Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2016 Ran by Rob (11-11-2016 19:24:14) Running from C:\Users\Rob\Desktop Windows 10 Home Version 1607 (X64) (2016-09-28 20:33:03) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1684632458-1961358919-2080834935-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1684632458-1961358919-2080834935-503 - Limited - Disabled) Guest (S-1-5-21-1684632458-1961358919-2080834935-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1684632458-1961358919-2080834935-1003 - Limited - Enabled) Rob (S-1-5-21-1684632458-1961358919-2080834935-1001 - Administrator - Enabled) => C:\Users\Rob ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Ad-Aware Antivirus (Enabled - Up to date) {B0CC18C6-E527-6EE6-874C-9D19920E5619} AS: Ad-Aware Antivirus (Enabled - Up to date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Ad-Aware Antivirus (HKLM\...\{36036827-FA38-4A74-8333-26BC4EEC9308}_AdAwareUpdater) (Version: 11.12.945.9202 - Lavasoft) AdAwareInstaller (Version: 11.12.945.9202 - Lavasoft) Hidden AdAwareUpdater (Version: 11.12.945.9202 - Lavasoft) Hidden Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.0 - Adobe Systems Incorporated) Amazon Kindle (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\Amazon Kindle) (Version: - Amazon) Amiga Forever (HKLM-x32\...\{A8DD8841-6A87-417E-8956-074D6C73FFDB}) (Version: 7.0.27 - Cloanto) Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) AnonymizerGadget (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\AnonymizerGadget) (Version: 1 - Jetico lim) <==== ATTENTION AntimalwareEngine (Version: 3.0.129.0 - Lavasoft) Hidden AntispamEngine (Version: 2.4.4263.0 - Lavasoft) Hidden AnySend (HKLM-x32\...\ASPackage) (Version: - CMI Limited) <==== ATTENTION Apple Application Support (32-bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) AvcEngine (Version: 3.11.12293.0 - Lavasoft) Hidden Azkend 2 - The World Beneath (HKLM-x32\...\40ecf680e58f7e68809dc6b25b41833e) (Version: - GameHouse) Azkend 2: The World Beneath (x32 Version: 2.2.0.98 - WildTangent) Hidden Barn Yarn Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden Bejeweled 2 (HKLM-x32\...\3ea28c6fb49f41721579cf714eb5b3e0) (Version: - GameHouse) BlueStacks App Player (HKLM-x32\...\{AA655366-D323-404D-AA9B-AD562CAE1DD0}) (Version: 2.2.21.6212 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation) Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.850 - Broadcom Corporation) Calculator (HKLM-x32\...\ST5UNST #1) (Version: - ) Chrome Remote Desktop Host (HKLM-x32\...\{D669DC52-B1A4-4933-878D-CB80F660D95D}) (Version: 55.0.2883.17 - Google Inc.) Ciao Bella (x32 Version: 2.2.0.95 - WildTangent) Hidden Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden Coyote The Outlander (x32 Version: 3.0.2.59 - WildTangent) Hidden CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.5017 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6121 - CyberLink Corp.) Cyberlink PhotoDirector (Version: 5.0.4.6121 - CyberLink Corp.) Hidden CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.4928 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.9.5103 - CyberLink Corp.) CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.2.1307 - CyberLink Corp.) CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.3.3812 - CyberLink Corp.) Hidden Delicious Special (HKLM-x32\...\b372b876c67f85537d30fd8f0b537313) (Version: - GameHouse) Delicious: Emily's Wonder Wedding Premium Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden Doomsday Engine 1.15.8 (HKLM-x32\...\Doomsday Engine_is1) (Version: - deng Team) Driver Detective (HKLM-x32\...\DriversHQ.DriverDetective.Client) (Version: 10.1.4.10 - PC Drivers HeadQuarters LP) Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.3.0 - Dropbox, Inc.) Entwined: The Perfect Murder (x32 Version: 3.0.2.59 - WildTangent) Hidden Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.) FirewallEngine (Version: 1.6.1.0 - Lavasoft) Hidden Foxit PhantomPDF (HKLM-x32\...\{4E32271C-B55A-4CDF-8DB7-88FD1C45927C}) (Version: 7.0.310.226 - Foxit Software Inc.) FS-UAE 2.6.2 (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\FS-UAE_is1) (Version: 2.6.2 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 1.3.5.0 - Google Inc.) Green Ranch (x32 Version: 3.0.2.59 - WildTangent) Hidden Haunted Legends: The Bronze Horseman (x32 Version: 1.1.0.23 - WildTangent) Hidden HeightCompare (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\52e3d899daf0bcd1) (Version: 1.0.0.0 - HeightCompare) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden Hidden Odyssey 2 in 1 Pack (x32 Version: 3.0.2.59 - WildTangent) Hidden Home Makeover (x32 Version: 3.0.2.59 - WildTangent) Hidden HP Documentation (HKLM-x32\...\{4BF17F05-B2DA-4266-8AEB-09BC9D008EAF}) (Version: 1.3.0.0 - Hewlett-Packard) HP ESU for Microsoft Windows 8.1 (HKLM-x32\...\{CF3BE446-3D26-49D3-B202-C9A13511DEEC}) (Version: 1.6.1 - Hewlett-Packard Company) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7960.5089 - Hewlett-Packard) HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.39 - Hewlett-Packard) HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 13.00.0000 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.5.32.37 - Hewlett-Packard Company) HPLJUT (x32 Version: 1.00.0012 - HP) Hidden hppcp1025LaserJetService (HKLM-x32\...\{F31BF057-0D5E-485E-ADFD-560314A27912}) (Version: 1.00.0000 - Hewlett-Packard) hppLaserJetService (x32 Version: 007.015.00635 - Hewlett-Packard) Hidden Imperial Island: Birth of an Empire (x32 Version: 3.0.2.59 - WildTangent) Hidden IMVU Avatar Chat Software (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\IMVU Avatar chat client software BETA) (Version: - ) Insane Cold: Back to the Ice Age (x32 Version: 3.0.2.59 - WildTangent) Hidden Inst5675 (Version: 8.01.39 - Softex Inc.) Hidden Inst5676 (Version: 8.01.39 - Softex Inc.) Hidden Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.27.1012 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation) Intel® Hardware Accelerated Execution Manager (HKLM\...\{30F3FF94-225B-4319-A13C-E307FFDA3CFB}) (Version: 6.0.1 - Intel Corporation) iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle) Java SE Development Kit 8 Update 91 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180910}) (Version: 8.0.910.15 - Oracle Corporation) Kodi (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\Kodi) (Version: - XBMC-Foundation) Last.fm Scrobbler 2.1.37 (HKLM-x32\...\LastFM_is1) (Version: - Last.fm) Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.) Lost Lands: Mahjong (HKLM\...\Steam App 435030) (Version: - FIVE-BN GAMES) Lost Souls: Timeless Fables Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden Magic Heroes: Save Our Park (x32 Version: 3.0.2.59 - WildTangent) Hidden Manor Memoirs Collector's Edition (x32 Version: 3.0.2.59 - WildTangent) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.43 - mIRC Co. Ltd.) Mozilla Firefox 45.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 en-US)) (Version: 45.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla) Mystery Expedition: Prisoners of Ice (x32 Version: 3.0.2.59 - WildTangent) Hidden Mysteryville (HKLM-x32\...\d7f55789942600b6d9427312fbe60993) (Version: - GameHouse) Nielsen (HKLM-x32\...\NetSight) (Version: - ) Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.) OnlineThreatsEngine (Version: 3.0.1.23 - Lavasoft) Hidden openElement 1.56 R4 (HKLM-x32\...\openElement 1.56 R4 1.56.4) (Version: 1.56.4 - BOOMBYTE Ltd) openElement 1.56 R4 (x32 Version: 1.56.4 - BOOMBYTE Ltd) Hidden OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation) Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation) Pantheon (HKLM-x32\...\Pantheon_is1) (Version: 1.0 - GameTop Pte. Ltd.) Plagiarii (x32 Version: 3.0.2.59 - WildTangent) Hidden Pluto TV version 0.1.5 (HKLM-x32\...\Pluto TV_is1) (Version: 0.1.5 - Pluto TV) Polar Bowler 1st Frame (x32 Version: 3.0.2.59 - WildTangent) Hidden Police Quest 1+2+3+4 (HKLM-x32\...\Police Quest 1+2+3+4_is1) (Version: - GOG.com) PySol Fan Club edition v.2.0 (HKLM-x32\...\PySol Fan Club edition_is1) (Version: - ) Python 3.5.0 (32-bit) (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\{4d5c3f26-744d-4e1e-8362-cdbe364e1a73}) (Version: 3.5.150.0 - Python Software Foundation) Python 3.5.0 Core Interpreter (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 Development Libraries (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 Documentation (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 Executables (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 Launcher (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 pip Bootstrap (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 Standard Library (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 Tcl/Tk Support (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 Test Suite (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden Python 3.5.0 Utility Scripts (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden RadioSure (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\RadioSure) (Version: - ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30176 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.) Revo Uninstaller Pro 3.1.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.7 - VS Revo Group, Ltd.) Rhapsody (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\8aa854a199af1b36) (Version: 6.17.22.0 - Rhapsody International Inc.) Royal Envoy Double Pack (x32 Version: 3.0.2.59 - WildTangent) Hidden Runefall (x32 Version: 3.0.2.126 - WildTangent) Hidden Rush Hour! Gas Station (x32 Version: 3.0.2.59 - WildTangent) Hidden Sky High Farm (x32 Version: 3.0.2.59 - WildTangent) Hidden Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype HoloLens Add-In (HKLM-x32\...\{38A3693F-1954-450F-8E42-C0E6F9C1AE94}) (Version: 1.0.0.0 - Microsoft Corporation) Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.) Software Director (HKLM-x32\...\Cloanto Software Director) (Version: 4.0.5.0 - Cloanto Corporation) Solitaire Mystery Four Seasons (x32 Version: 3.0.2.51 - WildTangent) Hidden SolSuite 2016 v16.6 (HKLM-x32\...\SolSuite_is1) (Version: 16.6 - TreeCardGames) Spiteful Bank v4 (HKLM-x32\...\{0E041AD8-7024-4D5E-95D9-EC0C1EEC4F93}) (Version: 4.0.0.0 - SpiteNET) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stella 4.6.6 (HKLM\...\Stella_is1) (Version: - The Stella Team) Super Bounce Out (HKLM-x32\...\b49ecfffc9e4b4c11b0de677a8628919) (Version: - GameHouse) Super What Word (HKLM-x32\...\Super What Word_is1) (Version: - GameFools) Sylenth1 Demo v2.20 (HKLM\...\Sylenth1Demo_is1) (Version: - ) System Net Update (HKLM-x32\...\System Net Update) (Version: 1.83 - Drain-P LLC) TextPad 7 (HKLM\...\{D5CA0106-90CE-4842-8194-A6D4A46FAA0E}) (Version: 7.5.1 - Helios) The Dreamatorium of Dr. Magnus 2 (x32 Version: 1.1.0.23 - WildTangent) Hidden ToolbarBrowser v2.4 (HKLM-x32\...\ToolbarBrowser_is1) (Version: 2.4 - ToolbarBrowser.com) Total Recorder 8.6 Professional Edition (HKLM-x32\...\TotalRecorder) (Version: - ) Total Uninstaller version 3.0.6.69 (HKLM-x32\...\{A32F00F2-F342-4B23-A74B-D83B881D980B}_is1) (Version: 3.0.6.69 - Total Uninstaller, Inc.) Trellian SEO Toolkit v3.0 (HKLM-x32\...\SEOToolkit30_is1) (Version: 3.0 - Trellian Limited) Trellian WebPage (HKLM-x32\...\{1D1F5791-2425-4D36-AA19-B0574750BC79}_is1) (Version: 4.0 - Trellian Limited) Trillian (HKLM-x32\...\Trillian) (Version: - Cerulean Studios, LLC) TRS32 Emulator 1.28 (HKLM-x32\...\TRS32 Emulator) (Version: 1.28 - Matthew Reed) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - ) Visual Pinball (HKLM-x32\...\{B36C4994-A563-4339-8754-CCCE51314A4C}) (Version: 0.0.4.1226 - Randy Davis) Web Companion (HKLM-x32\...\{a6e15830-ed91-40e6-a02b-88e0366fcb96}) (Version: 2.3.1441.2805 - Lavasoft) Web Page Maker V3.22 (HKLM-x32\...\Web Page Maker_is1) (Version: - Web Page Maker Software Company, Inc.) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App for HP (x32 Version: 4.0.11.14 - WildTangent) Hidden World of Tanks (HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812na}_is1) (Version: - Wargaming.net) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1684632458-1961358919-2080834935-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1684632458-1961358919-2080834935-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Rob\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1684632458-1961358919-2080834935-1001_Classes\CLSID\{8A791F0C-C63C-4EC5-B97F-FBCE74EDBC54}\InprocServer32 -> C:\Program Files\TextPad 7\System\ShellExt64.dll () CustomCLSID: HKU\S-1-5-21-1684632458-1961358919-2080834935-1001_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> C:\Program Files (x86)\UltraEdit\ue64ctmn.dll () ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0967C77F-8F28-42E5-91CF-23634C6208E5} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {0E3E79AD-E003-4AE7-9BF1-D774B3EEEC11} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-01-15] () Task: {16D6CD0B-32D2-4DDD-A8F8-1AA70CFB9D0D} - System32\Tasks\HPCeeScheduleForRob => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {18B0DF6C-EF9C-444A-8E65-755685312CBC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-12] (HP Inc.) Task: {26BB74C6-A53E-4D82-988E-02A76D0719D8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {307DECA2-9971-4BA5-8281-FB41354DD010} - System32\Tasks\Da5183273951832739 => C:\Program Files (x86)\kreutzer\discrepancy.exe Task: {319D4AEC-B58F-4C30-86D4-0F7123E509A6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-19] (Google Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {4C594750-9A15-4FB7-9A1E-50B5F97D436C} - System32\Tasks\Driver Detective => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe [2016-10-30] (PC Drivers Headquarters) Task: {4F91AF62-E9FE-4498-9346-008EEE6AAEFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.) Task: {5A3E4D64-E113-4DF2-85FC-7F0D9244D7E0} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.) Task: {653C79DC-4DCB-417C-A737-E686118751E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-19] (Google Inc.) Task: {6C3BAE86-7F1D-4DE8-B5F8-B7AE62F30A0B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-11-10] (Microsoft Corporation) Task: {71D8E771-D7C1-418D-BA02-B70EA76182E2} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe [2016-10-30] (PC Drivers Headquarters) Task: {940185E2-8C3E-4987-B715-2628A49B8C54} - System32\Tasks\HPCeeScheduleForMYPC$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard) Task: {A3BF0879-73F4-438B-9403-B011A48ECB81} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.) Task: {AA05ADE3-DD36-497B-AF19-E2A13423FAF1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {B4CD2E45-EAB0-4715-AEEF-383DCDF1CFFF} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-01-30] (Hewlett-Packard) Task: {B9C41B8A-1873-451F-80C5-352AC755BA5F} - System32\Tasks\Driver Detective-RTMScanRunOnce => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe [2016-10-30] (PC Drivers Headquarters) Task: {BF668717-881F-43F9-9BA8-1426E234F47D} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe [2016-10-30] (PC Drivers Headquarters) Task: {C9EB54CF-56B1-4197-9065-3F2C32E8BA4B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.) Task: {E3C340AD-7FE9-4098-B1CF-C19A6418DD2C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {E6BFD5F8-5130-4A41-B0E6-C04D3D38A0D7} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-01-30] (Hewlett-Packard) Task: {E8E7A2BB-E1F2-4D46-9E21-BDD4783EBD0B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard) Task: {F06B2752-3D85-422E-BCF0-BB7F0023F1D9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {F2807209-9DFE-4DE5-B1DA-114998619BAA} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files (x86)\Driver Detective\DriversHQ.DriverDetective.Client.exe [2016-10-30] (PC Drivers Headquarters) Task: {F6098861-883E-42BC-8A4F-BB90C440013E} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-01-30] (Hewlett-Packard) Task: {F8ED9014-AB81-4AD7-B4AB-958F2FFA7FF8} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2010-09-22] (Hewlett Packard) Task: {FABBD035-0EFB-4969-BFA7-F218497B125B} - System32\Tasks\51832739 => C:\Program Files (x86)\kreutzer\discrepancy.exe <==== ATTENTION Task: {FDE3DB9E-E1D6-4A62-95EB-62389D40677C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForMYPC$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForRob.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Rob\Desktop\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Rob\Desktop\Tor Browser\Browser\firefox.bat () Shortcut: C:\Users\Rob\Desktop\Tor Browser\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Rob\Desktop\Tor Browser\Browser\firefox.bat () Shortcut: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Stаrt Тоr Вrоwsеr.lnk -> C:\Users\Rob\Desktop\Tor Browser\Browser\firefox.bat () Shortcut: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat (No File) Shortcut: C:\Users\Rob\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () Shortcut: C:\Users\Rob\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () Shortcut: C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () Shortcut: C:\Users\Public\Desktop\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat () ShortcutWithArgument: C:\Users\Rob\Desktop\Сhrоmе Аpp Lаunсhеr.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --show-app-list <===== Cyrillic ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Сhrоmе Аpp Lаunсhеr.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --show-app-list <===== Cyrillic ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\0h n0.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=mmlppcigaeejjlibnlkfhahnknjaoglj ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Dеnki Вlосks!.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=ehngjfcoagpidhngidmiiomeakpampjh ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\DОSВох fоr Gооglе Сhrоmе™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=jhceknlmaggijlkkcemdaghpniimajhd ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Frоggеr Ехtrеmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=kcbfchakcghafgdgbogdfhhgiigpafdh ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\GPеmu.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=jhficiigpnhhaojldmanflihieepanbb ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gооglе Наngоuts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Link Аll.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=bbplhdcnpcenkdciibplnkgmiffjfnni ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\LINЕ.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=menkifleemblimdogmoihpfopnplikde ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\MiniGolf.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=khmkobbejnolddfcjhhleemiblgfmnij ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Rеditr - Тhе Веst Rеddit Сliеnt.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=pmfcbbijgnhoebddbjpmlikabnbnddgb ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Rоаd Вlосks.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=ldcpoimjjikjcphnnlphcajepbfbdmeo ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sоlitаirе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=blpebaehgfgkcmmjjknibibbjacnplim ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Until АМ fоr Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=mjafmkicbmhcbapadecadciafbkecofl ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Васk tо Саndylаnd.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=cchmgbohodfaoncmlmnmgjcgnjohilcl ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Воwling Моb (Pоwеrеd by WеbGL).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=gfdnfbiobcmibdabigdegfopheglfnal ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Вооktrасk Studiо.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=kidknbkmfcapkiepmhchinffchkjglog ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Маrblеоus.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=jbcgphppffkahpoiobhfdjfpbapbjblh ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Наppy Fridаy!.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=lagckjdgadpknikjoegcibbollkafpid ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Сhrоmе Rеmоtе Dеsktоp.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Сrаsh Кing.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=ahbpokpfohopgmmdcgmgbhffofmepgoi ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Сut thе Rоpе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --profile-directory=Default --app-id=jfbadlndcminbkfojhlimnkgaackjmdo ShortcutWithArgument: C:\Users\Rob\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Сhrоmе Аpp Lаunсhеr.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat () -> --show-app-list <===== Cyrillic ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 03:42 - 2016-07-16 03:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-11-08 14:51 - 2016-09-15 09:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-05-16 13:45 - 2012-11-27 18:18 - 00129024 _____ () C:\WINDOWS\System32\HPCP1020LM.DLL 2016-08-22 14:53 - 2016-08-22 14:53 - 00017168 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe 2016-08-22 14:53 - 2016-08-22 14:53 - 00008976 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.Service.Logger.dll 2016-08-22 14:53 - 2016-08-22 14:53 - 00028944 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WcfService.dll 2016-07-18 19:22 - 2016-07-18 19:22 - 00732056 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareService.exe 2016-07-18 19:27 - 2016-07-18 19:27 - 00030464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_system-vc140-mt-1_61.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00146184 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_filesystem-vc140-mt-1_61.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00068872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_date_time-vc140-mt-1_61.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 11625208 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareServiceKernel.dll 2016-07-18 19:27 - 2016-07-18 19:27 - 00124672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_thread-vc140-mt-1_61.dll 2016-07-18 19:27 - 2016-07-18 19:27 - 01005824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_regex-vc140-mt-1_61.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 03420880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\RCF.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00040192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_chrono-vc140-mt-1_61.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00986864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareActivation.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00623360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareApplicationUpdater.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00837872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareGamingMode.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00111336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareReset.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00134368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTime.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01049856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareDefinitionsUpdater.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00901392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareDefinitionsUpdaterScheduler.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01104624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareIgnoreList.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00268016 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareQuarantine.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01630464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAntiMalwareEngine.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00226048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAntiRootkitEngine.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01179384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareScannerHistory.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01377512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareScanner.dll 2016-07-18 19:27 - 2016-07-18 19:27 - 00039680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_timer-vc140-mt-1_61.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01025784 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareScannerScheduler.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01205504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareRealTimeProtection.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 02663672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareIncompatibles.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01520872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAntiSpam.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01457904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAntiPhishing.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 03464440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareParentalControl.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 03124472 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareWebProtection.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01327864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareEmailProtection.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00073480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_iostreams-vc140-mt-1_61.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01905408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareNetworkProtection.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01031912 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwarePromo.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00467688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareFeedback.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 03159808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareThreatWorkAlliance.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01313512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwarePinCode.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01033960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareNotice.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01597680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareAvcEngine.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 01170704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareRealTimeProtectionHistory.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00535280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareStatistics.dll 2016-10-18 08:06 - 2016-02-16 15:52 - 00156936 _____ () C:\WINDOWS\SYSTEM32\bdfwcore.dll 2016-11-07 11:48 - 2016-11-07 11:48 - 01006336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\definitions\loc1\ashttpbr.mdl 2016-11-07 11:48 - 2016-11-07 11:48 - 00541952 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\definitions\loc1\ashttpdsp.mdl 2016-11-07 11:48 - 2016-11-07 11:48 - 03035488 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\definitions\loc1\ashttpph.mdl 2016-11-07 11:48 - 2016-11-07 11:48 - 01541440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Online Threats Engine\3.0.1.23\definitions\loc1\ashttprbl.mdl 2016-11-08 14:51 - 2016-09-15 09:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-09-08 06:34 - 2016-10-30 02:32 - 00373888 _____ () C:\Program Files (x86)\Driver Detective\Agent.Common.XmlSerializers.dll 2016-09-08 06:37 - 2016-10-30 02:31 - 00817280 _____ () C:\Program Files (x86)\Driver Detective\ThemePack.Default.dll 2016-09-08 06:34 - 2016-10-30 02:32 - 00496768 _____ () C:\Program Files (x86)\Driver Detective\Agent.Communication.XmlSerializers.dll 2016-09-08 06:37 - 2016-09-08 06:37 - 00078976 _____ () C:\Program Files (x86)\Driver Detective\RuleEngine.XmlSerializers.dll 2016-11-08 14:51 - 2016-09-15 09:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-09-28 12:38 - 2016-09-28 12:38 - 01864384 _____ () C:\Users\Rob\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 04123896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareShellExtension.dll 2015-11-08 17:46 - 2011-07-12 16:10 - 00115200 _____ () C:\Program Files (x86)\UltraEdit\ue64ctmn.dll 2015-05-22 08:12 - 2015-05-22 08:12 - 00115232 _____ () C:\Program Files\TextPad 7\System\ShellExt64.dll 2016-09-28 12:51 - 2016-09-28 12:51 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-11-08 14:52 - 2016-10-05 01:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2015-01-30 18:09 - 2015-01-30 18:09 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 2015-01-30 18:07 - 2015-01-30 18:07 - 02169344 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll 2015-01-30 18:05 - 2015-01-30 18:05 - 00035840 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll 2015-01-30 18:05 - 2015-01-30 18:05 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll 2016-11-08 14:53 - 2016-10-14 19:41 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-11-08 14:53 - 2016-10-14 19:34 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-11-08 14:53 - 2016-10-14 19:34 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-11-08 14:53 - 2016-10-14 19:34 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-11-08 14:53 - 2016-10-14 19:34 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-11-08 14:53 - 2016-10-14 19:38 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-11-07 16:56 - 2016-11-07 16:56 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2016-11-07 16:56 - 2016-11-07 16:56 - 00178688 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2016-11-07 16:56 - 2016-11-07 16:56 - 41608704 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.9.251.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2015-03-06 16:07 - 2015-03-06 16:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-11-20 13:41 - 2015-11-20 13:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-06 16:07 - 2015-03-06 16:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-11-20 13:41 - 2015-11-20 13:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 09571552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTray.exe 2016-07-18 19:26 - 2016-07-18 19:26 - 00539392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\boost_locale-vc140-mt-1_61.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 02485992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\HtmlFramework.dll 2016-07-18 19:26 - 2016-07-18 19:26 - 00871672 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.12.945.9202\AdAwareTrayDefaultSkin.dll 2016-10-30 02:02 - 2016-10-30 02:02 - 00036885 _____ () C:\Program Files (x86)\akiyama\mortise.exe 2016-10-30 02:33 - 2016-10-20 00:56 - 02367080 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll 2016-10-30 02:33 - 2016-10-20 00:56 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll 2016-10-30 02:24 - 2016-10-30 02:24 - 00019976 _____ () C:\Program Files (x86)\AnonymizerGadget\proxycheck.exe 2016-08-24 12:47 - 2016-08-24 12:47 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe 2016-11-08 11:28 - 2016-11-08 11:28 - 31067840 _____ () C:\Users\Rob\AppData\Local\Google\Chrome\User Data\PepperFlash\23.0.0.207\pepflashplayer.dll 2016-09-28 12:38 - 2016-09-28 12:38 - 01383616 _____ () C:\Users\Rob\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\ClientTelemetry.dll 2016-09-28 12:39 - 2016-09-28 12:39 - 00118976 _____ () C:\Users\Rob\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileSyncViews.dll 2016-08-29 12:30 - 2016-08-11 09:34 - 00800912 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\communication.dll 2016-03-16 17:58 - 2016-08-11 09:37 - 00800400 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\nsmmc.dll 2016-03-22 06:20 - 2016-09-07 19:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-03-22 06:20 - 2016-08-31 17:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-03-22 06:20 - 2016-10-12 17:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll 2016-03-22 06:20 - 2016-01-26 23:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-03-22 06:20 - 2016-01-26 23:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-03-22 06:20 - 2016-01-26 23:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-03-22 06:20 - 2016-01-26 23:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-03-22 06:20 - 2016-01-26 23:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-03-22 06:20 - 2016-08-31 17:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-03-22 06:20 - 2016-08-31 17:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-03-22 06:20 - 2016-10-12 17:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-22 06:20 - 2016-07-04 14:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-04-26 14:40 - 2016-09-11 11:10 - 03306496 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll 2016-08-29 12:30 - 2016-08-11 09:34 - 00191632 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\npsp1.dll 2016-08-29 12:30 - 2016-08-11 09:34 - 00260752 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\npwmi.dll 2016-10-15 07:27 - 2016-08-04 12:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll 2016-10-30 02:24 - 2016-10-30 02:24 - 00248840 _____ () C:\Program Files (x86)\AnonymizerGadget\AnonymizerGadget.dll 2016-10-30 02:24 - 2016-10-30 02:24 - 01990144 _____ () C:\Program Files (x86)\AnonymizerGadget\libGLESv2.dll 2016-10-30 02:24 - 2016-11-03 03:12 - 00734728 _____ () C:\Program Files (x86)\AnonymizerGadget\qtwebkit-avc-plugin.dll 2016-10-30 02:23 - 2016-10-30 02:23 - 00011264 _____ () C:\Program Files (x86)\AnonymizerGadget\libEGL.DLL 2016-10-30 02:24 - 2016-10-30 02:24 - 17565848 _____ () C:\Program Files (x86)\AnonymizerGadget\pepflashplayer.dll 2016-07-27 09:30 - 2016-07-27 09:30 - 52044288 _____ () C:\Program Files (x86)\SysUpdP\libcef.dll 2016-07-27 09:30 - 2016-07-27 09:30 - 01734656 _____ () C:\Program Files (x86)\SysUpdP\libglesv2.dll 2016-07-27 09:30 - 2016-07-27 09:30 - 00080384 _____ () C:\Program Files (x86)\SysUpdP\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\LavasoftAdAwareService11 => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LavasoftAdAwareService11 => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\driversupport.com -> hxxp://apps.driversupport.com IE trusted site: HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\driversupport.com -> hxxps://apps.driversupport.com IE trusted site: HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 05:25 - 2016-10-30 02:24 - 00001129 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 162.222.194.13 cocomo.tremorhub.com 162.222.194.13 www.virustotal.com 162.222.194.13 virustotal.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rob\Documents\2311-HOME-GALLERY-SAN-FRANCISCO-HEADSHOTS.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: BcmBtRSupport => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: GamesAppIntegrationService => 2 MSCONFIG\Services: GamesAppService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HP LaserJet Service => 2 MSCONFIG\Services: hpqwmiex => 3 MSCONFIG\Services: HPSIService => 2 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: igfxCUIService2.0.0.0 => 2 MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: LogiRegistryService => 2 MSCONFIG\Services: omniserv => 2 MSCONFIG\Services: RichVideo64 => 2 MSCONFIG\Services: RtkAudioService => 2 MSCONFIG\Services: rtop => 2 MSCONFIG\Services: SysMain => 2 HKLM\...\StartupApproved\StartupFolder: => "PlutoTV.lnk" HKLM\...\StartupApproved\Run: => "rocard" HKLM\...\StartupApproved\Run32: => "rainman" HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\StartupApproved\StartupFolder: => "immobilized.lnk" HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\StartupApproved\Run: => "twinkled" HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\StartupApproved\Run: => "orlean" HKU\S-1-5-21-1684632458-1961358919-2080834935-1001\...\StartupApproved\Run: => "estevez" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{FBC2BAF8-E426-4658-8B6A-B6F64F71360B}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{989CA85B-EB31-4036-AA24-AC717E06C3D0}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [{FFFA0D66-211E-4C8A-9A30-360B3132905D}] => (Allow) C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe FirewallRules: [UDP Query User{0B11165E-5ABE-4906-9FF0-563D71502F41}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [TCP Query User{7819F223-2AA7-4ACD-85CD-AE6A1F894382}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe FirewallRules: [{3B0AA6E4-3545-491B-B9B9-CA53FBF43C31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe FirewallRules: [{9AE01EFD-DF64-473C-8B3A-F8318B281777}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe FirewallRules: [UDP Query User{F8D6F787-CE46-4CD8-95C2-F9693D0A64E3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{5E81E900-E6FA-4AE0-B4E1-51FDFFDDF34B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{FD00D26C-AA11-494E-8243-201BFD5FFD17}C:\program files (x86)\doomsday\bin\doomsday.exe] => (Allow) C:\program files (x86)\doomsday\bin\doomsday.exe FirewallRules: [TCP Query User{2592C6A4-843A-499B-802F-144B3D1C1E31}C:\program files (x86)\doomsday\bin\doomsday.exe] => (Allow) C:\program files (x86)\doomsday\bin\doomsday.exe FirewallRules: [UDP Query User{53DDE8E5-6C52-4674-82AC-45B8814C953D}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{BF8A3A2A-8D7A-4B09-A2C8-A454082BEC7C}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [{A2C4F3EE-B726-48CB-BBA2-DCA8C665F6B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{03BDCAAB-C796-41BA-8271-D2F49F90F103}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0FA9BE46-0AB6-43EA-927F-6B3EDE91F511}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lost Lands Mahjong\Mahjong.exe FirewallRules: [{11A8B523-A3CA-441E-BCDB-2B348B58044E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Lost Lands Mahjong\Mahjong.exe FirewallRules: [{596C8B44-4A6A-4F73-9DF0-CD73E64F4B6C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{600C0852-366A-4E44-9BBA-066242B3409A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{94514804-5183-4361-9136-A9EC14AE43CD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{A2E2FC6F-2648-4820-A3AE-2FF8C271E446}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{025DD481-C8CB-47EC-B8ED-28BB22689A0D}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe FirewallRules: [{B0F581E2-2B2B-4F0C-8AC3-F36384510EDF}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe FirewallRules: [{7F7ADAB9-75AB-4000-AF71-F1E03C4BE898}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C273F9A9-B5FA-415A-9F8F-209EE3D7B670}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{0B7819E5-CEAA-4B69-AB8F-57281B95C848}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{76DBEE1B-E268-4DBF-B940-5C2E1657B501}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{E2BB8B44-F8B2-4DB1-87AE-59C8D823F4E0}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{E290F5A1-7035-4190-A16B-41E5B062B14F}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{4CE4E1A7-5362-4E71-BF67-04560A0FCDD5}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{8351E0A6-FC44-4590-A983-2A7A06F1B299}] => (Allow) c:\Program Files\CyberLink\PowerDirector12\PDR10.EXE FirewallRules: [{0EB2101E-7768-4B33-AE99-530FC1FC0A64}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B6B92AAE-AEA2-4811-9328-36E2C41363B7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{8FB1783C-DD11-4CFB-B9E5-FA12B21CD2A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{43023718-12E4-4B91-A595-4A7A2EADD070}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{B953F97E-C6D2-4900-9399-C51E0223642D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{460C3894-8833-4BC5-AFAF-6D402AC36579}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{16ED655F-B852-4342-B275-8EC81C2D9921}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{05DF3484-8497-4A8D-9F1D-D5DDE8C93CC0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FA4BBFB1-C948-4B74-9BB7-DC4B0BFEAA14}] => (Allow) C:\Users\Rob\AppData\Roaming\Vuze Leap\VuzeLeap.exe FirewallRules: [{C4444AC8-4DE2-422E-B979-EBE2239126AF}] => (Allow) C:\Users\Rob\AppData\Roaming\Vuze Leap\VuzeLeap.exe FirewallRules: [{DEE2790F-246B-4C90-A63F-2D21F36F71E5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe FirewallRules: [{BAD54070-4C60-4AE5-8106-4BDB5751C6F8}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8EE6647E-4FEB-4C9F-8EBB-A54D96DFBB27}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{72A5E2C6-CC45-4204-9EAF-ACC0BF0AE52E}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{9D3889A7-5AFD-43BF-9C89-07D9F7513F14}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2609C058-8ADA-4448-AF29-A918B8B60942}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{60326245-BBAD-4D40-91C7-F5FB28767D8F}] => (Allow) C:\Users\Rob\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B751FF08-E669-42A7-99D5-3AD5199BB571}] => (Allow) C:\Users\Rob\AppData\Local\Temp\7zS741A\hppiw.exe FirewallRules: [{EF43E448-3609-4045-82C0-C380A17CAE58}] => (Allow) C:\Users\Rob\AppData\Local\Temp\7zS741A\hppiw.exe FirewallRules: [{C729922A-EF00-423E-81E4-9C273107A7E0}] => (Allow) C:\Users\Rob\AppData\Local\Temp\7zS00CE\hppiw.exe FirewallRules: [{7FA4756C-562D-475F-AE98-80BF788E80D8}] => (Allow) C:\Users\Rob\AppData\Local\Temp\7zS00CE\hppiw.exe FirewallRules: [TCP Query User{E0CECCBD-8495-46D7-A96D-859EF7228AC6}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{E8BCD46A-1B41-4CDB-896B-C882B0060A0F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{EA077435-2680-46B2-8F3E-054D93EB1089}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [UDP Query User{20B27BA6-14A7-478C-B12E-F3A79E45D88D}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [{C687B607-E726-4A35-83F2-35993AC1C47D}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe FirewallRules: [{01C1E90D-C59F-4F89-AE03-78AE45FE36C2}] => (Allow) C:\Program Files (x86)\openElement\openElement 1.56 R4\openElement.exe FirewallRules: [{37A1FC94-288C-4ED3-B88C-A7101416F0B0}] => (Allow) C:\Program Files (x86)\openElement\openElement 1.56 R4\SyncFTP.exe FirewallRules: [{A43D0DF2-B967-4C0C-8131-191EC3981C70}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜獹灵灤卜獹灕偤攮數 FirewallRules: [{23654DA5-5427-42DC-A305-AA6B406783DF}] => (Allow) 㩃停潲牧浡䘠汩獥⠠㡸⤶獜獹灵灤卜獹灕偤⹟硥e FirewallRules: [{C946FC76-4F8D-40FE-8232-602C2968A556}] => (Allow) C:\Users\Rob\AppData\Local\Temp\C2A79789-9177-4629-B31F-73761392760B\installer.exe FirewallRules: [{09E09B18-4EC9-4B3A-A97A-3E01C4219CDC}] => (Allow) C:\Users\Rob\AppData\Local\86022414.exe FirewallRules: [{8C9E5D98-5EBC-4358-95C1-34714493D747}] => (Allow) C:\Program Files (x86)\kreutzer\discrepancy.exe FirewallRules: [{6A2E29A2-18D4-40F0-A897-A4E8D3245790}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{3A278044-6FBB-4B3B-A773-0B7D34D06DD6}C:\users\rob\appdata\local\temp\7zoc47e.tmp\machinecoin-qt.exe] => (Allow) C:\users\rob\appdata\local\temp\7zoc47e.tmp\machinecoin-qt.exe FirewallRules: [UDP Query User{05370C1D-E026-4AE5-BA1F-9134997FEC04}C:\users\rob\appdata\local\temp\7zoc47e.tmp\machinecoin-qt.exe] => (Allow) C:\users\rob\appdata\local\temp\7zoc47e.tmp\machinecoin-qt.exe ==================== Restore Points ========================= 14-10-2016 13:30:05 Scheduled Checkpoint 18-10-2016 08:01:09 AA11 09-11-2016 19:07:14 Windows Update ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/11/2016 07:22:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP.exe, version: 12.0.0.1, time stamp: 0x5813776b Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x1bc4 Faulting application start time: 0x01d23c93150e373b Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: d3de2fd6-bfc7-4995-904d-135c9cee347c Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 07:22:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP_.exe, version: 12.0.0.1, time stamp: 0x58137797 Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x1c7c Faulting application start time: 0x01d23c93151b130e Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP_.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: ce0f23e2-2cdc-4192-9278-1be63c5f6e12 Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 07:15:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP.exe, version: 12.0.0.1, time stamp: 0x5813776b Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x3848 Faulting application start time: 0x01d23c920facb61a Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: f9bd8df4-b1b1-4955-8927-0daa4ed725bc Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 07:15:49 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP_.exe, version: 12.0.0.1, time stamp: 0x58137797 Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x374 Faulting application start time: 0x01d23c920fa0a245 Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP_.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: 06e4de75-5518-4e31-a4bf-03a35e31ca6a Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 07:08:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP_.exe, version: 12.0.0.1, time stamp: 0x58137797 Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x2148 Faulting application start time: 0x01d23c90fb4791db Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP_.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: 9e280d4e-d4f9-4157-a6cb-e5e4aa12d039 Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 07:00:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP_.exe, version: 12.0.0.1, time stamp: 0x58137797 Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x1004 Faulting application start time: 0x01d23c9023af9db9 Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP_.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: 0e596648-8dad-42e0-b82b-e991bd4993df Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 06:54:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP_.exe, version: 12.0.0.1, time stamp: 0x58137797 Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x16e0 Faulting application start time: 0x01d23c8f4efdcc3f Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP_.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: d5547a4a-d54d-46d1-b81b-2f14a834d38e Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 06:50:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP.exe, version: 12.0.0.1, time stamp: 0x5813776b Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x888 Faulting application start time: 0x01d23c8e85d75779 Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: 5dc8df75-4abf-4abd-ab3b-65dde0235109 Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 06:43:11 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP.exe, version: 12.0.0.1, time stamp: 0x5813776b Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x39bc Faulting application start time: 0x01d23c8e516c1429 Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: b4032d26-2ddc-4851-9e22-b7e6e0dd75ff Faulting package full name: Faulting package-relative application ID: Error: (11/11/2016 06:41:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SysUpdP.exe, version: 12.0.0.1, time stamp: 0x5813776b Faulting module name: libcef.dll, version: 3.2704.1434.0, time stamp: 0x5798eeba Exception code: 0x80000003 Fault offset: 0x00087bd1 Faulting process id: 0x3454 Faulting application start time: 0x01d23c8d4be35ace Faulting application path: C:\Program Files (x86)\SysUpdP\SysUpdP.exe Faulting module path: C:\Program Files (x86)\SysUpdP\libcef.dll Report Id: 74806ce5-b3d3-48bd-9385-f98a36084642 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (11/11/2016 06:53:00 PM) (Source: DCOM) (EventID: 10010) (User: MYPC) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (11/11/2016 06:51:00 PM) (Source: DCOM) (EventID: 10010) (User: MYPC) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (11/11/2016 06:28:05 PM) (Source: DCOM) (EventID: 10010) (User: MYPC) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (11/11/2016 06:23:33 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (11/11/2016 06:22:38 PM) (Source: DCOM) (EventID: 10010) (User: MYPC) Description: The server {21F282D1-A881-49E1-9A3A-26E44E39B86C} did not register with DCOM within the required timeout. Error: (11/11/2016 06:20:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/11/2016 06:20:38 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/11/2016 06:20:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (11/11/2016 06:19:28 PM) (Source: IntelHaxm) (EventID: 10) (User: ) Description: HAXM can't work on system with VT disabled Error: (11/11/2016 06:19:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The BstHdDrv service failed to start due to the following error: The system cannot find the file specified. CodeIntegrity: =================================== Date: 2016-11-11 18:30:27.944 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-11-11 18:30:27.854 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-11-11 18:29:53.248 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-10-30 10:11:35.337 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-10-30 10:11:35.323 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-10-30 10:11:03.433 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-10-30 03:31:37.401 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-10-30 03:31:37.307 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-10-30 03:30:37.472 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. Date: 2016-10-30 03:30:36.917 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\NetRatingsNetSight\NetSight\meter4\n64hooks.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz Percentage of memory in use: 64% Total physical RAM: 8095.91 MB Available physical RAM: 2911.24 MB Total Virtual: 12095.91 MB Available Virtual: 5306.63 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:659.77 GB) (Free:298.71 GB) NTFS Drive d: (Recovery Image) (Fixed) (Total:18.31 GB) (Free:2.29 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: (VIPRE) (Removable) (Total:0.12 GB) (Free:0.06 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 3C83ECCD) Partition: GPT. ======================================================== Disk: 1 (Size: 123.6 MB) (Disk ID: 500A0DFF) No partition Table on disk 1. ==================== End of Addition.txt ============================