8F27A}) (Version: 7.0.0 - Corel Corporation) Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.392 - Corel Inc.) CP2102 USB to UART Bridge (Driver Removal) (HKLM-x32\...\NETGCOMM&0846&1100) (Version: - NETGEAR Inc.) Crystal Reports 11.5 Embedded Reporting (HKLM-x32\...\{EE29418D-6255-41CA-9670-998313085A48}) (Version: 1.00.0000 - Your Company Name) CVE-2012-4792 (HKLM\...\{6631f21e-4389-4c67-9b10-cf2b559b8d4a}.sdb) (Version: - ) CVE-2012-4792 (HKLM\...\{a1447a51-d8b1-4e93-bb19-82bd20da6fd2}.sdb) (Version: - ) CVE-2013-3893 (HKLM\...\{55aab41f-5d5c-abdf-4568-baef76587bd7}.sdb) (Version: - ) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.) Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 1.94 - NCH Software) Direct DiscRecorder (x32 Version: 1.00.0000 - Corel Corporation) Hidden DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden DisplayLink Core Software (HKLM\...\{DF3F0788-16F0-4894-9748-677409D69100}) (Version: 7.9.630.0 - DisplayLink Corp.) DisplayLink Graphics (HKLM\...\{2B3CC359-0B1C-4C84-B914-0B3BE0907EC2}) (Version: 7.9.658.0 - DisplayLink Corp.) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.11 - Dolby Laboratories Inc) Fitbit Connect (HKLM-x32\...\{9EC69368-C1C7-48BA-AD93-01EFC142DDF9}) (Version: 2.0.0.6630 - Fitbit Inc.) Free Serial Port Terminal (HKLM-x32\...\Free Serial Port Terminal) (Version: 1.0.0.710 - ) Genie Wifi (HKLM-x32\...\Genie Wifi) (Version: 1.0.0.1132 - oppoos.com) GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) GlobalProtect (HKLM\...\{AFC5AA46-A32E-4912-BB84-2331F2EFE7D0}) (Version: 2.3.2 - Palo Alto Networks) Google Apps Migration For Microsoft Outlook® 4.0.27.0 (HKLM-x32\...\{8806AF1D-5161-489E-9E17-086CCC518931}) (Version: 4.0.27.0 - Google, Inc.) Google Apps Sync™ for Microsoft Outlook® 3.8.440.1250 (HKLM-x32\...\{091C294E-F243-432C-93E1-DEC4C2B9635B}) (Version: 3.8.440.1250 - Google, Inc.) Google Chrome (HKLM-x32\...\{E59AB510-8AEA-36BC-91D5-B25791AD224F}) (Version: 48.0.2564.109 - Google, Inc.) Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google) Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google) Google Talk (remove only) (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version: - ) Google Talk Plugin (HKLM-x32\...\{E0C1FBC8-4C22-3671-AE2C-0D2A67E0AAA9}) (Version: 4.3.2.14360 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GoToMeeting 7.11.1.4419 (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\GoToMeeting) (Version: 7.11.1.4419 - CitrixOnline) Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot) inSSIDer 3 (HKLM-x32\...\{CDF246AE-C6E3-438F-AA76-21700DCC15F6}) (Version: 3.0.6.42 - MetaGeek, LLC) Integrated Camera Driver Installer Package Ver.1.2.1.18 (HKLM-x32\...\{A78800AF-1779-4AE8-8EBE-16E1BE727C71}) (Version: 1.2.1.18 - RICOH) Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel) Intel(R) Chipset Device Software (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden Intel(R) IPP Run-Time Installer 5.2 for Windows* on IA-32 (HKLM-x32\...\{38F48AED-66D8-464C-993E-C7296C7A199B}) (Version: 5.2.0.2 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel(R) Network Connections 20.4.207.0 (HKLM\...\PROSetDX) (Version: 20.4.207.0 - Intel) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.9.254 - Intel Corporation) Intel(R) WiDi (HKLM\...\{728985C5-A04B-457C-9D62-15360F3EAF85}) (Version: 3.1.29.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless Software (HKLM-x32\...\{e6f0207e-ac43-48a9-bfff-3d879b45694d}) (Version: 18.12.1 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IntelliAdmin Network Administrator - Remove (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\IntelliAdmin_NetworkAdministrator33) (Version: - ) i-Sound Recorder Pro 7.2.1.0 (HKLM-x32\...\i-Sound Recorder for Windows 7_is1) (Version: 7.2.1.0 - AbyssMedia.com) iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Juniper Networks Network Connect 6.5.0 (HKLM-x32\...\Juniper Network Connect 6.5.0) (Version: 6.5.0.15203 - Juniper Networks) Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\Juniper_Setup_Client) (Version: 7.2.4.25005 - Juniper Networks, Inc.) Kingo ROOT version 1.3.6.2289 (HKLM-x32\...\{AE7675D6-0B31-494F-ABFA-822E1A0FDF17}_is1) (Version: 1.3.6.2289 - Kingosoft Technology Ltd.) KMPlayer (HKLM-x32\...\The KMPlayer) (Version: 3.9.1.131 - PandoraTV) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) Lenovo Auto Scroll Utility (HKLM\...\LenovoAutoScrollUtility) (Version: 1.11 - ) Lenovo Patch Utility (HKLM-x32\...\{A7BB9BBD-DFE4-4276-820A-7CD141FC09E6}) (Version: 1.3.0.007 - Lenovo Group Limited) Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited) LG ODD Auto Firmware Update (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - ) LiveAction Client 4.2.2 (HKLM\...\7129-7318-7633-3110) (Version: 4.2.2 - ActionPacked Networks) MB Cleaner (HKLM-x32\...\{0DFE77A9-44E0-4243-82AC-78A2CBB20F7E}) (Version: 1.1.0 - ARRIS Group, Inc.) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation) Microsoft Visio Compatibility Pack (HKLM-x32\...\{95150000-005B-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation) Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visio Viewer 2010 (HKLM-x32\...\{95140000-0052-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility) Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC) Mozilla Firefox 22.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 22.0 (x86 en-US)) (Version: 22.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 22.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) On Screen Display (HKLM\...\OnScreenDisplay) (Version: 6.71.03 - ) OnGuard 2013 (HKLM-x32\...\{A44BDA66-3D79-4BA2-B727-8AD85A3C4287}) (Version: 6.6.287 - Lenel Systems International Inc.) Online Plug-in (x32 Version: 13.1.0.89 - Citrix Systems, Inc.) Hidden Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PhotoScape (HKLM-x32\...\PhotoScape) (Version: - PhotoScape) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software) Prism Video File Converter (HKLM-x32\...\Prism) (Version: 2.10 - NCH Software) Quinta System Software version 1.2.3 (HKLM-x32\...\{B708E051-2DF2-46CE-BFAA-00F713998788}_is1) (Version: 1.2.3 - beyerdynamic Gmbh) RapidBoot Shield (HKLM\...\{5E2652DF-743F-482B-A593-C95F431A5769}) (Version: 1.23 - Lenovo) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6617 - Realtek Semiconductor Corp.) RICOH_Media_Driver_v2.14.18.01 (HKLM-x32\...\{FE041B02-234C-4AAA-9511-80DF6482A458}) (Version: 2.14.18.01 - RICOH) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.3.13052_10 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Savings Bond Wizard (HKLM-x32\...\Savings Bond Wizard) (Version: - ) Self-service Plug-in (x32 Version: 3.1.0.21744 - Citrix Systems, Inc.) Hidden Service Pack 1 for Microsoft Office 2013 (KB2817430) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC) SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com) System Center Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2700 - Broadcom Corporation) ThinkPad Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.65.05.20 - ) ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 3.0.34.0 - Lenovo) ThinkVantage Fingerprint Software (HKLM\...\{479016BF-5B8D-445F-BE15-A187F25D81C8}) (Version: 5.9.6.7084 - Authentec Inc.) TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc) TurboTax 2013 (HKLM-x32\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc) TurboTax 2014 (HKLM-x32\...\TurboTax 2014) (Version: 2014.0 - Intuit, Inc) Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version: - Microsoft) Verizon Download Manager (HKLM-x32\...\{E80D12A4-71F5-49E6-9598-6ADB0DBC7AE8}) (Version: 47 - SupportSoft) Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{A3070098-A41D-42D9-B6D3-2EF15285E719}) (Version: 2.14.0605 - Samsung Electronics Co., Ltd.) Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{B5300E76-AA13-4542-8E0E-776A280FE47E}) (Version: 2.14.0503 - Samsung Electronics Co., Ltd.) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation) Windows Firewall Configuration Provider (HKLM\...\{109A5A16-E09E-4B82-A784-D1780F1190D6}) (Version: 1.2.3412.0 - Microsoft Corporation) Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - ) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 1.10.8 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.10.8 - The Wireshark developer community, hxxp://www.wireshark.org) YouCam (x32 Version: 3.1.5324 - CyberLink Corp.) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\3277\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\x64\3\hpcdmc64.dll (HP) CustomCLSID: HKU\S-1-5-21-1830819319-1975652134-394877016-74296_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\mqc874\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {073B5CC6-6E9F-4BD2-AC25-8FF3663C63D7} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {1382CC51-E9F7-4220-B023-9851073D3159} - System32\Tasks\SUPERAntiSpyware Scheduled Task a8fe8680-abe2-45e8-8d8b-466c8abc0456 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {240B5A93-A4C0-4FF0-A3CD-A5FC775131D9} - System32\Tasks\G2MUploadTask-S-1-5-21-1830819319-1975652134-394877016-74296 => C:\Program Files (x86)\Citrix\GoToMeeting\4419\g2mupload.exe [2016-02-12] (Citrix Online, a division of Citrix Systems, Inc.) Task: {259233DC-58D0-4BB3-87D9-160BD201DD83} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {2654E8D4-64F4-467D-83C8-E6E8B68EDE96} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe Task: {2957108D-5DE6-4787-BD6D-BAA4FAB591C3} - System32\Tasks\G2MUpdateTask-S-1-5-21-1830819319-1975652134-394877016-74296 => C:\Program Files (x86)\Citrix\GoToMeeting\4419\g2mupdate.exe [2016-02-12] (Citrix Online, a division of Citrix Systems, Inc.) Task: {34E1E6D2-426D-47B5-B824-A564BF0AE68C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526UA => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {380BDB0B-E765-4330-9C6D-5527E764F03D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {3C056302-7118-4275-A713-AE1CFF9B5074} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069UA1cf8eeef8d4135a => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {46544FEA-E281-4622-83DE-7ED740D23147} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Idle Detection Task: {4F91490E-3C33-4AD1-801D-84C149537508} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: {515EB812-14E3-4426-A178-41A7B29D046E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526Core => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {5265EDB6-384B-49D6-A1C5-937E7B1E97F4} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: {5A882AE6-EF08-4CDE-9CE7-A5124EDEFF55} - System32\Tasks\{B4A48740-CFE6-4E2F-9153-B6C67ADE198E} => pcalua.exe -a "C:\Program Files (x86)\Wireshark\Wireshark.exe" -d C:\Users\mqc874 Task: {67D7662D-BD9D-45A4-B9CB-7DB4F011E7A5} - System32\Tasks\{BAE44836-4D46-4904-8EF2-011C1A0E61C5} => pcalua.exe -a "D:\language\ENU\USB Console Driver\CP2102_Installer.exe" -d "D:\language\ENU\USB Console Driver" Task: {87B4F4E0-E7B1-4061-BEB1-7837EEA865E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {9710B84B-3DB7-453E-96AC-5D63D26EC32D} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Client Upgrade Task => C:\Windows\ccmsetup\ccmsetup.exe [2015-06-25] (Microsoft Corporation) Task: {9D439FC3-2670-493F-BA96-F6719A562DDE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation) Task: {A7FCA400-9506-4454-8785-E75306650063} - System32\Tasks\Microsoft\Configuration Manager\Configuration Manager Health Evaluation => C:\Windows\CCM\ccmeval.exe [2015-04-14] (Microsoft Corporation) Task: {B085D290-8A5F-4CD3-8262-09EF70407937} - System32\Tasks\SUPERAntiSpyware Scheduled Task e98c4c5a-8f87-4354-b7ea-3b9df25865ab => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {B40DEDD2-E761-45AB-93E7-9EC160E9E0D3} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] () Task: {B921213F-7994-4D0A-8D3E-A3498BDC4BEE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069Core1cf8eeef8b826ea => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {C109B5AE-8D02-40A7-8D80-E6BD9B7A1A79} - System32\Tasks\DiskUpdate => C:\Drivers\Apps\Fix for Issue of HDD with HDP Detection\Diskupdt\DiskUpdate.exe [2009-02-10] () Task: {C8B2ECBF-5D3B-45D8-9C4C-38A62564C417} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {CBD6C08B-2A2F-47CA-91A9-856F338AA182} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-06-14] (CyberLink) Task: {D5A600C7-9066-4A5F-A005-39FE790D4161} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-11] (Adobe Systems Incorporated) Task: {DF4911AC-638C-4E23-AA66-3F160CF256C3} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-1830819319-1975652134-394877016-74296 => Rundll32.exe dfshim.dll,ShOpenVerbShortcut C:\Users\TEMP.ARRS.001\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms Task: {FC62654C-E045-4B07-A044-0E50E1054744} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1830819319-1975652134-394877016-74296.job => C:\Program Files (x86)\Citrix\GoToMeeting\4419\g2mupdate.exe Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1830819319-1975652134-394877016-74296.job => C:\Program Files (x86)\Citrix\GoToMeeting\4419\g2mupload.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526Core.job => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1503781981-2815224856-594536586-135526UA.job => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069Core1cf8eeef8b826ea.job => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2715536563-2913614024-2021022987-11069UA1cf8eeef8d4135a.job => C:\Users\mqc874\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task a8fe8680-abe2-45e8-8d8b-466c8abc0456.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task e98c4c5a-8f87-4354-b7ea-3b9df25865ab.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2013-04-26 05:47 - 2013-04-26 05:47 - 00234792 _____ () C:\Windows\ngmsi.dll 2013-05-06 09:37 - 2011-02-28 17:37 - 00095008 _____ () C:\Windows\System32\Primomonnt.dll 2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-11-10 15:45 - 2015-11-10 15:45 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2011-03-07 06:07 - 2011-03-07 06:07 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-10-16 08:41 - 2015-10-16 08:41 - 01613032 _____ () C:\Program Files\DisplayLink Core Software\AddOnApi64.dll 2015-03-05 02:42 - 2015-03-05 02:42 - 00050840 _____ () C:\Program Files (x86)\Genie Soft\Genie Wifi\MGCommon.dll 2012-10-10 14:45 - 2011-08-02 03:58 - 02201088 _____ () C:\Program Files\Lenovo\Communications Utility\cxcore210.dll 2012-10-10 14:45 - 2011-08-02 03:58 - 02085888 _____ () C:\Program Files\Lenovo\Communications Utility\cv210.dll 2013-01-12 05:35 - 2013-01-12 05:35 - 00181632 _____ () C:\Program Files (x86)\Common Files\Lenel\LnlCmn.Utilities.COM.dll 2012-10-22 02:17 - 2012-10-22 02:17 - 00142264 _____ () C:\Program Files (x86)\Common Files\Lenel Shared\LNVSuite Client Components\7.0\LnrBoschCapu.dll 2013-10-31 10:05 - 2013-10-31 10:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll 2011-04-27 12:22 - 2011-04-27 12:22 - 00031744 _____ () C:\Users\mqc874\AppData\Local\ATT Connect\Participant\IwRegVC90.dll 2011-04-21 10:10 - 2011-04-21 10:10 - 00418304 _____ () C:\Users\mqc874\AppData\Local\ATT Connect\Participant\exchndl.dll 2014-12-11 16:40 - 2014-12-11 16:40 - 40622592 ____R () C:\Program Files (x86)\Fitbit Connect\libcef.dll 2015-02-10 13:13 - 2015-02-10 13:13 - 01754296 _____ () C:\Program Files (x86)\Microsoft Office\Office15\tmpod.dll 2014-01-23 14:55 - 2014-01-23 14:55 - 00022696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\lynchtmlconvpxy.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll 2011-03-09 13:21 - 2011-03-09 13:21 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll 2012-10-10 14:41 - 2012-02-21 11:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-02-10 22:53 - 2016-02-09 06:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll 2016-02-10 22:53 - 2016-02-09 06:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7866 more sites. IE trusted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\arrisi.com -> hxxp://arris-mysites.arrisi.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-1830819319-1975652134-394877016-74296\...\123simsen.com -> www.123simsen.com There are 7864 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-08-26 15:08 - 2016-02-17 15:39 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1830819319-1975652134-394877016-74296\Control Panel\Desktop\\Wallpaper -> DNS Servers: 10.4.4.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{4FF054E8-8273-43F5-8626-305897E278B9}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{7038E8CB-7990-4DDB-AB25-8697C1BC1F55}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe FirewallRules: [{7FDE20A8-9FF6-45F6-8A68-EB38E89B01FB}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe FirewallRules: [{A249BC80-1B65-49AA-BA68-A05A4CD6DF32}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe FirewallRules: [{6EBFC7F8-F009-411E-AFC4-41B01B29D5CC}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe FirewallRules: [TCP Query User{E7E4D29C-BDE6-46AC-80FC-02B25483D6BE}C:\program files (x86)\polycom\polycom cma desktop\callcontrol.exe] => (Allow) C:\program files (x86)\polycom\polycom cma desktop\callcontrol.exe FirewallRules: [UDP Query User{5281E2AB-7E0A-4F63-ADAA-ADAD552A8F3A}C:\program files (x86)\polycom\polycom cma desktop\callcontrol.exe] => (Allow) C:\program files (x86)\polycom\polycom cma desktop\callcontrol.exe FirewallRules: [TCP Query User{1FEC54A0-241B-4E75-8EE9-936E9A25010C}C:\program files (x86)\polycom\polycom cma desktop\mediaprocessor.exe] => (Allow) C:\program files (x86)\polycom\polycom cma desktop\mediaprocessor.exe FirewallRules: [UDP Query User{1C79C0F9-7E4D-4634-B72C-E75EE2EF4FA4}C:\program files (x86)\polycom\polycom cma desktop\mediaprocessor.exe] => (Allow) C:\program files (x86)\polycom\polycom cma desktop\mediaprocessor.exe FirewallRules: [TCP Query User{09DCAEDB-9773-414D-8D37-176E25DF1B03}C:\program files (x86)\analogx\portmapper\pmapper.exe] => (Allow) C:\program files (x86)\analogx\portmapper\pmapper.exe FirewallRules: [UDP Query User{73A722E3-7E47-4B39-91CA-6D7D57D29D2A}C:\program files (x86)\analogx\portmapper\pmapper.exe] => (Allow) C:\program files (x86)\analogx\portmapper\pmapper.exe FirewallRules: [{4367D22D-A4B9-485A-A234-647E12C038BD}] => (Allow) C:\Windows\CCM\RemCtrl\CmRcService.exe FirewallRules: [{7D5B68C3-41F7-41B0-B1E9-C007BADF43EC}] => (Allow) C:\Program Files (x86)\OnGuard\AreaAccessManager.exe FirewallRules: [{4AC206B2-68BB-418D-9C38-BC6615A1A763}] => (Allow) C:\Program Files (x86)\OnGuard\AreaAccessManager.exe FirewallRules: [{4DBB3088-6233-49FB-9E6D-7141602F8359}] => (Allow) C:\Program Files (x86)\OnGuard\AreaAccessManager.exe FirewallRules: [{DE9B1D7D-12D4-4299-9EA8-AE67FD5F3625}] => (Allow) C:\Program Files (x86)\OnGuard\AreaAccessManager.exe FirewallRules: [{1DC29222-EC59-4C0E-870C-A9D9727736E4}] => (Allow) C:\Windows\SysWOW64\OPCENUM.EXE FirewallRules: [{F8523BED-FAFC-434C-9827-BCB7E5C1420B}] => (Allow) C:\Windows\SysWOW64\OPCENUM.EXE FirewallRules: [{5E9648EA-B860-49C3-AD89-81562DFD9E45}] => (Allow) C:\Windows\SysWOW64\OPCENUM.EXE FirewallRules: [{BF7A6EC3-EE43-4795-AB5A-7F33B74EBFE9}] => (Allow) C:\Windows\SysWOW64\OPCENUM.EXE FirewallRules: [{05C22742-3A32-4D8B-96FE-2B780F0337D0}] => (Allow) C:\Program Files (x86)\OnGuard\LnlPTZTourServer.exe FirewallRules: [{C63AE550-EA89-41D7-9923-95740D99518F}] => (Allow) C:\Program Files (x86)\OnGuard\LnlPTZTourServer.exe FirewallRules: [{145E913C-B89D-4D79-8812-F3C565618C07}] => (Allow) C:\Program Files (x86)\OnGuard\LnlPTZTourServer.exe FirewallRules: [{AE5B0611-3A6A-4C95-83EC-A3DCA7F7DB3C}] => (Allow) C:\Program Files (x86)\OnGuard\LnlPTZTourServer.exe FirewallRules: [{2FF62406-E282-4663-AFC4-AD1271282668}] => (Allow) C:\Program Files (x86)\OnGuard\LSLServer.exe FirewallRules: [{7FA134C0-3DDE-41A5-84C3-C8BB8867C17D}] => (Allow) C:\Program Files (x86)\OnGuard\LSLServer.exe FirewallRules: [{35593D57-77B3-4E87-A2F6-155D8F98C72A}] => (Allow) C:\Program Files (x86)\OnGuard\LSLServer.exe FirewallRules: [{D34DCA5D-F787-429A-BFE3-760F77F15B94}] => (Allow) C:\Program Files (x86)\OnGuard\LSLServer.exe FirewallRules: [{1E9C93EA-2B89-41FB-A756-1640A7FFC39B}] => (Allow) C:\Program Files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe FirewallRules: [{67AD5DC2-B63A-4201-B708-EC40B42F957C}] => (Allow) C:\Program Files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe FirewallRules: [{BC8F42BE-D2E3-4A48-A85D-B38653D526A0}] => (Allow) C:\Program Files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe FirewallRules: [{9A8BD8F6-827D-4A06-82AA-11117A22DC47}] => (Allow) C:\Program Files (x86)\OnGuard\Lnl.OG.AutoUpgrade.Client.exe FirewallRules: [{5414E7FD-9494-4A89-A05C-D1E1C598E750}] => (Allow) LPort=135 FirewallRules: [{C67FC032-F0AC-43B6-B32B-8265F6CC6C1A}] => (Allow) LPort=135 FirewallRules: [{5DD06196-EABC-4D14-8587-7C705806A5BF}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe FirewallRules: [{092F4368-72F0-44E3-98EA-FCBDCC135E1C}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe FirewallRules: [{D0139B9B-7064-44EA-84D7-C4C5CC926973}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{A2C1D91B-8846-411D-A6D1-BF9617FEB2ED}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{62F0AEFB-6340-454C-9200-D9B070506AA3}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{0CE916A0-A8E2-46B9-ABEB-EF22793A2C8D}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{B5AC9C89-C098-4480-86E3-76E42F503238}] => (Allow) C:\Windows\CCM\RemCtrl\CmRcService.exe FirewallRules: [{B769B8F3-D97B-456A-BA50-799E4C9C6307}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe FirewallRules: [{D847D125-F02D-438A-822A-250C0E8E60CF}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{26D17E82-CBA0-44D5-8FEE-E80B4E56CE43}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{46C54E80-8EC7-45F8-B358-0E9B641E8956}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{AD225BD1-DE12-4032-899F-57FEDB0AF7BB}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{F54E4B47-044F-4D14-B1A6-3ADC94FDC397}] => (Allow) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{5A4187A0-E26F-44FA-9DA8-E0E740195250}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{5E93E396-A059-4500-B354-B090574F9174}] => (Allow) C:\Program Files (x86)\Mobogenie3\mobogenieP2sp.exe FirewallRules: [{23E61130-43CF-4218-AA10-2DEA9FAE32FE}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jrrp.exe FirewallRules: [{AC46ADD6-E9B5-4387-87E0-C342D64C0CB3}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jrrp.exe FirewallRules: [{67E150DC-8DD7-43F4-BBAD-CC86B48B0593}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jbp.exe FirewallRules: [{66482EB2-CA6E-4C86-BF31-C784A8D1BCE1}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jbp.exe FirewallRules: [{7DBF4867-4DF9-4D97-BB98-A875F850E5A1}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jwmpp.exe FirewallRules: [{E141182F-7987-4FE7-A1F6-C6B9EA8917FB}] => (Allow) C:\Program Files (x86)\Applian Technologies\Replay Radio 9\jwmpp.exe FirewallRules: [{7022D35A-0D3F-480A-945C-158E47DA70C4}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe FirewallRules: [{E6209926-C4AC-47FF-AC50-723B977EEA4A}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe FirewallRules: [{3E912F52-F43E-4758-BDF3-B95FD0170069}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{3F165741-F1BC-4D3F-AF65-1305666CD62A}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{08BC5840-BA96-4F6A-BBFD-2C87D094B738}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{06F15003-89EC-4EA7-9A2A-BDE67463D535}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{78CE2E67-7913-404C-8975-85733F22D083}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{33513DD7-EF08-4E01-82EB-F9B2519E6339}] => (Allow) C:\Users\mqc874\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{A561E204-CEE5-46B3-ABCE-2830538783EE}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{E3CA09F6-CF9A-4DF3-910D-6515AF71969E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{9A20AB56-38FC-4F62-8D39-80E21D578E5A}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{36C029C5-1754-4F59-AD54-492B63B56BA5}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{117C308B-557A-4A73-96B0-6E8A65BCB114}] => (Allow) C:\Windows\CCM\RemCtrl\CmRcService.exe FirewallRules: [{9C9829E4-36FE-4AA4-A420-4B0D6131545F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{FAA1F31E-2C23-4ABE-B8E9-A05DFB31929D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{45AC55CD-6021-461F-85F4-7EE1ACD4F8B5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{60A5DC63-0F3A-4F48-AB66-8680EED2B1B8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C998D5EA-3E81-40F3-A51D-FF927EABC3FD}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{BEF4E068-FCEC-4715-A26B-811349D21EAE}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{C14065AB-8E53-44FA-8890-89D9D0A43B47}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{751CDE4F-65E1-48BE-8379-FBCADB7C6E9B}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{E67577DE-8CA2-40FF-91AB-395C4750C921}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{5DE6964D-7515-413E-BB0D-8C9BB42823B9}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{8ADAE537-17C5-419F-8DC7-4A3E817C3E4B}] => (Allow) C:\Users\mqc874\Downloads\dhcpsrv2.5.1\dhcpsrv.exe FirewallRules: [{DC883AA2-9906-4D2A-9C0C-6A90F01990F4}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{739B73B3-C68B-4632-87A6-45D285AE265E}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{FEDF22F8-8212-4784-AF05-2C1FF42B9BCE}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{74335C75-83DD-4155-BF40-4A43334BD091}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{99FD83BF-7116-4D85-91BF-ECCD20A29AF0}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{6A954337-E23C-4F5A-BE7E-B7E730B5BD9C}] => (Allow) C:\Users\mqc874\AppData\Local\Temp\Temp1_dhcpsrv2.5.1.zip\dhcpsrv.exe FirewallRules: [{12D0A2CB-CCAB-441B-A037-9AD963A877AE}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{BEA3F2F8-B3EA-4DF4-A79B-3AACE55F6882}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{D5B87909-2700-4C82-AD26-1AF16BBC8C37}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{58547D43-E708-450C-AB09-A7B62A79D29B}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{91D2C7E8-CCA0-43F9-888E-5E70377958E7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{573BF9FB-7714-48C6-B99D-91A7783DE93C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 17-02-2016 10:03:13 ComboFix created restore point ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/17/2016 09:08:25 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARRS) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (02/17/2016 08:57:37 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/17/2016 02:08:32 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARRS) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (02/17/2016 10:22:39 AM) (Source: Self-service Plug-in) (EventID: 0) (User: ) Description: Self-service Plug-in exited unexpectedly. Exception was Illegal operation attempted on a registry key that has been marked for deletion at System.Diagnostics.Process.StartWithShellExecuteEx(ProcessStartInfo startInfo) at System.Diagnostics.Process.Start() at System.Diagnostics.Process.Start(ProcessStartInfo startInfo) at System.Diagnostics.Process.Start(String fileName, String arguments) at DazzlePlugin.ARForm.TimerPoll() at DazzlePlugin.ARForm.RefreshTimerTick(Object sender, EventArgs e) at System.Windows.Forms.Timer.OnTick(EventArgs e) at System.Windows.Forms.Timer.TimerNativeWindow.WndProc(Message& m) at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam). Error: (02/17/2016 10:00:05 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/17/2016 09:08:04 AM) (Source: MsiInstaller) (EventID: 11714) (User: ARRS) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (02/17/2016 08:52:12 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/16/2016 07:24:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/16/2016 02:08:36 PM) (Source: MsiInstaller) (EventID: 11714) (User: ARRS) Description: Product: Google Talk Plugin -- Error 1714. The older version of Google Talk Plugin cannot be removed. Contact your technical support group. System Error 1612. Error: (02/16/2016 01:36:21 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (02/17/2016 08:59:56 PM) (Source: TermService) (EventID: 1067) (User: ) Description: The terminal server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted. . Error: (02/17/2016 08:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/17/2016 08:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/17/2016 08:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{B019CAE0-D910-410F-AD15-5AFA0E58DF61}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/17/2016 08:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/17/2016 08:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{B019CAE0-D910-410F-AD15-5AFA0E58DF61}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/17/2016 08:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/17/2016 08:59:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{05D1D5D8-18D1-4B83-85ED-A0F99D53C885}{AD65A69D-3831-40D7-9629-9B0B50A93843}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/17/2016 08:58:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (02/17/2016 08:58:18 PM) (Source: Microsoft-Windows-GroupPolicy) (EventID: 1129) (User: ARRS) Description: The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain controller and Group Policy has succesfully processed. If you do not see a success message for several hours, then contact your administrator. CodeIntegrity: =================================== Date: 2016-02-17 20:58:56.696 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-17 15:38:53.397 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-17 15:38:53.371 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-17 10:01:17.256 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-17 08:53:27.025 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-16 19:26:44.815 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-16 13:37:40.491 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-16 09:16:34.662 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 20:32:31.285 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-15 16:35:09.177 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz Percentage of memory in use: 46% Total physical RAM: 3792.79 MB Available physical RAM: 2010.87 MB Total Virtual: 7583.79 MB Available Virtual: 4817.72 MB ==================== Drives ================================ Drive c: (System) (Fixed) (Total:167.68 GB) (Free:11.82 GB) NTFS ==>[drive with boot components (obtained from BCD)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 167.7 GB) (Disk ID: 5E8ECD54) Partition 1: (Active) - (Size=167.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================