Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-02-2016 Ran by Philip (2016-02-20 11:22:36) Running from C:\Users\Philip\Desktop Windows 10 Home (X64) (2015-08-04 01:35:23) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-639460975-812874640-734877944-500 - Administrator - Disabled) ASPNET (S-1-5-21-639460975-812874640-734877944-1004 - Limited - Enabled) DefaultAccount (S-1-5-21-639460975-812874640-734877944-503 - Limited - Disabled) Guest (S-1-5-21-639460975-812874640-734877944-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-639460975-812874640-734877944-1002 - Limited - Enabled) Philip (S-1-5-21-639460975-812874640-734877944-1000 - Administrator - Enabled) => C:\Users\Philip ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ArcSoft Print Creations - Album Page (HKLM-x32\...\{E6B4117F-AC59-4B13-9274-EB136E8897EE}) (Version: - ArcSoft) ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft) ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft) ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft) ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft) ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft) ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version: - ArcSoft) ArcSoft Print Creations (HKLM-x32\...\{CAE8A0F1-B498-4C23-95FA-55047E730C8F}) (Version: 2.8.255.384 - ArcSoft) Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software) BerBible (HKLM-x32\...\BerBible) (Version: 2.41 - LaSofStuf) BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden C4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden c4200_Help (x32 Version: 82.0.210.000 - Hewlett-Packard) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) CCScore (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.) D110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Digital Voice Editor 3 (HKLM-x32\...\{6CCC133E-9A2F-4CAA-8866-75D029CD3AB3}) (Version: 3.3.01.11240 - Sony Corporation) DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard) DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden Elevated Installer (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden ESSBrwr (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden ESSCDBK (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden ESScore (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden ESSgui (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden ESSini (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden ESSPCD (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden ESSPDock (x32 Version: 6.03.0001.0004 - EASTMAN KODAK Company) Hidden ESSTOOLS (x32 Version: 5.00.0000.0004 - EASTMAN KODAK Company) Hidden essvatgt (x32 Version: 8.00.0000.0001 - EASTMAN KODAK Company) Hidden Extended Update (HKU\S-1-5-21-639460975-812874640-734877944-1000\...\Digital Sites) (Version: - Extended Update) <==== ATTENTION fflink (x32 Version: 6.02.1001.0001 - EASTMAN KODAK Company) Hidden File Opener Packages (HKU\S-1-5-21-639460975-812874640-734877944-1000\...\File Opener Packages) (Version: - ) <==== ATTENTION Free YouTube Downloader 4.0.305 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.) Garmin Express (HKLM-x32\...\{0733d53f-b41d-47cc-b336-d95751c4b2cb}) (Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Garmin Express (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden Garmin Express Tray (x32 Version: 4.1.16.0 - Garmin Ltd or its subsidiaries) Hidden GeoVision ADPCM (HKLM-x32\...\GeoADPCM) (Version: - ) GeoVision Audio (HKLM-x32\...\GeoAudio) (Version: - ) GeoVision H264 (HKLM-x32\...\Codec_264) (Version: - ) GeoVision JPEG (HKLM-x32\...\Codec_jpeg) (Version: - ) GeoVision MJPG (HKLM-x32\...\Codec_MJPG) (Version: - ) GeoVision MPEG4 (HKLM-x32\...\GEOXCodec) (Version: - ) GeoVision MPEG4 ASP (HKLM-x32\...\Codec_amp4) (Version: - ) GeoVision MPEG4 AVC (HKLM-x32\...\Codec_AVC) (Version: - ) GeoVision MXPG (HKLM-x32\...\Codec_MXPG) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden GPL Ghostscript (HKLM\...\GPL Ghostscript 9.07) (Version: 9.07 - Artifex Software Inc.) HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard) HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard) HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard) HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard) HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard) HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard) HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard) HP Photosmart C4200 All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{14BC5667-22B0-4DC4-8205-597053BBDDC9}) (Version: 13.0 - HP) HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{DBC1DE57-B55A-4D57-9769-1DB9BE506AF7}) (Version: 14.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{E2CB09C1-3C76-4395-BB47-50C066535CF8}) (Version: 12.0.30.473 - HP) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard) HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden kgcbaby (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden kgchday (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden kgchlwn (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden kgcinvt (x32 Version: 5.03.0000.0003 - EASTMAN KODAK Company) Hidden kgckids (x32 Version: 6.03.0001.0001 - EASTMAN KODAK Company) Hidden kgcmove (x32 Version: 6.03.0001.0001 - EASTMAN KODAK Company) Hidden kgcvday (x32 Version: 5.03.0000.0002 - EASTMAN KODAK Company) Hidden Kodak EasyShare software (HKLM-x32\...\{D32470A1-B10C-4059-BA53-CF0486F68EBC}) (Version: - Eastman Kodak Company) LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden LightScribe System Software (HKLM-x32\...\{F132000C-1CBA-458F-BF2F-FD43D59410F9}) (Version: 1.18.27.10 - LightScribe) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard) Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyDVD-VR Recorder (x32 Version: 1.0 - Sonic) Hidden netbrdg (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9739 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation) NVIDIA ForceWare Network Access Manager (HKLM-x32\...\{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}) (Version: 1.00.7330.0 - NVIDIA Corporation) OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OfotoXMI (x32 Version: 8.03.0000.0001 - EASTMAN KODAK Company) Hidden PaperPort 8.0 SE (HKLM-x32\...\{AEF2D1F3-0696-11D5-8E6A-00C04F7FA234}) (Version: 1.0.0.0000 - ScanSoft, Inc.) PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.) PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Pogoplug PC (HKLM\...\PogoplugPC) (Version: 1.1.14 - Cloud Engines Inc.) Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4022 - CyberLink Corp.) Power2Go (x32 Version: 6.1.4022 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2906 - CyberLink Corp.) PowerDirector (x32 Version: 8.0.2906 - CyberLink Corp.) Hidden PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden PS_AIO_Software_min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden Roxio Easy Media Creator 9 Suite (HKLM-x32\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.546 - Roxio) Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden Scribus 1.4.3 (HKLM-x32\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team) SFR (x32 Version: 8.01.0000.0001 - Eastman Kodak Company) Hidden SHASTA (x32 Version: 7.01.0000.0001 - EASTMAN KODAK Company) Hidden skin0001 (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden SKINXSDK (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden Sonic MyDVD-VR (HKLM-x32\...\InstallShield_{897CA0D9-948F-4E5B-A20E-535E1060D3E6}) (Version: 1.0 - Sonic) Sound Organizer (HKLM-x32\...\{1452627B-3FC3-4979-A11A-C5F877D8286E}) (Version: 1.6.0.07210 - Sony Corporation) staticcr (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VPRINTOL (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) WIRELESS (x32 Version: 8.02.0000.0001 - EASTMAN KODAK Company) Hidden X264 (HKLM-x32\...\Codec_X264) (Version: - ) Xingtone Ringtone Maker (HKLM-x32\...\{625304B0-2976-473B-AD81-5CA376093F03}) (Version: 4.2.19 - Xingtone) XVID (HKLM-x32\...\Codec_XVID) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00505FF0-E928-420C-8DA5-97CDE79B53BD} - System32\Tasks\SpeedFixToolSoftware_Popup => C:\Program Files (x86)\Speed Fix Tool Software\Splash.exe Task: {02D91BEF-3A26-4129-AA00-60364263828A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company) Task: {0614E216-9586-4DC9-9417-9663E71FFA81} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {0698A421-BA70-4236-BE7B-2A746840404E} - \Test TimeTrigger -> No File <==== ATTENTION Task: {09BABDC9-99EA-4465-A940-77FF89F54D12} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-07] (Dropbox, Inc.) Task: {09DD22EA-249F-4834-94E9-2F324E944E0D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {0E8551ED-005D-40C6-90E3-80D5843F8DBB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {11AF3AA0-A9DB-4F38-8EDD-306D6180CFF7} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {1310B42C-525D-49D6-BCE0-09D1BB6B1523} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {1456B46F-A247-4C2C-8653-93B8C827FC5F} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-07] (Dropbox, Inc.) Task: {1706F8DD-8668-440E-B22C-E92ABD6DA2AF} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {1783E824-100B-4B39-9E3B-E6F94844C9E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe Task: {17F73DFC-DCD3-4BD9-9BEC-30234BAA7C91} - \Only-search -> No File <==== ATTENTION Task: {1AFCEDCC-2A0D-4695-BF1D-C31BB9199D40} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard) Task: {27C411B7-E322-486B-938E-48EF225CFC07} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {2F0B2903-9F5B-4E96-8394-51698C1980DD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {351F3C64-F585-4C33-BF7B-90CA8F288023} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {35946DAF-22EF-4486-98A6-039BE6992D5F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {3691FF85-D708-409B-BE7A-284ADA2BCFB2} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {392AAB2B-15F7-48B1-B07E-0BE480D834F6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {40D0A9FA-78DC-4284-A82A-38A059DDFD4F} - System32\Tasks\Driver Booster SkipUAC (Philip) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {4174D0B1-D662-4442-BE05-E74FDA7AB687} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {4312DFEF-6E07-4F86-BC8F-68B9BE54654D} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-01-28] () Task: {56E1AD91-2C83-4A50-BB32-B5CCEB3762A6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {5BD0BC53-AA00-4823-9473-D55798540212} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {5C23735B-1122-4F15-B170-89C1F7409A8D} - System32\Tasks\{6D0103AF-6F33-4C54-BD2B-FFAB8DE252B9} => pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare 7\SecurityHole_Backup\KB2467173.exe" -d C:\Windows\system32 -c /quiet /norestart Task: {5C5D937A-68CC-4B09-95AA-393ACFD90B58} - System32\Tasks\avastBCLRestartS-1-5-21-639460975-812874640-734877944-1000 => Chrome.exe Task: {694F780A-553E-4771-A952-F20C1AF3087E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-19] (Microsoft Corporation) Task: {69B7AFF5-E1DC-464B-BD98-780906C53408} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {72D25743-AA3E-4476-BD77-F0AD4EF63224} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.) Task: {75E207A5-0575-446A-974A-D178024369F1} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {7B0DFFF0-6088-41CF-A75A-878BA845C91F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {7B2BFF7F-F1AC-48C6-89A0-5A9AFE3B34EC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {8465E2C1-36AD-4EA3-8ECA-5C561635B621} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {86F416AC-443F-4B40-B4A1-34EAD02939BF} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe Task: {9389671E-A3CE-4626-ACF0-B1DCE16DED5D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {9730BF4E-B078-4657-B1D6-89B66760A931} - System32\Tasks\Uninstaller_SkipUac_Philip => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe Task: {9D68AD1A-3850-45B6-BC03-009D74EB709E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {A1D35F98-7D4F-4EC2-9239-00601DC46FCE} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {A489B528-91C6-4184-A0AF-723508AC6495} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {A894259E-D7D0-41BB-AED3-1D8F66401E39} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {ADE3A310-7B95-4665-B4EF-598AB49C151D} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] () Task: {AFDA4FCB-849F-49E0-AC6A-9AF99D238E46} - System32\Tasks\{33C559CA-E8B3-45B6-8CCC-5DC2EDB8D57F} => pcalua.exe -a F:\Setup.exe -d F:\ Task: {B053EC82-AEA9-483A-AD51-485C32ED7D50} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-30] (AVAST Software) Task: {B0FB044E-C79D-45A7-8A1A-062D6A0BBE14} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {B10439E1-E185-4DB2-807B-DD6AC98B530E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {B6E317D1-CC76-4435-8634-1D2B46764574} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {B92A5C1F-2083-497F-B44F-60F380623673} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {B981BCFB-32FA-42EE-B838-B59BE6E051A1} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] () Task: {BB82A9AB-B99A-4D18-B96A-1A756FC106A4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-13] (Google Inc.) Task: {BC838727-5365-48B0-88F0-AC4478CF7933} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {C4B4BB85-3123-4476-B7C1-5833EA1A03F2} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {C4D5D3CC-58F8-43D2-AC4F-FA91F4439F57} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {C9F10005-5314-4640-BBAC-B7815B40AB05} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {CE3778CA-4B76-493D-BDD5-F48AAA2A1B6A} - System32\Tasks\{0946B3FD-C7EF-4455-ABAA-47FE6CB61B6C} => pcalua.exe -a "C:\Program Files\DomaIQ Uninstaller\DomaIQUninstall.exe" Task: {D27836F0-6DD0-4826-8F30-EED415CE822F} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] () Task: {D75219D2-29CB-43C3-B4F4-05181EB8753E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {DC12AA39-FB94-4A48-B7D9-41BC5B2804C4} - System32\Tasks\EasyShare Registration Task => Rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.20.1.sxt _RegistrationOffer@16 Task: {E111B6F5-600C-4B29-96AA-96F4A661A027} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-02] (Adobe Systems Incorporated) Task: {E8FA7856-F1C0-48C9-88EE-4613503C97E8} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F809B3DB-23B7-4759-B88C-17638039582F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {FAE16E51-0B80-4FD5-8CD0-313C90870864} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {FC168DBD-8327-4CC8-BEBE-28B294DC8806} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FD66ECF2-E748-4178-9DBA-A8C7B3648511} - System32\Tasks\SpeedFixToolSoftware_Start => C:\Program Files (x86)\Speed Fix Tool Software\SpeedFixToolSoftware.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\EasyShare Registration Task.job => C:\Windows\system32\rundll32.exeZC:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.20.1.sxt Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-07-10 06:00 - 2015-07-10 06:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-08-03 23:39 - 2015-08-03 23:39 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-10-17 14:08 - 2015-08-11 04:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-10-17 14:14 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-17 14:14 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-17 14:14 - 2015-09-17 00:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll 2015-12-09 15:09 - 2015-11-24 23:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-12-09 15:09 - 2015-11-24 23:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll 2015-12-09 15:11 - 2015-11-24 23:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-12-09 15:10 - 2015-11-24 23:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-17 14:14 - 2015-09-17 00:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-10-17 14:08 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-30 23:06 - 2015-12-30 23:06 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-12-30 23:06 - 2015-12-30 23:06 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-02-19 18:17 - 2016-02-19 18:17 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16021901\algo.dll 2015-12-30 23:06 - 2015-12-30 23:06 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-02-20 10:15 - 2016-02-20 10:15 - 02835968 _____ () C:\Program Files\AVAST Software\Avast\defs\16022000\algo.dll 2015-12-30 23:06 - 2015-12-30 23:06 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-02-19 20:51 - 2016-01-12 13:44 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-02-19 20:50 - 2016-01-12 13:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2016-02-19 20:50 - 2016-01-12 13:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2016-02-19 20:51 - 2016-01-12 13:44 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2016-02-19 20:51 - 2016-01-12 13:44 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2016-02-19 20:51 - 2016-01-12 13:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2016-02-19 20:50 - 2016-01-12 13:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2016-02-19 20:51 - 2016-02-16 13:39 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2016-02-19 20:51 - 2016-01-12 13:44 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-02-19 20:50 - 2016-02-16 13:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2016-02-19 20:51 - 2016-01-12 13:45 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-02-19 20:50 - 2016-02-16 13:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-02-19 20:50 - 2016-02-16 13:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2016-02-19 20:50 - 2016-01-12 13:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2016-02-19 20:51 - 2016-01-12 13:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2016-02-19 20:51 - 2016-01-12 13:47 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2016-02-19 20:51 - 2016-01-12 13:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2016-02-19 20:51 - 2016-01-12 13:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2016-02-19 20:51 - 2016-01-12 13:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2016-02-19 20:51 - 2016-01-12 13:47 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2016-02-19 20:51 - 2016-01-12 13:47 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2016-02-19 20:51 - 2016-01-12 13:47 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2016-02-19 20:51 - 2016-01-12 13:47 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-02-19 20:51 - 2016-01-12 13:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2016-02-19 20:51 - 2016-01-12 13:47 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-02-19 20:50 - 2016-02-16 13:38 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-02-19 20:50 - 2016-01-12 13:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-02-19 20:50 - 2016-02-16 13:39 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-02-19 20:50 - 2015-11-04 19:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2016-02-19 20:51 - 2016-02-16 13:39 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2016-02-19 20:51 - 2016-01-12 13:44 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2016-02-19 20:50 - 2016-01-12 13:44 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-02-19 20:50 - 2016-01-12 13:45 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-02-19 20:50 - 2016-02-16 13:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2016-02-19 20:51 - 2016-01-12 13:47 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-02-19 20:51 - 2016-02-16 13:39 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2016-02-19 20:50 - 2016-02-16 13:39 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2016-02-19 20:51 - 2016-01-12 13:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2016-02-19 20:50 - 2016-01-12 13:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2016-02-19 20:50 - 2016-01-12 13:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2016-02-19 20:51 - 2016-02-16 13:39 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2016-02-19 20:50 - 2016-02-16 13:39 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2016-02-19 20:51 - 2016-01-12 13:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-02-19 20:03 - 2016-02-17 23:15 - 16808600 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:F2721624 ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-639460975-812874640-734877944-1000\...\100sexlinks.com -> 100sexlinks.com There are 4788 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:34 - 2014-10-09 06:13 - 00000098 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-639460975-812874640-734877944-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Philip\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\transcodedwallpaper.jpg DNS Servers: 192.168.0.1 - 205.171.3.26 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: ACDaemon => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: AxInstSV => 3 MSCONFIG\Services: bthserv => 3 MSCONFIG\Services: Fax => 3 MSCONFIG\Services: ForceWare Intelligent Application Manager (IAM) => 2 MSCONFIG\Services: Garmin Device Interaction Service => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: HBAdmin => 2 MSCONFIG\Services: hidserv => 3 MSCONFIG\Services: LightScribeService => 2 MSCONFIG\Services: nSvcIp => 2 MSCONFIG\Services: PACSPTISVR-Sound_Organizer => 3 MSCONFIG\Services: RasAuto => 3 MSCONFIG\Services: RasMan => 3 MSCONFIG\Services: RemoteRegistry => 3 MSCONFIG\Services: Roxio UPnP Renderer 9 => 3 MSCONFIG\Services: Roxio Upnp Server 9 => 2 MSCONFIG\Services: RoxLiveShare9 => 2 MSCONFIG\Services: RoxMediaDB9 => 3 MSCONFIG\Services: RoxWatch9 => 2 MSCONFIG\Services: RpcLocator => 3 MSCONFIG\Services: stllssvr => 3 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Reminder.lnk => C:\Windows\pss\Event Reminder.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Kodak EasyShare software.lnk => C:\Windows\pss\Kodak EasyShare software.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Philip^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: DMXLauncher => "C:\Program Files (x86)\Roxio\Media Experience\DMXLauncher.exe" MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: HPAdvisorDock => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe MSCONFIG\startupreg: IndexSearch => C:\Program Files (x86)\Scansoft\PaperPort\IndexSearch.exe MSCONFIG\startupreg: ISUSPM => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler MSCONFIG\startupreg: ISUSPM Startup => c:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden MSCONFIG\startupreg: PogoplugPC => "C:\Program Files (x86)\PogoplugPC\ppserver.exe" --starthidden MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKU\S-1-5-21-639460975-812874640-734877944-1000\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-639460975-812874640-734877944-1000\...\StartupApproved\Run: => "GarminExpressTrayApp" HKU\S-1-5-21-639460975-812874640-734877944-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-639460975-812874640-734877944-1000\...\StartupApproved\Run: => "Uninstall C:\Users\Philip\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{8851A981-CB82-415C-BC93-7ADC1BC8D8AD}] => (Allow) C:\Program Files (x86)\PogoplugPC\PPSERVER.EXE FirewallRules: [{A2C1852F-68CA-4425-8E0A-8EE851C6A4EC}] => (Allow) C:\Program Files (x86)\PogoplugPC\PPSERVER.EXE FirewallRules: [{AA741059-3B6F-471D-A2F7-F201A4633E35}] => (Allow) C:\Program Files (x86)\PogoplugPC\PPSERVER.EXE FirewallRules: [{5AE9F53C-99A1-4E82-B145-B02C1E38A07E}] => (Allow) C:\Program Files (x86)\PogoplugPC\PPSERVER.EXE FirewallRules: [{D5D31ADF-A31A-4F60-96CA-53E91DE122BC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{20F71518-D54A-4718-A577-DA34D7D90BA4}] => (Allow) E:\setup\hpznui40.exe FirewallRules: [{DB7EC269-9093-4181-A2E2-87AF133A47F1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{FAC19ED6-7EE4-4017-B57D-A42F1619AA2C}] => (Allow) LPort=1900 FirewallRules: [{D6B4C133-5A73-42BB-A340-12E347EA20BD}] => (Allow) LPort=2869 FirewallRules: [{A6F0AB9C-9568-4DA8-86C5-0BFB65F7CC05}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{BC7BAF0A-A5F4-45D4-9CB4-F2174577674C}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{62012CB3-9369-48FF-AF6E-1FA659D2D3CF}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{4CE2B9C3-88FA-41A6-AC93-346EE6000155}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{690831A1-50B2-4C18-BF5F-99EEE1B7FA24}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{272CDD14-17E8-47CC-9DDF-30A5ECD98E9C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{4320D996-4DBC-4B44-BF84-555702366650}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{5126047E-C5F0-4A0C-A6CD-1F1A4AF585F5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe FirewallRules: [{813E4DA0-6479-496D-B652-27C31BD51918}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe FirewallRules: [{7E328AE2-ADA0-4FF2-9D86-C08381DB0F5C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe FirewallRules: [{E25E0511-4346-493A-9B20-F242DA9037CB}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{F3CA5410-E635-48E7-8F18-A6A4723514FA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{C3B8CC51-5F27-420A-A717-1A0ABB792CF6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{E19DCA82-6DA9-4819-8140-CA6880CCCE43}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{BAFD490B-1B96-46C3-A1F8-897B88B65FF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{AA1CEA63-8332-4F55-AE4D-E970622F1EAD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{4318C4D2-028A-4292-AAC9-E223EADF541C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{3CA582C2-7BD3-4253-AA72-89C381EDD5B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{FD7CC0C8-4C8C-409B-996C-493D0F23B83A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{8FE3052C-1D2D-4A25-A5C9-4B82CA3FF9D3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{F413CF23-FBF3-40E4-91DA-AF714610C4C4}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{7AA9B531-8FE1-47D9-AA30-E5EA96726B17}] => (Allow) svchost.exe FirewallRules: [{5E660EED-E5CC-4FB8-AF2E-2413CE5CF6B6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{3A4AA022-AB72-4670-9634-4241ED823756}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe FirewallRules: [{B75ECFBA-D37F-4BAE-9C33-E78BA06A16F4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe FirewallRules: [{50736050-3D2D-475C-9E17-798764D819C4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe FirewallRules: [{E6B55E67-6655-440E-BFA1-DD4438BB2A46}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe FirewallRules: [{D544AE79-49CD-4C22-9237-185A4A8D584F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe FirewallRules: [{7B6D146C-62DE-4F56-BB2C-FA2F7D02BEAA}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe FirewallRules: [{216F593C-14D1-4E30-AAFE-05F71CD09FEF}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE FirewallRules: [{551315E9-FA43-4217-BB22-8DEB64882E7F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{3ACA59BB-F55C-4901-B558-3E81718EDD49}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 25-01-2016 12:16:08 Windows Update 29-01-2016 21:44:55 Windows Update 02-02-2016 08:44:41 Garmin Express 12-02-2016 09:59:40 Windows Update 12-02-2016 10:04:07 Windows Update 19-02-2016 18:32:20 Windows Update ==================== Faulty Device Manager Devices ============= Could not list Devices. Check "winmgmt" service or repair WMI. ==================== Event log errors: ========================= Application errors: ================== Error: (02/20/2016 10:42:16 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHILIP-HP) Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147023169 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/20/2016 10:42:16 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program ShellExperienceHost.exe version 10.0.10240.16515 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1578 Start Time: 01d16bf1f9d57eec Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Report Id: 7cd74c09-d7e8-11e5-9be1-7071bcc95541 Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (02/20/2016 10:18:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHILIP-HP) Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147024891 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/20/2016 10:18:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PHILIP-HP) Description: Package Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend. Error: (02/20/2016 10:18:37 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program ShellExperienceHost.exe version 10.0.10240.16515 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 88 Start Time: 01d16bf05b61cf29 Termination Time: 4294967295 Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Report Id: 2905b995-d7e5-11e5-9be1-7071bcc95541 Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (02/20/2016 10:12:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHILIP-HP) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/20/2016 10:09:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHILIP-HP) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/20/2016 10:09:26 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHILIP-HP) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/19/2016 10:41:35 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.10240.16603 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: c30 Start Time: 01d16b6d8e755163 Termination Time: 0 Application Path: C:\Windows\explorer.exe Report Id: 5953773b-d780-11e5-9be1-7071bcc95541 Faulting package full name: Faulting package-relative application ID: Error: (02/19/2016 10:28:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PHILIP-HP) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (02/20/2016 10:23:03 AM) (Source: DCOM) (EventID: 10010) (User: PHILIP-HP) Description: {005A3A96-BAC4-4B0A-94EA-C0CE100EA736} Error: (02/20/2016 10:12:12 AM) (Source: DCOM) (EventID: 10010) (User: PHILIP-HP) Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca Error: (02/20/2016 10:09:26 AM) (Source: DCOM) (EventID: 10001) (User: PHILIP-HP) Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca31CortanaUI.AppXr0dtzccx33hvam1xwfz3c1354p6222qd.mcaUnavailableUnavailable Error: (02/20/2016 10:09:26 AM) (Source: DCOM) (EventID: 10010) (User: PHILIP-HP) Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca Error: (02/19/2016 10:57:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/19/2016 10:57:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/19/2016 10:57:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/19/2016 10:57:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (02/19/2016 10:28:22 PM) (Source: DCOM) (EventID: 10010) (User: PHILIP-HP) Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca Error: (02/19/2016 10:21:02 PM) (Source: DCOM) (EventID: 10001) (User: PHILIP-HP) Description: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca31CortanaUI.AppXr0dtzccx33hvam1xwfz3c1354p6222qd.mcaUnavailableUnavailable CodeIntegrity: =================================== Date: 2016-02-19 18:28:36.261 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-29 17:38:06.825 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-18 18:59:11.022 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-18 18:56:02.144 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-18 18:51:53.324 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-18 18:12:42.733 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-18 12:01:14.619 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-15 21:22:22.767 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-11 08:06:30.015 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-01-04 10:36:09.372 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\RxFilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: AMD Sempron(tm) 145 Processor Percentage of memory in use: 87% Total physical RAM: 1791.3 MB Available physical RAM: 218.33 MB Total Virtual: 2687.3 MB Available Virtual: 1159.08 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:285.01 GB) (Free:168.08 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (HP_RECOVERY) (Fixed) (Total:12.54 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 298.1 GB) (Disk ID: F5B63439) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=285 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=12.5 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================