Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by MohammadMutehir (2016-03-20 12:59:48) Running from C:\Users\MohammadMutehir\Desktop Windows 10 Home Version 1511 (X64) (2015-12-06 14:21:13) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-554739248-862141351-3468069622-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-554739248-862141351-3468069622-503 - Limited - Disabled) Guest (S-1-5-21-554739248-862141351-3468069622-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-554739248-862141351-3468069622-1005 - Limited - Enabled) MohammadMutehir (S-1-5-21-554739248-862141351-3468069622-1002 - Administrator - Enabled) => C:\Users\MohammadMutehir ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-554739248-862141351-3468069622-1002\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.) 4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{66AFB595-BC05-2913-7696-6D58F9B733E1}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks) Any Send 1.0 (x64) (Version: 1.0.0 - Adylitica) Hidden Any Send for Windows (HKLM-x32\...\{51142af8-bc9b-44c1-b78d-9e6c453b3022}) (Version: 1.0.0 - Adylitica, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden Bejeweled 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden BitTorrent (HKU\S-1-5-21-554739248-862141351-3468069622-1002\...\BitTorrent) (Version: 7.9.5.41866 - BitTorrent Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.) Curse at Twilight (x32 Version: 3.0.2.51 - WildTangent) Hidden CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.8.4420 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.3.5715 - CyberLink Corp.) Cyberlink PhotoDirector (Version: 5.0.3.5715 - CyberLink Corp.) Hidden CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.8.4316 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3110 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.1.3110 - CyberLink Corp.) Hidden CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.) Delicious - Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden Dragon Ball Xenoverse - Bundle Edition (HKLM-x32\...\Dragon Ball Xenoverse - Bundle Edition_is1) (Version: - ) Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company) Evernote v. 5.3 (HKLM-x32\...\{E461B1AC-BC3C-11E3-B5B8-00163E98E7D6}) (Version: 5.3.0.3360 - Evernote Corp.) Farm Frenzy (x32 Version: 3.0.2.59 - WildTangent) Hidden Fishdom 3: Collector's Edition (x32 Version: 3.0.2.38 - WildTangent) Hidden Foxit PhantomPDF (HKLM-x32\...\{89BF1D4D-1D62-451E-9496-B971BDE82720}) (Version: 6.0.33.715 - Foxit Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company) HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{9D7BFF2A-F810-4E35-BE2C-A6CB4B9202DB}) (Version: 1.2.0.0 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7745.4851 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.27 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.2.8.25 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.2.8.17 - Hewlett-Packard Company) HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{E8F2076D-1885-4A0F-83D8-77B1F9D384CE}) (Version: 2.5.2 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard) iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.) iExplorer 3.8.2.0 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC) Inst5675 (Version: 8.01.27 - Softex Inc.) Hidden Inst5676 (Version: 8.01.27 - Softex Inc.) Hidden iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.) Jewel Match 3 (x32 Version: 3.0.2.59 - WildTangent) Hidden Joining Hands 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden Lost in Reefs 2 (x32 Version: 3.0.2.51 - WildTangent) Hidden LUXOR Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Mozilla Firefox 42.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-GB)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla) OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation) Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden Penguins! (x32 Version: 3.0.2.59 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.11-r110387-release - Plays.tv, LLC) Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Raptr (HKLM-x32\...\Raptr) (Version: 5.0.3-r110001-release - Raptr, Inc) REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.24 - REALTEK Semiconductor Corp.) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.59 - REALTEK Semiconductor Corp.) Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Solitaire Mystery Four Seasons (x32 Version: 3.0.2.51 - WildTangent) Hidden swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Viking Saga (x32 Version: 3.0.2.48 - WildTangent) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App for HP (x32 Version: 4.0.11.9 - WildTangent) Hidden Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-554739248-862141351-3468069622-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\MohammadMutehir\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0532E172-A9E8-45D1-A0ED-F4CED4566035} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard) Task: {1B4FEC03-C61E-4D8C-820F-EB1FD4F0FF71} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2014-09-27] (Hewlett-Packard) Task: {203D7705-EC84-4ABB-BE62-327FD8DA7E6A} - System32\Tasks\Ugejakau => C:\PROGRA~1\SHOPPE~1\Puuinf.bat Task: {2AD67659-6703-44E2-9B36-D7B6DE3EB840} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {30F6DB43-6544-4461-928F-FF8795C87786} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {3361375B-E1A8-4721-AE83-98E0BDFD58AF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {3E5684A4-EEC0-4E45-A0E9-CA077DA95CBB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {4585E2B7-3155-47EC-9BC0-2A06BAA2C122} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard) Task: {4B342186-2ECE-4055-B39B-E436E6454553} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {63EBED2C-7914-4709-933F-2E8E9E2D4405} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {6628876B-CAE7-4DF2-B85E-D2F185E53364} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2015-12-01] (Apple Inc.) Task: {666DF5ED-5270-41F4-AC75-1F4572410736} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {6BBC06C2-95B3-4626-A6FE-B61DE4A7D3B1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-10] (Microsoft Corporation) Task: {8C5CCEC5-E674-4AD6-9B89-C74F3545782A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {93E8653C-15C1-4B50-8A24-F848EA397138} - System32\Tasks\HPCeeScheduleForMohammadMutehir => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {9FA425CC-EDF6-41B6-BDF6-DC044723E38E} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2014-09-27] (Hewlett-Packard) Task: {A08F2478-C74C-41A1-9BAF-98342EF86BB2} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2015-02-11] (CyberLink Corp.) Task: {A203061E-5FB1-439E-AADF-F8E7920D3E07} - System32\Tasks\HPGenoobeReminder => C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe [2014-05-15] () Task: {AC2C528E-DD8A-4C6C-BF08-D0782DA882B0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {B55915D3-4545-45CD-9711-DA53148D26C6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.) Task: {BAD68591-9FF8-4DEB-B4C5-DFFC98759885} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {C655833B-6871-4988-8834-A10377A89AA7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-13] (Google Inc.) Task: {C7AAB66E-A854-4D26-A3A2-DE913A57E294} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated) Task: {CB6FA4F7-90D5-4382-8F21-91673EC9A96E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {CE7549D1-AA57-4D8C-A47D-A3676A1D86A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-02-18] (Hewlett-Packard Company) Task: {D18DF9B9-F8D0-447A-AC8B-376BC077A5ED} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2014-09-27] (Hewlett-Packard) Task: {D5487516-15B3-49CF-927F-7FC5D6FE0C73} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {E9838C96-DD12-45AA-8D8E-AD7DB923A983} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard) Task: {F27FDDA4-EB8B-49A8-A9E5-DA5F69394223} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.) Task: {F84AF58F-337D-47E3-94CB-F1DE232B8EA2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForMohammadMutehir.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-09-27 13:40 - 2014-09-27 13:40 - 02150400 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2014-09-27 13:39 - 2014-09-27 13:39 - 00035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2014-09-27 13:39 - 2014-09-27 13:39 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll 2014-09-27 13:39 - 2014-09-27 13:39 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2014-09-27 13:48 - 2014-09-27 13:48 - 00420432 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll 2014-09-27 13:48 - 2014-09-27 13:48 - 00746064 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-06-29 08:05 - 2014-04-14 18:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2014-10-08 03:05 - 2014-10-11 10:24 - 00098816 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2015-10-30 00:18 - 2015-10-30 00:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-02 10:37 - 2016-02-23 04:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-02 10:37 - 2016-02-23 04:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-17 22:24 - 2015-12-06 21:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-02 10:36 - 2016-02-23 01:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-12 17:27 - 2016-01-04 18:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-12 17:27 - 2016-01-04 18:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-27 23:58 - 2016-01-15 22:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-27 23:58 - 2016-01-15 22:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-12 17:27 - 2016-01-04 18:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2014-09-27 13:42 - 2014-09-27 13:42 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2016-01-21 19:56 - 2016-01-21 19:57 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-11-24 13:48 - 2015-11-24 13:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd 2015-11-24 13:46 - 2015-11-24 13:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll 2015-11-24 13:48 - 2015-11-24 13:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd 2015-11-24 13:48 - 2015-11-24 13:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd 2015-11-24 13:43 - 2015-11-24 13:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd 2015-11-24 13:48 - 2015-11-24 13:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd 2015-11-24 13:48 - 2015-11-24 13:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd 2015-11-24 13:48 - 2015-11-24 13:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd 2015-11-24 13:43 - 2015-11-24 13:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd 2015-11-24 13:43 - 2015-11-24 13:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd 2015-11-24 13:43 - 2015-11-24 13:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd 2015-11-24 13:46 - 2015-11-24 13:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll 2015-11-24 13:48 - 2015-11-24 13:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd 2015-11-24 13:47 - 2015-11-24 13:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd 2015-12-07 13:57 - 2015-12-07 13:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd 2015-11-24 13:47 - 2015-11-24 13:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd 2015-11-24 13:47 - 2015-11-24 13:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd 2015-11-24 13:47 - 2015-11-24 13:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd 2015-11-24 13:43 - 2015-11-24 13:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd 2016-03-14 16:56 - 2016-03-07 19:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll 2016-03-14 16:56 - 2016-03-07 19:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll 2016-01-21 19:56 - 2016-01-21 19:57 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-21 19:56 - 2016-01-21 19:57 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00143296 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 02631616 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll 2015-04-13 06:56 - 2015-04-13 06:56 - 00070675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 02158528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00593344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 01566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00332736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 01264064 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00242112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00108992 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00096704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 12001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00091584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00032192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00084928 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00034752 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00961472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 01303488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll 2015-04-13 06:57 - 2015-04-13 06:57 - 00127936 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libhttp_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00304576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 01291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 01549248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00363456 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 2015-04-13 07:00 - 2015-04-13 07:00 - 00121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 13522368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00772544 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00702400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00125376 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00064448 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 01504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00030656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00037312 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 2015-04-13 06:58 - 2015-04-13 06:58 - 00024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 2015-04-13 06:59 - 2015-04-13 06:59 - 00022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2016-03-18 20:44 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-554739248-862141351-3468069622-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\MohammadMutehir\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{2947302c-64c7-41b4-8b8f-6db844abe9d1}.jpeg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "IDSCPRODUCT" HKLM\...\StartupApproved\Run: => "Sound+" HKLM\...\StartupApproved\Run32: => "PlaysTV" HKLM\...\StartupApproved\Run32: => "Raptr" HKU\S-1-5-21-554739248-862141351-3468069622-1002\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-554739248-862141351-3468069622-1002\...\StartupApproved\Run: => "AppEx Accelerator UI" HKU\S-1-5-21-554739248-862141351-3468069622-1002\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-554739248-862141351-3468069622-1002\...\StartupApproved\Run: => "Birds" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{313EFE07-6E92-48B5-B9AF-51319C93E276}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7D5B0A16-3A0A-4678-83E1-A0E840E2DB80}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CC79C91A-49EE-4282-A29B-FF94B8F6CE0D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BA37EF85-32E1-4C59-B54E-CB7A9FE1AACB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{DFFE6A32-C13B-4E16-8224-FEE7C269E4DC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{5319A4A4-FA82-4335-AA29-F5AB1F0D619E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{170AD8EB-9D4B-49E4-B6BE-A3F9F5BCB3A3}] => (Allow) C:\Users\MohammadMutehir\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{FF020ABB-8503-43A3-8345-698835FC39FA}] => (Allow) C:\Users\MohammadMutehir\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{EDE82337-638D-4367-AB42-569E260A4321}] => (Allow) C:\Users\MohammadMutehir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{BE336DEE-7963-4401-8AA4-6CDFC0D8C974}] => (Allow) C:\Users\MohammadMutehir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C16883AE-0786-4B29-BD77-CDFA0FDBB967}] => (Allow) C:\Users\MohammadMutehir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{39609542-7C8F-4F16-90F3-1FF172BFCA28}] => (Allow) C:\Users\MohammadMutehir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A0904D0B-C2F8-41F4-985C-70523925DC85}] => (Allow) C:\Users\MohammadMutehir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{39A6E312-D0EC-49CF-8CAD-F1876C51B06D}] => (Allow) C:\Users\MohammadMutehir\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{43492577-7E4D-41FA-9B50-B210A1F172B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E1ACA541-BA05-4C7A-B0BE-8F4A15961018}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{52AE6E09-4DC9-4FC7-82A3-8AB0153C09E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BB53B192-DEAD-4EE6-9261-D6CCD4F3DF2B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6BD8DBDC-0560-4F26-ADC2-DB0798814BC2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe FirewallRules: [{D4194458-810F-464A-B5C5-3720C5205A22}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{489B7F4B-AE9A-4149-977C-742C9C03CBC2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{180DCEDB-9DA5-442F-B695-3BCB439ABF55}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{B203AE56-6618-4528-93CD-FD97C5DD4A0F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{FA6B460E-4A5E-4AEB-855E-9DD5C4DB15E9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{CFB18DFD-BE39-4FAA-9C4D-44062D3D2D5B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{C0BAD9CC-D148-4FED-A1AC-E93664403624}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPSOCKSVC.exe FirewallRules: [{DE678EA8-B7E9-42DE-8A41-ED899223D85E}] => (Allow) C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE FirewallRules: [{8D2D4CBE-DCC5-4D35-AAE6-B3E6CE73D508}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{257D1EFA-870D-436F-B729-276502A7C69D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{D25B456A-5DC2-469E-89A1-24443DA81243}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{1FF5743C-B968-4BAB-B7A9-BCC93A4A146F}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{75EB62B3-2D0A-4210-9661-65F3337B7309}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{3ED9E3BD-47C8-4D35-BEB6-045B44A44057}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{BCAADF8E-A87F-4327-82BD-EA9A14462AA2}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{821ACAEF-B568-49E0-98D1-8BE1C6674D78}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 10-03-2016 22:56:25 Windows Update 19-03-2016 00:12:31 Removed DummyInstaller 19-03-2016 02:29:08 Restore Operation ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/19/2016 02:35:36 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15266 Error: (03/19/2016 02:35:36 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15266 Error: (03/19/2016 02:35:36 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (03/19/2016 02:33:06 AM) (Source: System Restore) (EventID: 8210) (User: ) Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070570. Error: (03/19/2016 02:29:30 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (03/19/2016 02:22:32 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (03/19/2016 12:34:22 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: vlc.exe, version: 2.2.1.0, time stamp: 0x00000004 Faulting module name: libqt4_plugin.dll, version: 2.2.1.0, time stamp: 0x00020002 Exception code: 0x40000015 Fault offset: 0x007ca10a Faulting process id: 0x201c Faulting application start time: 0xvlc.exe0 Faulting application path: vlc.exe1 Faulting module path: vlc.exe2 Report Id: vlc.exe3 Faulting package full name: vlc.exe4 Faulting package-relative application ID: vlc.exe5 Error: (03/19/2016 12:12:47 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (03/19/2016 12:08:47 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc Faulting module name: SkyWrap.dll, version: 10.1.2123.10, time stamp: 0x569054c9 Exception code: 0xc0000005 Fault offset: 0x00ac6197 Faulting process id: 0x2b4 Faulting application start time: 0xSkypeHost.exe0 Faulting application path: SkypeHost.exe1 Faulting module path: SkypeHost.exe2 Report Id: SkypeHost.exe3 Faulting package full name: SkypeHost.exe4 Faulting package-relative application ID: SkypeHost.exe5 Error: (03/19/2016 12:03:24 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.122, time stamp: 0x56cbff21 Faulting module name: eModel.dll, version: 11.0.10586.122, time stamp: 0x56cbfbc9 Exception code: 0xc0000005 Fault offset: 0x00000000001bf207 Faulting process id: 0x26f0 Faulting application start time: 0xMicrosoftEdge.exe0 Faulting application path: MicrosoftEdge.exe1 Faulting module path: MicrosoftEdge.exe2 Report Id: MicrosoftEdge.exe3 Faulting package full name: MicrosoftEdge.exe4 Faulting package-relative application ID: MicrosoftEdge.exe5 System errors: ============= Error: (03/20/2016 12:52:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (03/20/2016 01:41:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_707af service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/20/2016 01:41:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_707af service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/20/2016 01:41:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_707af service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/20/2016 01:41:10 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_707af service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/20/2016 01:41:09 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (03/19/2016 08:08:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (03/19/2016 07:14:03 PM) (Source: bowser) (EventID: 8003) (User: ) Description: The master browser has received a server announcement from the computer RINA-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{FB7BB55C-8FEE-4CAB-92EC-08D9E09C355C}. The master browser is stopping or an election is being forced. Error: (03/19/2016 07:03:34 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (03/19/2016 06:59:47 PM) (Source: APPHOSTSVC) (EventID: 9010) (User: ) Description: The Application Host Helper Service encountered an error trying to access the root history directory 'C:\inetpub\history'. The directory either doesn't exist or the permissions on it don't allow the history service to access it. The config history feature is disabled for now and will be re-enabled after the issue is resolved. To resolve this issue, please ensure that the directory exists and that the Administrators group have read and write access to it. The data field contains the error number. CodeIntegrity: =================================== Date: 2016-03-18 23:45:00.058 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:59.876 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:59.734 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:51.626 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:49.141 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:48.959 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:48.212 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:41.542 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:28.351 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-03-18 23:44:28.219 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\dnsapi.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics Percentage of memory in use: 36% Total physical RAM: 7364.91 MB Available physical RAM: 4671.01 MB Total Virtual: 11765.91 MB Available Virtual: 8960.96 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:906.47 GB) (Free:313.72 GB) NTFS Drive d: (RECOVERY) (Fixed) (Total:23.2 GB) (Free:2.6 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 760B0F21) Partition: GPT. ==================== End of Addition.txt ============================