Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2016 Ran by JButler (29-08-2016 17:17:58) Running from C:\Users\JButler\Desktop Windows 10 Home Version 1511 (X64) (2015-12-24 12:40:33) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2255940260-1588004598-2344460268-500 - Administrator - Disabled) ASPNET (S-1-5-21-2255940260-1588004598-2344460268-1005 - Limited - Enabled) DefaultAccount (S-1-5-21-2255940260-1588004598-2344460268-503 - Limited - Disabled) Guest (S-1-5-21-2255940260-1588004598-2344460268-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2255940260-1588004598-2344460268-1003 - Limited - Enabled) JButler (S-1-5-21-2255940260-1588004598-2344460268-1001 - Administrator - Enabled) => C:\Users\JButler ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: System Shield (Enabled - Up to date) {51A1F251-72D6-FBFA-1969-EBE1F52F559F} AS: System Shield (Enabled - Up to date) {EAC013B5-54EC-F474-23D9-D0938EA81F22} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden A360 Desktop (HKLM\...\{A74E6AC6-623F-4DFE-B362-32C7986EE871}) (Version: 6.2.10.1700 - Autodesk) ACA & MEP 2016 Object Enabler (Version: 7.8.41.0 - Autodesk) Hidden ACAD Private (Version: 20.1.49.0 - Autodesk) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.) Akamai NetSession Interface (HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.) AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 4.0.0.0 - AppEx Networks) Android Sync Manager WiFi (HKLM-x32\...\{13D946AF-DAD9-0200-0000-000000000000}) (Version: 11.10.2763 - Mobile Action) Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) ArcSoft PhotoImpression 6 (HKLM-x32\...\{D03E7B00-CA85-4684-9321-1888873C34BD}) (Version: 6 - ArcSoft) ArcSoft Print Creations (HKLM-x32\...\{0D6D96F4-0CAF-4522-B05F-70A88EDECDFD}) (Version: - ArcSoft) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.102 - Atheros) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros) AutoCAD 2016 - English (Version: 20.1.49.0 - Autodesk) Hidden AutoCAD 2016 (Version: 20.1.49.0 - Autodesk) Hidden AutoCAD 2016 Language Pack - English (Version: 20.1.49.0 - Autodesk) Hidden Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk) Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk) Autodesk AutoCAD 2016 - English (HKLM\...\AutoCAD 2016 - English) (Version: 20.1.49.0 - Autodesk) Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk) Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk) Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk) Autodesk Content Service (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Content Service Language Pack (Version: 3.2.0.0 - Autodesk) Hidden Autodesk Desktop App (HKLM-x32\...\Autodesk Desktop App) (Version: 6.0.108.150 - Autodesk) Autodesk Featured Apps 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk) Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk) Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk) Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk) Autodesk ReCap 2016 (Version: 1.5.0.33 - Autodesk) Hidden Avantage d'Or / Golden Edge (HKLM-x32\...\{0AE17B00-31FA-11D6-BED9-000629F77048}) (Version: - ) AVS Media Player 4.1.9.95 (HKLM-x32\...\AVS Media Player_is1) (Version: - Online Media Technologies Ltd.) AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.) AVSDK5 (Version: 5.4.11 - CYREN Inc.) Hidden Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) calibre (HKLM-x32\...\{F315BB02-95E7-4937-88FA-5DAC15E7DA2B}) (Version: 2.26.0 - Kovid Goyal) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.3.0 - Canon Inc.) Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.) Canon MX490 series On-screen Manual (HKLM-x32\...\Canon MX490 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MX490 series User Registration (HKLM-x32\...\Canon MX490 series User Registration) (Version: - ‭Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.1.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.) Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version: 1.6.0 - Canon Inc.) CenoPDF (32-bit) (x32 Version: 3.6.230.0 - Lystech Computing) Hidden CenoPDF v3.6.230.0 (HKLM-x32\...\{446a474f-287b-4c98-8036-2dd6bbaf6dfb}) (Version: 3.6.230.0 - Lystech Computing) CGS17_Setup_x64 (Version: 17.6 - Corel Corporation) Hidden Comic Life (HKLM-x32\...\{6A1F0A1A-474C-4151-8534-5F61832D88CD}) (Version: 1.3.6 - plasq) Corel Graphics - Windows Shell Extension (HKLM\...\_{52166132-E642-447F-9785-F9133563CE59}) (Version: 17.6.0.1021 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 17.6.1021 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.6.1021 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - BR (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Capture (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Common (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Connect (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Custom Data (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Draw (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - EN (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - ES (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Filters (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FontNav (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - FR (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - IPM (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - PHOTO-PAINT (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Photozoom Plugin (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Redist (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Setup Files (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VBA (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VideoBrowser (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - VSTA (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 - Writing Tools (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X6 (64-Bit) (HKLM\...\_{BDBFAC49-8877-472F-876B-75ADB7DBC955}) (Version: 16.1.0.843 - Corel Corporation) CorelDRAW Graphics Suite X6 (x64) (Version: 16.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.6.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.6.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.6 - Corel Corporation) Hidden CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.6.0.1021 - Corel Corporation) Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects) CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: - ) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4305 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden deskPDF Studio X (HKLM-x32\...\deskPDF Studio_is1) (Version: - Docudesk) direcTORY Application (HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\121406415.www.c-vote.ca) (Version: - www.c-vote.ca) D-Link DWA-171 Wireless AC Dual Band Adapter (HKLM-x32\...\{5F1C0C6E-0E47-4D60-8971-6EF9FC439B8B}) (Version: 1 - D-Link) Dropbox (HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\Dropbox) (Version: 8.4.21 - Dropbox, Inc.) Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) EPSON Print CD (HKLM-x32\...\{FF477885-5EA8-40D0-ADF3-D4C1B86FAEA4}) (Version: 1.60.000 - ) EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) EPSON Stylus Photo RX680 Series Scanner Driver Update (HKLM-x32\...\{1CA2E5E4-F4FE-44B4-95E9-77523FB95838}) (Version: - ) ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook) FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production) File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC) FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - ) Fitbit Connect (HKLM-x32\...\{D626E72A-ED95-489A-9B8B-0B2A7B649A85}) (Version: 2.0.0.6518 - Fitbit Inc.) Foxit Phantom (HKLM\...\{31753CDD-A7DA-4667-BEFC-B3EA3BDF366E}) (Version: 2.2.0225 - Foxit Software Company) Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Drive (HKLM-x32\...\{459CE109-4E46-4340-92BC-054642BC3BC2}) (Version: 1.31.2873.2758 - Google, Inc.) Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP Documentation (HKLM-x32\...\{6C453C9C-38AE-494D-BF89-7AA0DE87F3E5}) (Version: 1.2.0.0 - Hewlett-Packard) HP LaserJet Professional CP1520 Series (HKLM-x32\...\{5C069542-CA13-4f1b-B90C-28C6430F4992}) (Version: - Hewlett-Packard) HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro 8600 Help (HKLM-x32\...\{46235FF7-2CBE-4A84-BEDA-87348D1F7850}) (Version: 28.0.0 - Hewlett Packard) HP Officejet Pro 8600 Product Improvement Study (HKLM\...\{2BF5E9CC-C55D-4B0F-ACAF-FFE77F333CD8}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet Pro X476dw MFP Basic Device Software (HKLM\...\{39A2D5AC-305A-4FAD-8845-4CC8C76C0BE2}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Officejet Pro X476dw MFP Help (HKLM-x32\...\{D99D6F87-451C-4BCF-8053-DC62C8E341B9}) (Version: 29.0.0 - Hewlett Packard) HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{962CB079-85E6-405F-8704-1C62365AE46F}) (Version: 4.5.10.1 - Hewlett-Packard Company) HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.5.26.37 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPLaserJetHelp_LearnCenter (HKLM-x32\...\{E15C68A1-9CA5-44AC-A7F7-6C0673F196A8}) (Version: 1.01.0000 - Hewlett-Packard) HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0008 - HP) hppCP1520LaserJetService (x32 Version: 001.007.00319 - Hewlett-Packard) Hidden hppLaserJetService (x32 Version: 002.007.00397 - Hewlett-Packard) Hidden hppTLBXFXCP1520 (x32 Version: 001.007.00647 - Hewlett-Packard) Hidden hpzTLBXFX (x32 Version: 006.007.00770 - Hewlett-Packard) Hidden I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6423.0 - IDT) Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation) iolo technologies' System Mechanic Professional (HKLM-x32\...\{BBD3F66B-1180-4785-B679-3F91572CD3B4}_is1) (Version: 15.5.0 - iolo technologies, LLC) iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kies Air Discovery Service (HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\Kies Air Discovery Service) (Version: - Samsung) Kobo (HKLM-x32\...\Kobo) (Version: 3.1.5 - Kobo Inc.) Kodi (HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\Kodi) (Version: - XBMC-Foundation) Licensing Service (03000201) (x32 Version: 03.00.02.15 - Protexis Inc.) Hidden Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Nero 2016 (HKLM-x32\...\{9C637A56-4287-487F-95BF-1422FC1AA879}) (Version: 17.0.04500 - Nero AG) Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG) Nero Self Extractor 12.0.3.0 (HKLM-x32\...\Nero Self Extractor 12.0.3.0) (Version: 12.0.3.0 - Nero Self Extractor) Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.1 - pdfforge) Player (HKLM-x32\...\Player) (Version: - ) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Prerequisite installer (x32 Version: 17.0.0002 - Nero AG) Hidden Product Improvement Study for HP Officejet Pro X476dw MFP (HKLM\...\{3531419E-DA6B-45DD-BFF7-9105F1A67807}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) qBittorrent 3.3.3 (HKLM-x32\...\qBittorrent) (Version: 3.3.3 - The qBittorrent project) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden RegimeRetraiteIndividuel (HKLM-x32\...\{09064D50-FF4A-407C-9B13-15B9D231EBA2}) (Version: - ) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) RPS CRT (x32 Version: 9.0.48 - TELUS) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.5.1.12123_2 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SetupCrystalReports (HKLM-x32\...\{DE723887-712F-499D-8B82-5A1EC8F46062}) (Version: 1.0.0 - DSF) Shopping Helper Smartbar Engine (HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\{2cdca571-9571-43bf-8129-ad453d9a55c8}) (Version: 10.215.63.15249 - ReSoft Ltd.) <==== ATTENTION SketchUp 2014 (HKLM-x32\...\{F246092E-FA0B-47C8-9D3E-CF8C210293C8}) (Version: 14.1.1282 - Trimble Navigation Limited) SketchUp 2015 (HKLM\...\{350488A4-1540-4103-8F01-B27503891EB0}) (Version: 15.3.331 - Trimble Navigation Limited) SketchUp Import 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk) Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.6 - Sophos Limited) Stashimi Stub Installer (x32 Version: 18.001.1 - Nero AG) Hidden StudioTax 2014 (HKLM-x32\...\{41720083-9D3D-46C1-B01A-D29BE92C80B6}) (Version: 10.0.6.1 - BHOK IT Consulting) StudioTax 2015 (HKLM-x32\...\{38A3BBA2-1AA6-4DCC-AABF-ECDC37C6B3DB}) (Version: 11.0.5.1 - BHOK IT Consulting) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated) System Mechanic 12 Professional (x32 Version: 15.5.0 - ) Hidden Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.6.1 - Tweaking.com) TweetDeck (HKLM-x32\...\{FA6381E9-96D2-4F6F-866C-4D16E5986FF6}) (Version: 2.7.1 - Twitter, Inc.) VIO Player version 1.2 (HKLM-x32\...\{2A9009E1-122C-4692-B442-A750C0DE7BA1}_is1) (Version: 1.2 - VIO Player) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinX DVD Ripper Platinum 7.5.13 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version: - Digiarty Software, Inc.) WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. ) WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden Wondershare DVD Creator(Build 3.4.0) (HKLM-x32\...\Wondershare DVD Creator_is1) (Version: - Wondershare Software) Wondershare Helper Compact 2.5.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.0 - Wondershare) WOT for Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy) Yahoo! Powered (HKLM-x32\...\winsearch) (Version: - ) ZoomExpressKeyView14.1 (HKLM-x32\...\{C007CFA1-FC3C-49B8-8D30-DB5BF3396632}) (Version: 14.1.04 - ...) Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\JButler\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\JButler\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll () CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\en-US\acadficn.dll (Autodesk, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\JButler\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2255940260-1588004598-2344460268-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\JButler\AppData\Roaming\Dropbox\bin\DropboxExt64.42.dll (Dropbox, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {032FF7FB-8F4A-422E-A149-59576FB52AEC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) Task: {0672D3D5-C923-4E23-90AD-04E329E73C4F} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => c:\Program Files\Microsoft Device Center\devicecenter.exe Task: {0B7AC043-D85E-4F57-8E74-8BA2FAB6615C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.) Task: {0BFBFB4D-FEE6-4837-A47B-ED7DCD36F002} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {12BBACE1-BF60-4E17-84EE-D1C66B77E7A5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {1B5C2A26-AA64-4688-A4D4-A630F7020BC2} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation) Task: {1BA50F2C-AFF8-4F0B-A939-A8ACA1A54356} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-09] (Microsoft Corporation) Task: {218F1E4C-A15B-4C7F-A40B-CA86BDFA00D6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation) Task: {22411407-511C-4312-8099-E7924A68EF50} - System32\Tasks\{E7AD7AB2-8D65-4874-822D-3B6245BD1D64} => pcalua.exe -a C:\WINDOWS\75d20eaa396690e6ab4815c7a42ca198.exe -d C:\Windows\ImmersiveControlPanel Task: {24B86B2D-CD7D-4DB5-9834-04906FC2F158} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001Core => C:\Users\JButler\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-21] (Google Inc.) Task: {25A0BFC4-3CB9-46E5-BA48-2BCA172F39A3} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {29013EC2-5113-42AF-BB44-F1594232C723} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {3009EF85-AEFA-4DD3-BED6-6397266DB0C3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001UA => C:\Users\JButler\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.) Task: {3A82BBE0-C3B3-42F9-A9A4-1D23C8696413} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe Task: {3CE1158D-158A-453E-84EF-8C334C9EDD2C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {3F7D4E45-3BCE-49AE-A59A-772F9276F7F9} - System32\Tasks\{3C168FBD-975E-4E72-80D7-67CC0591F7D3} => pcalua.exe -a C:\Users\JButler\Downloads\InstallInSync324.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {3FDA38DA-37F2-4FF3-B53C-25B907C62F74} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation) Task: {43F48598-6B90-4B51-9055-DE0AA287A089} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {44CC7AA6-29D9-4E28-A3FB-763ECC39214C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {458723E2-28EC-4592-B2E6-CCBE7F21D9F4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {479222BC-8036-4A0D-A208-9662B826B4D5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {49275A7C-3F56-4DA4-A6D9-315831D580B8} - System32\Tasks\FaxApplications.exe_{E4FCF074-00C3-439E-A8BA-34311A80C2B5} => C:\Program Files\HP\HP Officejet Pro X476dw MFP\Bin\FaxApplications.exe [2014-03-06] (Hewlett-Packard Co.) Task: {4BE80749-44F3-4B95-B551-EFE245E5C503} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {4EAF5005-1C1E-49C5-8F7E-FA52F84CAFC0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {504D6BD9-9F53-4AB1-B022-333FB258B369} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft) Task: {533F31B9-17FD-4A74-B40D-BA4DE7FC2BA8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {597016BC-C9C0-4CE1-9258-3AB43B7B4390} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {5BBCF1C6-B051-4CFD-81C5-615F7AD7E12A} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5F3258DB-B6E7-45B3-B3E4-832429355F16} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5FC50BBF-C91E-4D98-A69B-22386376CDA5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {64958502-564C-4615-8F1D-B9C0E3A8888A} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic Professional\iologovernor64.exe [2016-02-19] (iolo technologies, LLC) Task: {673484DA-11F6-41A4-A8EA-2347D6B22DC9} - System32\Tasks\HPCeeScheduleForJButler => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {68444FA3-025E-4119-AD1C-E8D029529F69} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {6A69FF7B-618E-478F-B7FF-172C75ABF0B1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {6AC19412-E143-4BA5-BE36-595319871724} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG) Task: {6B0AC538-663D-4BF8-9ABB-1CF2C92923ED} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe Task: {6DA486F9-52D5-483F-8C23-AFF9BF3E61E9} - System32\Tasks\{B9C883CF-FFE6-42AE-8B5F-5A3E67539BF0} => pcalua.exe -a C:\Users\JButler\AppData\Local\{2F341968-0B9C-75D0-6604-5038426CACA0}\uninst.exe -c -FN="C:\Users\JButler\AppData\Roaming\{2F6919D2-0A3B-74A4-610D-5376BDDFAE48}\SyncTask.exe"-P=/Uninstall /s /noun /DelSelfDir Task: {6DBF2317-7A17-4B9E-BE6B-E85079B052F4} - System32\Tasks\{786D521F-9AFE-58B1-0879-0AAE95A6378D} => C:\Users\JButler\AppData\Roaming\{2F691~1\SyncTask.exe [2013-04-25] () <==== ATTENTION Task: {7928B189-420F-4218-8D5C-57EF5698838F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {7F5D594F-F232-48C3-9ACC-AF6DC3768302} - System32\Tasks\{BC45F2BC-BDEF-4171-B119-5536EEB7702D} => pcalua.exe -a C:\Users\JButler\Desktop\AMV95Setup.exe -d C:\Users\JButler\Desktop Task: {8117C21D-4376-46FB-925A-B9E293713691} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {87876009-4FE2-4836-9988-5BA63F63FA54} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation) Task: {87E11C20-456F-458B-80D1-7BA3161E3D16} - System32\Tasks\{590280A9-2B45-49CC-AE52-D87180C79760} => pcalua.exe -a "C:\Program Files\Handbrake\uninst.exe" Task: {8A4E1821-2723-47B8-9B0A-03D4AF574D9D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {8A996289-3D89-412B-88D1-E069368B15C9} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com) Task: {8F05D060-FF41-49BE-A7D9-C9B25E69D5D1} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {9148ACD7-429F-48ED-9031-79AF4568745B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {9349A0AE-8611-467E-BC1E-BC09F04A702A} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {94C0A6DC-C763-419E-B8C3-2B5DF0555BAC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.) Task: {9D5D8B64-3BA8-4A0D-9C73-20875EF72DF5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {AB1F7109-88BC-4CAA-9F75-3EB96E4A9176} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {AE68B485-5057-47B9-B5E0-4A0C4F8E3A83} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {B2686D9A-ED77-4DC7-9BD8-5D8DACD81CFE} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe Task: {B5733E3F-1289-46EF-BF71-7A33E221F387} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {B5BA9E8B-9839-432C-B9BF-0DCD95564D9C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001UA => C:\Users\JButler\AppData\Local\Google\Update\GoogleUpdate.exe [2015-11-21] (Google Inc.) Task: {B9315AEE-9F62-4BB6-B0FA-F84211803CD4} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {BD791F1A-9F77-4400-8CDA-A1D7E0AA1EA8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {C2239A6F-144D-43E2-BB85-0C07D7CD2E28} - System32\Tasks\HPCustParticipation HP Officejet Pro X476dw MFP => C:\Program Files\HP\HP Officejet Pro X476dw MFP\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {C897FA96-84BB-465B-98D7-B2A5D944EFAB} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-04-22] (Apple Inc.) Task: {C89DD698-504F-4039-86FF-601D66E3760E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-05-02] (Hewlett Packard) Task: {C8D9FBC8-BFA2-4DAE-9D59-3C505CC32EBF} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-06-15] (HP Inc.) Task: {CC1C55FD-EC90-47A1-BDDF-C42DF09F642A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {CCB6F37C-879F-48CF-9E29-983551D8EF17} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated) Task: {D19FE2FB-5C76-4F71-BBF8-3B63AE529618} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {D2F270C6-BD35-4FB4-AAB0-F86CC297540A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001Core => C:\Users\JButler\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.) Task: {D31282A1-4D5E-4212-8924-E57DBD5C557C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\JButler\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-26] (Microsoft Corporation) Task: {D6B2AF60-9F01-4692-85B7-733C92556F09} - System32\Tasks\{1010F0F3-84B5-4DED-AC92-802C0B6FF4A4} => pcalua.exe -a C:\PROGRA~1\DIFX\B60D12~1\DPInst64.exe -c /u C:\Windows\System32\DriverStore\FileRepository\leapfrog-02-03-05-012-1373324.inf_amd64_neutral_8d32ba055a076abd\leapfrog-02-03-05-012-1373324.inf Task: {D80BD92A-0111-4D59-8B52-D189288580E0} - System32\Tasks\PandaUSBVaccine => C:\Program Files (x86)\Panda USB Vaccine\RunInteractiveWin.exe Task: {D931E858-733D-427B-9F68-E1E097E77B7C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {DFBEF069-17B6-487D-9747-5049CF4E23A0} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-07-06] (CyberLink) Task: {E3403E52-AD30-4974-BE5E-6B3D02170491} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {E84C1363-6C49-4FBE-A1D3-40B91FB4AA1C} - System32\Tasks\{663009E6-25DC-4C8A-B006-F13E3799DA9F} => pcalua.exe -a C:\Users\JButler\Downloads\Inforce_13.exe -d C:\Users\JButler\Downloads Task: {EDB20B8F-28A4-4472-89E1-33A40F028DCB} - System32\Tasks\Adobe => C:\Users\JButler\AppData\Local\Temp\keye.exe <==== ATTENTION Task: {EF962840-5DBD-4D5D-9AD6-0894B6270B2A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001Core => C:\Users\JButler\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.) Task: {F96B678B-B478-4542-8C21-8712EAC66E5C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {FB3924D7-2DAD-4DC1-9C2D-8BF96EDCE55D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FD539FCE-A3F8-4931-97D7-B56BFEB21D5C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001Core.job => C:\Users\JButler\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001UA.job => C:\Users\JButler\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001Core.job => C:\Users\JButler\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2255940260-1588004598-2344460268-1001UA.job => C:\Users\JButler\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForJButler.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\{786D521F-9AFE-58B1-0879-0AAE95A6378D}.job => ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\JButler\Desktop\Utilities\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () Shortcut: C:\Users\JButler\Desktop\Utilities\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat () Shortcut: C:\Users\JButler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat () Shortcut: C:\Users\JButler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () Shortcut: C:\Users\JButler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat () Shortcut: C:\Users\JButler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () ShortcutWithArgument: C:\Users\JButler\Desktop\Sweet Home 3D.lnk -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaws.exe (Oracle Corporation) -> -localfile -offline -J-Djnlp.application.href=hxxp://www.sweethome3d.com/SweetHome3D.jnlp "C:\Users\JButler\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\247e2df4-1f577b90" ShortcutWithArgument: C:\Users\JButler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\direcTORY Application.lnk -> C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe (Microsoft Corporation) -> 121406415.www.c-vote.ca ShortcutWithArgument: C:\Users\JButler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D\Sweet Home 3D.lnk -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaws.exe (Oracle Corporation) -> -localfile -offline -J-Djnlp.application.href=hxxp://www.sweethome3d.com/SweetHome3D.jnlp "C:\Users\JButler\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\247e2df4-1f577b90" ShortcutWithArgument: C:\Users\JButler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-08-21 23:09 - 2015-08-21 23:09 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 08:08 - 2014-02-11 08:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2014-02-11 08:08 - 2014-02-11 08:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2015-08-21 23:09 - 2015-08-21 23:09 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2016-04-15 15:45 - 2014-05-15 19:25 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2016-07-13 00:27 - 2016-06-30 22:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-13 00:27 - 2016-06-30 22:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2016-08-26 18:21 - 2016-08-26 18:21 - 01864384 _____ () C:\Users\JButler\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-10-30 01:18 - 2015-10-30 01:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll 2015-12-24 14:53 - 2015-12-06 22:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-13 00:29 - 2016-06-30 21:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-07-13 00:27 - 2016-06-30 21:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-13 00:27 - 2016-06-30 21:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-13 00:27 - 2016-06-30 21:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-13 00:27 - 2016-06-30 21:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-08-21 23:09 - 2015-08-21 23:09 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2016-04-19 17:55 - 2016-04-19 17:56 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-08-15 18:30 - 2016-08-15 18:30 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-08-15 18:30 - 2016-08-15 18:30 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-02 18:12 - 2016-06-02 18:12 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-03-03 17:50 - 2016-03-03 17:51 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2016-08-24 16:51 - 2016-08-24 16:51 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe 2012-05-02 14:29 - 2012-03-11 14:56 - 00086608 _____ () C:\WINDOWS\System32\cpwmon64.dll 2014-04-23 14:58 - 2013-06-17 17:40 - 00035944 _____ () C:\Windows\system32\ddmon4-64x.dll 2016-06-04 21:55 - 2016-03-23 04:02 - 00110608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll 2016-06-04 21:55 - 2016-03-23 04:02 - 00061968 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll 2016-08-26 18:20 - 2016-08-26 18:20 - 01383616 _____ () C:\Users\JButler\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll 2016-08-26 18:20 - 2016-08-26 18:20 - 00118976 _____ () C:\Users\JButler\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll 2016-08-08 16:28 - 2016-08-02 18:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll 2016-08-08 16:28 - 2016-08-02 18:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll 2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2016-08-23 18:27 - 2016-07-11 20:07 - 00035792 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00145864 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00019408 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00116688 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2016-08-23 18:27 - 2016-07-11 20:07 - 00100296 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00018888 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\select.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00019760 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00694224 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00020816 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00123856 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 01682760 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00020808 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00021312 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00052024 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00105928 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00025424 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00038696 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00392144 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2016-08-23 18:27 - 2016-07-11 20:09 - 00020936 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00024528 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32event.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00114640 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32security.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00381752 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00124880 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00024016 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00175560 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32gui.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00030160 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00043472 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32process.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00048592 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00026456 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00057808 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00024016 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00246592 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00028616 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32ts.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00020800 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00019776 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00020800 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00144848 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-08-23 18:27 - 2016-07-11 20:08 - 00241104 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\_jpegtran.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00020280 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00023376 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00350152 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00022352 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00024392 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00036296 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\librsync.dll 2016-08-23 18:27 - 2016-08-23 17:17 - 00031568 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd 2016-08-23 18:27 - 2016-08-23 17:02 - 00293392 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll 2016-08-23 18:27 - 2016-08-23 17:17 - 00084280 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL 2016-08-23 18:27 - 2016-08-23 17:17 - 01826096 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2016-08-23 18:27 - 2016-07-11 20:07 - 00083912 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\sip.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 03929392 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 01972016 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00531248 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00132912 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00224056 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00207672 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00020288 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winffi.user32._winffi_user32.pyd 2016-08-23 18:27 - 2016-07-11 20:09 - 00060880 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\win32print.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00037192 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00024904 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00546096 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00357680 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00168248 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd 2016-08-23 18:27 - 2016-08-23 17:17 - 00042808 _____ () C:\Users\JButler\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd 2016-06-04 21:55 - 2013-09-23 11:52 - 00043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll 2016-06-04 21:55 - 2015-11-05 06:07 - 00052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll 2016-06-04 21:55 - 2015-11-05 06:07 - 00195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll 2016-06-04 21:55 - 2015-11-05 06:07 - 00742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll 2016-06-04 21:55 - 2016-03-23 03:35 - 00284608 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\en-US\AdWingManRes.dll 2016-06-04 21:55 - 2015-09-08 00:31 - 40640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll 2016-06-04 21:55 - 2014-09-02 18:29 - 00912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll 2016-06-04 21:55 - 2014-09-02 18:29 - 00134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll 2016-06-04 21:55 - 2014-09-02 18:29 - 00950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll 2016-04-19 17:55 - 2016-04-19 17:56 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 17:55 - 2016-04-19 17:56 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0] AlternateDataStreams: C:\Users\JButler\AppData\Local\Temp:{34004D00-5100-3800-4500-650042004E00} [192] AlternateDataStreams: C:\Users\JButler\AppData\Local\Temp:{6F004C00-4500-7100-7100-2B0069007500} [664] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMP => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AMPSE => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventSystem => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseamps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vsedsps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vseqrts => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMP => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AMPSE => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventSystem => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseamps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsedsps => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vseqrts => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 20:34 - 2016-08-25 20:03 - 00000853 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.254 - 75.153.171.114 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\StartupApproved\Run: => "Autodesk Sync" HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\StartupApproved\Run: => "deskPDF Creator" HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\StartupApproved\Run: => "DiamondView" HKU\S-1-5-21-2255940260-1588004598-2344460268-1001\...\StartupApproved\Run: => "Dropbox Update" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{9A4CE18C-89B9-43AC-BF9D-CC0C46A96267}] => (Block) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{B4BB3C5D-16F2-426B-AADE-F0C5FB1006C4}] => (Block) C:\program files (x86)\kodi\kodi.exe FirewallRules: [UDP Query User{61C3FE30-69BA-4FE0-AFF4-A17B923F8C2A}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [TCP Query User{5CC04526-2F8B-4FA7-A77E-9A5801B3A3A3}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{3E12A13B-E544-4FCD-90B5-B711B34435AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7E758B92-90B3-4AB3-B6F8-1F552640E47C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7452C170-2E01-434D-ABD2-463D12A75C82}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DFDBFC09-0B97-4318-9435-47B311EB198A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D5A8E6DD-0F69-4695-AAB9-0F4038F5E2F9}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe FirewallRules: [{EDCF9443-1BBD-4478-AFBB-3B229F3FDA56}] => (Allow) C:\Program Files (x86)\EasyBits For Kids\ezDesktop.exe FirewallRules: [{DF765507-946B-4DE8-BEA2-2BA562CBADD1}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe FirewallRules: [{1D1A38E2-2390-47B2-A906-430C23648210}] => (Allow) C:\Program Files (x86)\Google\Google Talk\googletalk.exe FirewallRules: [{18DDC92A-D9D3-40AE-9A99-AAD3B91472C6}] => (Allow) C:\Program Files (x86)\TELUS\TELUS security advisor\ServicepointService.exe FirewallRules: [{40C8CF68-71F9-42CC-8B3E-8019A4DF677D}] => (Allow) C:\Program Files (x86)\TELUS\TELUS security advisor\ServicepointService.exe FirewallRules: [{351861F3-3379-494A-AFF4-F69F0DF4A182}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{097B0F34-D9B9-41D9-89A0-A7FAD400B2B4}] => (Allow) C:\Program Files (x86)\Opera\opera.exe FirewallRules: [{8234CB96-F0C9-4C33-B02D-F4754FD2B766}] => (Allow) c:\users\jbutler\appdata\roaming\allmyapps\allmyapps.exe FirewallRules: [{894A9A89-B5DF-40AE-A4DF-EA0BC58F04E2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{EE25172D-EC22-464D-ADA2-F4DA89B9074D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{10423B55-CF7D-4ED0-BBB3-0417C8311405}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe FirewallRules: [{AB553565-1E17-4D18-A7E7-EBEFAB565EC9}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe FirewallRules: [TCP Query User{D664876B-8CA0-4640-9F0A-8AF767EEE013}C:\users\jbutler\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jbutler\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{805B0B07-CB10-4052-B1BE-5E17E4CB32A6}C:\users\jbutler\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\jbutler\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{B3F53259-CD56-48CB-A045-6A3137B7B660}C:\users\jbutler\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jbutler\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe FirewallRules: [UDP Query User{E207F3C7-5CE7-4B83-93E2-37AF0E22E576}C:\users\jbutler\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\jbutler\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe FirewallRules: [TCP Query User{8D28E559-4463-4654-B05B-84D89415B5D8}C:\users\jbutler\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_rescue.exe] => (Allow) C:\users\jbutler\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_rescue.exe FirewallRules: [UDP Query User{565D6609-C2F4-4272-8307-D201949A6A12}C:\users\jbutler\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_rescue.exe] => (Allow) C:\users\jbutler\appdata\local\logmein rescue applet\lmir0002.tmp\lmi_rescue.exe FirewallRules: [{303BB543-FB5A-450D-96F6-48B23DAD6A47}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{AE1B6A92-99D9-4A07-A12F-09D9140A3B1E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{40CD332C-CA79-49C7-B043-0055840EEE1D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{A5BB1022-8486-4249-951A-FFA314D3D9A2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E0BC130D-3D11-46D4-9008-216797D30948}] => (Allow) C:\Users\JButler\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{4E24283D-F8BB-4690-84E4-9AD775A20B59}] => (Allow) C:\Users\JButler\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{FA5AD1B6-84DA-47F8-B4EC-0AD195A996B3}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe FirewallRules: [UDP Query User{2CF6DD1E-A946-4FF6-9453-88FB3A81C254}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe FirewallRules: [{B2453638-37C5-4D6C-808C-EFAAAD1A45EF}] => (Allow) C:\Users\JButler\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{9D936E3D-427C-40C4-A3C4-918B135C6B5E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{C5847BEC-72CD-4ABD-B568-23935A4872B5}] => (Allow) LPort=2869 FirewallRules: [{54EB54DE-AF1C-42E0-98A8-402BCE2CE5AE}] => (Allow) LPort=1900 FirewallRules: [{05FDD273-04E2-4254-824B-1A1A2BEC1B1F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{808CA976-56C1-4BDC-8608-23D0322FB37C}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe FirewallRules: [UDP Query User{5AFE3CCE-B0D4-46D1-A704-C0B03B3F6CCE}C:\program files (x86)\xbmc\xbmc.exe] => (Allow) C:\program files (x86)\xbmc\xbmc.exe FirewallRules: [{EAA4C18E-FF9E-45C7-BACE-4A2183D941E4}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe FirewallRules: [{1758033F-747C-4273-8F59-AA099C23FF11}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe FirewallRules: [{8C398438-E510-4C6B-AAA1-FBE3C0AC2199}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\bin\FaxApplications.exe FirewallRules: [{C0D615E5-F11F-44E1-A1A2-65DDD3C79898}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\bin\DigitalWizards.exe FirewallRules: [{4DDF382C-2541-4BED-A8B8-77C09C762C1B}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\bin\SendAFax.exe FirewallRules: [{B007FD2E-000A-4FDF-B908-6B02CF9E5AAA}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\Bin\DeviceSetup.exe FirewallRules: [{E29A31BA-94E4-400E-A5EB-DF578DE7686C}] => (Allow) LPort=5357 FirewallRules: [{6035340E-289E-42FD-AF3A-E4D455071F93}] => (Allow) C:\Program Files\HP\HP Officejet Pro X476dw MFP\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [TCP Query User{4FC1E9F0-4EFB-4F22-99D1-CCD30CD7E404}C:\users\jbutler\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jbutler\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{09BA0549-246A-4FCA-868E-81E5AD10CD77}C:\users\jbutler\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jbutler\appdata\local\akamai\netsession_win.exe FirewallRules: [{58EDA83C-4734-49C1-8643-47B638781279}] => (Block) C:\users\jbutler\appdata\local\akamai\netsession_win.exe FirewallRules: [{E9B536EA-2C35-474A-96EE-4C0C44C3276D}] => (Block) C:\users\jbutler\appdata\local\akamai\netsession_win.exe FirewallRules: [{E2333097-495F-4142-855B-A8110785CE77}] => (Allow) LPort=50248 FirewallRules: [{B78715E0-C55A-46A6-AEC9-C69282087843}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe FirewallRules: [{7ED169C8-1ED3-4D1F-A482-F78EF2B445CE}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe FirewallRules: [{D873E428-03C9-4F8F-A2B4-46535A8D03A3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe FirewallRules: [{F1300B25-94A9-4CC9-B80D-5335897880B9}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe FirewallRules: [{CDA68E17-51D7-40DE-B491-7924526FEA9B}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe FirewallRules: [{F04D2505-6E43-46BB-92B1-53D465BB2799}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{A3BFCAD9-AB6E-48C1-A54A-081652ECB556}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe FirewallRules: [{E2B2A5E8-55A2-466C-AD9B-B35AB776C6FB}] => (Allow) C:\Program Files (x86)\iolo\System Mechanic Professional\SysMech.exe FirewallRules: [{31566EDC-F94F-4092-9540-9EE1C2D632E2}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{4E60A968-BB00-44E8-A77E-5A0CE39C2630}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{4FCC11DE-615B-4E80-8A52-3F9A804D2FB0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{52F368B3-520F-4ACF-9AA0-5B9C80611566}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{F71C86A1-5914-41DD-9055-6B99AD5BBC30}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{AC30DD3E-7CD8-441D-BCC4-CE81ADD30FEE}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{86A3BBBD-7002-4515-90EF-50C5D8D921AE}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{306464D5-FEF8-48D9-BE48-60B622728444}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{00897D3F-0C59-44F2-8A54-A3A975CD20B1}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{49940FCC-A7D7-428B-A88A-030AF883BBAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E47EB17F-E38F-4DD8-BB8D-41199A48066C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe FirewallRules: [{380A8686-DC2A-49B4-864F-65DE5E42EAAF}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe FirewallRules: [{5A32EC2E-76C8-4365-BF30-29F418CAF16C}] => (Allow) C:\Program Files (x86)\Nero\KM\MediaHome.exe FirewallRules: [{4BCC47FC-7731-4F6E-B288-42476BF680EC}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe FirewallRules: [{F4B9B381-7FBE-4925-A2A7-860C76BEB984}] => (Allow) C:\Users\JButler\AppData\Local\Temp\MPCOnline\MPCDownload.exe FirewallRules: [{1325C87E-98AC-4583-BB63-581C47327D5B}] => (Allow) C:\Users\JButler\AppData\Local\Temp\MPCOnline\MPCDownload.exe ==================== Restore Points ========================= 29-08-2016 00:25:17 Installed Sophos Virus Removal Tool. ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/29/2016 05:24:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Connect.Service.ContentService.exe, version: 20.1.49.0, time stamp: 0x54d43c57 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffbf969d1ed Faulting process id: 0x129c Faulting application start time: 0x01d2024c822fb9d6 Faulting application path: C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe Faulting module path: unknown Report Id: fe926d5d-7083-4d91-bde5-23bfc1df7b0c Faulting package full name: Faulting package-relative application ID: Error: (08/29/2016 05:24:37 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Connect.Service.ContentService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException at System.Data.SqlServerCe.SqlCeException.ToString() at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (08/29/2016 05:24:37 PM) (Source: Autodesk Content Service) (EventID: 0) (User: ) Description: UNHANDLED EXCEPTION. Process is terminating: True. EXCEPTION: System.NullReferenceException: Object reference not set to an instance of an object. at System.Data.SqlServerCe.SqlCeException.ToString() at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (08/29/2016 05:24:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Connect.Service.ContentService.exe, version: 20.1.49.0, time stamp: 0x54d43c57 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffbf96cd1ed Faulting process id: 0x10bc Faulting application start time: 0x01d2024c7afe5613 Faulting application path: C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe Faulting module path: unknown Report Id: e7e17648-4344-41e8-9785-a352fcbf38a0 Faulting package full name: Faulting package-relative application ID: Error: (08/29/2016 05:24:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Connect.Service.ContentService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException at System.Data.SqlServerCe.SqlCeException.ToString() at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (08/29/2016 05:24:25 PM) (Source: Autodesk Content Service) (EventID: 0) (User: ) Description: UNHANDLED EXCEPTION. Process is terminating: True. EXCEPTION: System.NullReferenceException: Object reference not set to an instance of an object. at System.Data.SqlServerCe.SqlCeException.ToString() at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (08/29/2016 05:24:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Connect.Service.ContentService.exe, version: 20.1.49.0, time stamp: 0x54d43c57 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffbf96cd1ed Faulting process id: 0x22bc Faulting application start time: 0x01d2024c73cdc589 Faulting application path: C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe Faulting module path: unknown Report Id: e805b5c8-e491-4c3b-9a4e-7a9535113e85 Faulting package full name: Faulting package-relative application ID: Error: (08/29/2016 05:24:13 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Connect.Service.ContentService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException at System.Data.SqlServerCe.SqlCeException.ToString() at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (08/29/2016 05:24:13 PM) (Source: Autodesk Content Service) (EventID: 0) (User: ) Description: UNHANDLED EXCEPTION. Process is terminating: True. EXCEPTION: System.NullReferenceException: Object reference not set to an instance of an object. at System.Data.SqlServerCe.SqlCeException.ToString() at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (08/29/2016 05:24:01 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Connect.Service.ContentService.exe, version: 20.1.49.0, time stamp: 0x54d43c57 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffbf96cd1ed Faulting process id: 0x2a18 Faulting application start time: 0x01d2024c6cb19aaf Faulting application path: C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe Faulting module path: unknown Report Id: e9ff1709-989a-4da3-880c-4897a7a7b391 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (08/29/2016 05:24:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5287 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:24:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5286 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:24:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5285 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:24:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5284 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:23:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5283 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:23:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5282 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:23:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5281 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:23:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5280 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:23:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5279 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (08/29/2016 05:22:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Autodesk Content Service service terminated unexpectedly. It has done this 5278 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-08-11 11:42:34.497 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-08-09 20:01:16.319 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-14 20:37:43.210 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-13 03:40:54.563 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-16 23:35:36.040 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-15 20:24:57.111 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-15 20:21:08.466 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-27 18:38:39.276 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-13 20:33:37.761 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-05-13 16:23:26.112 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD A6-3400M APU with Radeon(tm) HD Graphics Percentage of memory in use: 48% Total physical RAM: 5610.9 MB Available physical RAM: 2879.39 MB Total Virtual: 11242.9 MB Available Virtual: 7685.68 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:682.79 GB) (Free:419.54 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (RECOVERY) (Fixed) (Total:15.55 GB) (Free:1.64 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: A626DF5C) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=682.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=15.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ==================== End of Addition.txt ============================