Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-01-2017 Ran by Larry (10-01-2017 10:18:20) Running from C:\Users\Larry\Desktop Windows 10 Pro Insider Preview Version 1607 (X64) (2016-12-13 12:48:09) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3336670907-1719923216-113533501-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3336670907-1719923216-113533501-503 - Limited - Disabled) Guest (S-1-5-21-3336670907-1719923216-113533501-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3336670907-1719923216-113533501-1005 - Limited - Enabled) lacos (S-1-5-21-3336670907-1719923216-113533501-1004 - Limited - Disabled) Larry (S-1-5-21-3336670907-1719923216-113533501-1001 - Administrator - Enabled) => C:\Users\Larry ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) 8GadgetPack (HKLM-x32\...\{F7EF899D-0339-4279-8FB1-96801D829A3F}) (Version: 8.0.1 - Helmut Buhler) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20053 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated) Advanced Uninstaller PRO - Version 12 (HKLM-x32\...\AU11_is1) (Version: 12.15.0.70 - Innovative Solutions) AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.9.2.8 - Alienware) Alienware Command Center (HKLM-x32\...\InstallShield_{3B0BFF91-F5EE-4EE3-84B9-5822AF012632}) (Version: 4.0.51.0 - Dell Inc.) Alienware Command Center (Version: 4.0.51.0 - Dell Inc.) Hidden Alienware Digital Delivery (HKLM-x32\...\{693A23FB-F28B-4F7A-A720-4C1263F97F43}) (Version: 3.1.1002.0 - Dell Products, LP) Amazon Kindle (HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon) Ansel (Version: 376.33 - NVIDIA Corporation) Hidden AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.0 - SlySoft) Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Assessments on Client (x32 Version: 10.1.10586.0 - Microsoft) Hidden Bing Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.478.0 - Microsoft Corporation) CloneBD (HKLM-x32\...\CloneBD) (Version: 1.0.7.3 - Elaborate Bytes) CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.3 - Elaborate Bytes) CloneDVDmobile (HKLM-x32\...\CloneDVDmobile) (Version: 1.9.2.0 - SlySoft) CyberLink LabelPrint 2.5 (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0.10521 - CyberLink Corp.) CyberLink Media Suite 12 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12.0 - CyberLink Corp.) CyberLink PhotoDirector 5 (Version: 5.0.5424.0 - CyberLink Corp.) Hidden CyberLink PhotoDirector 8 (HKLM-x32\...\{80986AB6-3CB0-49db-AB48-1600844D6374}) (Version: 8.0.2303.4 - CyberLink Corp.) CyberLink Power2Go 10 Content Pack (HKLM-x32\...\InstallShield_{2BC3A01D-06C3-410B-9B0E-110F0E75C0A3}) (Version: 10.0.1104.0 - CyberLink Corp.) CyberLink Power2Go 11 (HKLM-x32\...\{7A3F32E0-D8E1-40C1-8E1B-1F5693F2ADE0}) (Version: 11.0.1013.0 - CyberLink Corp.) CyberLink Power2Go 11 Content Pack (HKLM-x32\...\{DE5573D6-AFCC-4484-AA03-67C41D1124DC}) (Version: 11.0.0920.0 - CyberLink Corp.) CyberLink PowerDirector 12 (Version: 12.0.4210.0 - CyberLink Corp.) Hidden CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.3305.58 - CyberLink Corp.) CyberLink PowerDVD 16 (HKLM-x32\...\{7CD1ACC0-3DD0-4894-90C7-BF2A136C074D}) (Version: 16.0.2406.60 - CyberLink Corp.) CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 2.0.8205.0 - CyberLink Corp.) Dell Data Vault (Version: 4.3.4.0 - Dell Inc.) Hidden Dell Display Manager (HKLM-x32\...\{AC50C05D-9D57-40F5-B2EF-AC402F14312B}_is1) (Version: - EnTech Taiwan) Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.10 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.1.0.47 - Dell) Dell System Detect (HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\58d94f3ce2c27db0) (Version: 7.9.0.10 - Dell) Deluge 1.3.13 (HKLM-x32\...\Deluge) (Version: - ) DivX Setup (HKLM\...\DivX Setup) (Version: 3.0.0.125 - DivX, LLC) doPDF (Version: 8.8.946 - Softland) Hidden doPDF 8 (HKLM-x32\...\{3aba8e0f-add2-4184-a828-80ee3352c738}) (Version: 8.8.946 - Softland) Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 0.9.0 - Dropbox, Inc.) DVD-Cloner V12.30 Build 1404 (HKLM-x32\...\DVD-Cloner Gold_is1) (Version: 12.30.0.1404 - OpenCloner Inc.) EasyBCD 2.3 (HKLM-x32\...\EasyBCD) (Version: 2.3 - NeoSmart Technologies) e-Sword (HKLM-x32\...\{047B84FB-D809-485C-BFB0-9F9EF7DE6F5B}) (Version: 11.00.0006 - Rick Meyers) e-Sword (HKLM-x32\...\{0BF38804-B6AE-4C32-9564-B0C0E7188D62}) (Version: 11.00.0006 - Rick Meyers) Free NFO Viewer (HKLM-x32\...\{62DBB49B-1937-47AB-90B9-F564965BAC91}) (Version: 1.0.0 - Media Freeware) Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation) Glary Utilities PRO 5.67 (HKLM-x32\...\Glary Utilities 5) (Version: 5.67.0.88 - Glarysoft Ltd) Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HP Officejet 6700 Basic Device Software (HKLM\...\{A1CFA587-90D4-4DE6-B200-68CC0F92252F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Officejet 6700 Help (HKLM-x32\...\{E1AE0CB7-1333-4728-8520-CB3F88A252B4}) (Version: 140.0.2.2 - Hewlett Packard) HP Officejet 6700 Product Improvement Study (HKLM\...\{988D55BB-08DE-43C9-8D16-3751361E2A79}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Imaging And Configuration Designer (x32 Version: 10.1.10586.0 - Microsoft) Hidden Imaging Tools Support (x32 Version: 10.1.10586.0 - Microsoft) Hidden Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation) Intel(R) Wireless Bluetooth(R)(patch version 17.0.1427.2) (HKLM\...\{302600C1-6BDF-4FD1-1406-148929CC1385}) (Version: 17.1.1406.0472 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{694000a5-c594-49d2-b6e4-ef3960120b0f}) (Version: 17.1.0 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation) Kits Configuration Installer (x32 Version: 10.1.10586.0 - Microsoft) Hidden Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech) Malware Hunter 1.27.0.44 (HKLM-x32\...\Malware Hunter) (Version: 1.27.0.44 - Glarysoft Ltd) Message+ (HKLM-x32\...\{c828830f-53d4-4a2f-ad5a-0b86574bce11}) (Version: 1.0.17.0 - Verizon) Message+ (x32 Version: 1.0.17.0 - Verizon) Hidden Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 50.1.0 (x64 en-US) (HKLM\...\Mozilla Firefox 50.1.0 (x64 en-US)) (Version: 50.1.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla) MSI ODD Monitor (HKLM-x32\...\InstallShield_{B7D9BAAA-F068-4BF8-B929-462C3A8AB677}) (Version: 1.0.0.7 - Micro-Star Int'l Co., Ltd.) MSI ODD Monitor (x32 Version: 1.0.0.7 - Micro-Star Int'l Co., Ltd.) Hidden Norton Security (HKLM-x32\...\NSBU) (Version: 22.8.1.14 - Symantec Corporation) novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{5DFCF6F7-EE45-4FFC-8B63-E0D5FAF9BF6B}) (Version: 8.8.946 - Softland) novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B1C79167-9B86-413A-9E91-97CA6BC28DC1}) (Version: 8.8.946 - Softland) novaPDF 8 Printer Driver (HKLM\...\{45ACC237-36D7-4071-8BFE-54DA41A0EC21}) (Version: 8.8.946 - Softland) novaPDF 8 SDK COM (x64) (HKLM\...\{F3836946-7615-418E-A0E6-611F80E9832D}) (Version: 8.3.931 - Softland) novaPDF 8 SDK COM (x86) (HKLM-x32\...\{522153DA-9319-4E93-87BB-6632C85947F3}) (Version: 8.3.931 - Softland) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.33 - NVIDIA Corporation) NVIDIA GeForce Experience 3.2.0.96 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.0.96 - NVIDIA Corporation) NVIDIA Graphics Driver 376.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.33 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA Miracast Virtual Audio 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.82 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.2.0.96 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden O&O DiskRecovery (HKLM\...\{175386F1-1556-400B-ABEA-79C96C4C3A47}) (Version: 11.0.17 - O&O Software GmbH) Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden PowerDirector (Version: 12.0 - CyberLink Corp.) Hidden Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1080 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1080 - Qualcomm Atheros) Hidden Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1080 - Qualcomm Atheros) Qualcomm Atheros Network Manager (Version: 1.1.42.1080 - Qualcomm Atheros) Hidden QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) RealDownloader (x32 Version: 18.1.6.161 - RealNetworks, Inc.) Hidden RealDownloader (x32 Version: 18.1.6.165 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.6 - RealNetworks) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.) SanDisk SSD Dashboard (HKLM-x32\...\SanDisk SSD Dashboard) (Version: 1.4.1 - SanDisk Corporation) SanDisk SSD Dashboard Service (HKLM-x32\...\{EE9255E4-283A-4318-ABB6-A75BEE59ACA3}) (Version: 1.0.0 - SanDisk Corporation) SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.2.0.96 - NVIDIA Corporation) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.30 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.) Sound Blaster Recon3Di (HKLM-x32\...\{F58259E2-91F3-4904-9DD7-6FDC455BABE1}) (Version: 1.00.08 - Creative Technology Limited) Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Toolkit Documentation (x32 Version: 10.1.10586.0 - Microsoft) Hidden TurboTax 2016 (HKLM-x32\...\TurboTax 2016) (Version: 2016.0 - Intuit, Inc) Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version: - Microsoft) Update for Skype for Business 2016 (KB3127980) 64-Bit Edition (HKLM\...\{90160000-012B-0409-1000-0000000FF1CE}_Office16.PROPLUS_{63487652-EA1D-4817-B4EB-B3D29A441B8F}) (Version: - Microsoft) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden User State Migration Tool (x32 Version: 10.1.10586.0 - Microsoft) Hidden vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Video Downloader (x32 Version: 1.3.0 - RealNetworks) Hidden Volume Activation Management Tool (x32 Version: 10.1.10586.0 - Microsoft) Hidden vs2015_redist x86 (x32 Version: 1.0.0.0 - Realnetworks) Hidden Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.) Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{82daddb6-d4e0-42cb-988d-1e7f5739e155}) (Version: 10.1.10586.0 - Microsoft Corporation) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WPT Redistributables (x32 Version: 10.1.10586.0 - Microsoft) Hidden WPTx64 (x32 Version: 10.1.10586.0 - Microsoft) Hidden Yahoo! Powered (HKLM-x32\...\{A10649C6-F186-9846-4006-E8C690863B46}) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3336670907-1719923216-113533501-1001_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-3336670907-1719923216-113533501-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler) CustomCLSID: HKU\S-1-5-21-3336670907-1719923216-113533501-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0A1A42DA-4E60-4F30-AC4B-ADA79F792645} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2016-12-16] () Task: {138F5F15-0110-44B8-ACD4-691C13340083} - System32\Tasks\CrystalDiskInfo => C:\Users\Larry\Downloads\CrystalDiskInfo6_5_2ShizukuUltimate\DiskInfoS.exe [2015-06-14] (Crystal Dew World) Task: {1AEA1CDD-573A-40EB-8AFB-04DC527E5B89} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3336670907-1719923216-113533501-1001 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe [2016-11-11] (RealNetworks, Inc.) Task: {1BD0112E-7852-4BF3-BB63-C750E166B0E5} - System32\Tasks\DeviceDetector7 => C:\Program Files (x86)\CyberLink\MediaEspresso7\DeviceDetector\DeviceDetector7.exe [2015-09-10] (CyberLink) Task: {21DCAC9D-5780-4633-AAEA-B459498B654B} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2015-05-25] (PC-Doctor, Inc.) Task: {22B13C2F-3542-45B0-99CC-AFD03D7FADC4} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe [2017-01-02] (MSFree Inc.) Task: {22E7EF14-0FC1-4EBD-88E6-D3CBD745C6D4} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {27DFD54D-5D75-42FA-A3DC-7AEF314DDBAC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {2C13C0FC-1686-4EDF-B208-90146878D016} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {2D264788-ADA1-409F-A818-3674D2C74269} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {2F431CA5-1A07-4DBF-B9FB-E13EB2E94F84} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceProtectionStateChanged Task: {2FCBAD95-7565-4791-AB68-D95AD1534C82} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-06-11] (Dell Inc.) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe Task: {389D51D2-530F-4C82-AEE7-6BDF56B35850} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {38FC6311-E6BE-419E-9CA3-E73800AAE006} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation) Task: {39CC15E8-CB2F-420E-BA71-14D3D024CF59} - System32\Tasks\AupAvUpdate => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\updAvTask.exe [2016-06-01] () Task: {4250350E-D3D5-432B-B742-3675F0FC2CF7} - System32\Tasks\Health-Check => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2016-11-03] (Innovative Solutions) Task: {4479DA0D-1C11-4A90-959A-6BC1834BD57A} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\Real\RealDownloader\downloader2.exe [2016-12-13] () Task: {5837BCE7-0AA9-4983-9D00-3821296B6F79} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {589375FE-E581-4B54-ADAC-EF672E60AF65} - \Microsoft\XblGameSave\XblGameSaveTask\Logon -> No File <==== ATTENTION Task: {66C5910E-9552-4B94-950E-C8553405E945} - System32\Tasks\UninstallMonitor => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe [2016-11-03] (Innovative Solutions GRUP SRL) Task: {68BBB67F-C9FB-44B2-9B7B-E32ED99812BB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-12] (NVIDIA Corporation) Task: {6BE3094F-7AD4-4A73-A5E8-296CEABA7D1D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-12] (NVIDIA Corporation) Task: {6C6D46A2-8EEF-4D0B-882E-0BF88A972E01} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2017-01-02] (Glarysoft Ltd) Task: {7597ADD9-C074-4C1E-A4A0-2650C0686697} - System32\Tasks\Microsoft\Windows\Subscription\EnableLicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2016-12-03] (Microsoft Corporation) Task: {78CA7968-9717-4020-89B0-56F8BB37791D} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Security\Upgrade.exe [2016-11-11] (Symantec Corporation) Task: {82184F7B-5AC8-40B1-ABD1-2DF529D4FCF4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation) Task: {88538C0D-602A-446E-BF83-81F9DAA298D3} - \WPD\SqmUpload_S-1-5-21-3336670907-1719923216-113533501-1001 -> No File <==== ATTENTION Task: {8C250B7B-B8C0-4A40-B5DB-551545BCEAAF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {91A185E7-1BF6-4CDC-AA72-36F743755BE1} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {9BBE3A12-39AD-48DA-885F-DA1D6D485E4C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {AA57D100-BE05-42A1-8D07-32092D323B6F} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-12] (NVIDIA Corporation) Task: {AAB40BF7-8BE7-4441-8F4D-454A3DCBA90B} - System32\Tasks\HPCustParticipation HP Officejet 6700 => C:\Program Files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {B07571C8-9239-4A1B-992A-0F0975B575E0} - System32\Tasks\Toolbox.exe_{A121AC8C-E8D8-4974-84B8-45A1639C735E} => C:\Program Files\HP\HP Officejet 6700\Bin\Toolbox.exe [2012-10-17] (Hewlett-Packard Co.) Task: {B1DB217B-1FE4-4673-8D4A-79F5724DF9ED} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {B279820C-DCF4-4066-8234-398E13EE85DB} - System32\Tasks\Health-Check-deep => C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\healthcheck.exe [2016-11-03] (Innovative Solutions) Task: {BADFC92A-A2CF-4636-91BD-148B748D27F0} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\WSCStub.exe [2016-11-11] (Symantec Corporation) Task: {BD715A2C-3901-4136-B161-940F32EF2405} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-05-25] (PC-Doctor, Inc.) Task: {C216F656-4E5E-478F-98AD-F19C4722C191} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2017-01-02] (Glarysoft Ltd) Task: {C32B115B-90E4-4804-B9F7-861C37C77291} - System32\Tasks\Norton Security with Backup\Norton Error Processor => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation) Task: {C58F1DF6-DD13-43F0-8E85-1AD5A6DCF633} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3336670907-1719923216-113533501-1001 => C:\Program Files (x86)\Real\RealDownloader\RealUpgrade.exe [2016-11-11] (RealNetworks, Inc.) Task: {C63A951E-F18F-413B-9881-5893FD7AF12C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {C799313C-5E67-4883-A9E5-8CBEBA5719C5} - System32\Tasks\Yahoo! Powered rorir => Wscript.exe "C:\ProgramData\{7CD1B9B2-F693-3374-7055-AD36EA1726F8}\soma.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b37434431423942322d463639332d333337342d373035352d4144333645413137323646387d5c6e696e696c65" "433a5c50726f6772616d446174615c7b37434431423942322d463639332d333337342d373035 (the data entry has 78 more characters). Task: {CB5FFBF7-04B7-422A-A10A-E158304BD4FF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {CDFB9941-193E-4F16-9F37-BD27397126D9} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel(R) Corporation) Task: {D2B372CE-B468-4A68-90F7-FDE9AFD64A40} - System32\Tasks\Norton Security with Backup\Norton Autofix => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation) Task: {D492CCE4-1598-4EC2-BFFE-D30D748C3488} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {E326602E-A55A-4DB3-8428-67A57CF0EB7C} - System32\Tasks\Microsoft\Windows\Subscription\LicenseAcquisition => C:\WINDOWS\system32\ClipRenew.exe [2016-12-03] (Microsoft Corporation) Task: {E6CFB7E4-72BD-4C32-A382-C9114F4E6496} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {E978DBC7-5FBB-4369-BB39-53C7C331F5CB} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2017-01-02] (Glarysoft Ltd) Task: {EC0DBF35-CA8D-46F2-83EA-0D2447AF6E5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated) Task: {F1F033BB-85C1-4793-9F0D-834CF7418F93} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-12] (NVIDIA Corporation) Task: {F63452D3-D8B3-40F3-8107-747EC691E908} - System32\Tasks\Norton Security with Backup\Norton Error Analyzer => C:\Program Files (x86)\Norton Security with Backup\Engine\22.8.1.14\SymErr.exe [2016-11-11] (Symantec Corporation) Task: {F70350B0-E067-4492-B035-FD31809E9705} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-11-11] (DivX, LLC) Task: {F80142CF-167E-4F3D-BF86-F9531AD8E1B7} - System32\Tasks\Microsoft\Windows\BrokerInfrastructure\BgTaskRegistrationMaintenanceTask Task: {FDEA19DF-8298-4662-B27B-D970D0B8AA39} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-12-12] (NVIDIA Corporation) Task: {FFB99315-4172-42D3-9452-5C55240EE447} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\HP Officejet 6700.exe_{A4A32DF3-D6DA-4E0A-9ACA-605EF21923F3}.job => C:\Program Files\HP\HP Officejet 6700\Bin\HP Officejet 6700.exex-install -prfn HP Officejet 6700 (Network) -ePCUrl hxxps:/h30495.www3.hp.com Task: C:\WINDOWS\Tasks\Yahoo! Powered rorir.job => Wscript.exe C:\ProgramData\{7CD1B9B2-F693-3374-7055-AD36EA1726F8}\soma.txt <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Larry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\µTorrent\µTorrent Homepage.lnk -> hxxp://www.utorrent.com ==================== Loaded Modules (Whitelisted) ============== 2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-12-03 07:34 - 2016-12-03 07:34 - 00347136 _____ () C:\Windows\System32\HrtfApo.dll 2014-10-22 12:32 - 2014-10-22 12:32 - 02257232 _____ () C:\Program Files\Alienware\Command Center\DDR\MSIDDRService.exe 2014-08-18 19:33 - 2014-08-18 19:33 - 04033360 _____ () C:\Program Files\Alienware\Command Center\ClockGen\MSIClockService.exe 2014-08-07 19:14 - 2014-08-07 19:14 - 04174672 _____ () C:\Program Files\Alienware\Command Center\CPU\MSICPUService.exe 2014-08-01 12:42 - 2014-08-01 12:42 - 02067792 _____ () C:\Program Files\Alienware\Command Center\SMBus\MSISMBService.exe 2014-09-12 16:28 - 2014-09-12 16:28 - 02021712 _____ () C:\Program Files\Alienware\Command Center\MSIControlService.exe 2016-12-16 18:36 - 2016-12-16 18:36 - 00145696 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll 2017-01-02 15:01 - 2016-12-12 16:30 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2017-01-02 15:01 - 2016-12-12 16:30 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-11-11 12:52 - 2016-11-11 12:52 - 00035104 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2016-12-13 05:38 - 2016-12-11 11:47 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () c:\windows\system32\CoreUIComponents.dll 2016-12-03 07:34 - 2016-12-03 07:34 - 00148752 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-12-13 05:50 - 2016-12-13 05:50 - 01864384 _____ () C:\Users\Larry\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_10\amd64\ClientTelemetry.dll 2016-10-18 02:45 - 2016-10-18 02:45 - 08911552 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2016-12-03 07:35 - 2016-12-03 09:01 - 02004480 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-12-03 07:34 - 2016-12-03 07:34 - 03142840 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-07-01 22:20 - 2016-05-05 08:41 - 00108456 ____N () C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe 2015-09-25 01:21 - 2014-06-27 02:40 - 00241734 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2014-04-24 09:07 - 2014-04-24 09:07 - 00300544 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe 2015-09-03 23:50 - 2013-06-06 11:16 - 00012520 _____ () C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\CoreTempReader.dll 2015-09-03 23:50 - 2013-06-06 11:16 - 00015080 _____ () C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\GetCoreTempInfoNET.dll 2015-09-03 23:50 - 2013-06-06 11:16 - 00014056 _____ () C:\Users\Larry\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter.gadget\SystemInfo.dll 2016-12-03 07:34 - 2016-12-03 07:34 - 00186368 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-12-03 07:35 - 2016-12-03 07:35 - 00816640 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2016-12-13 01:49 - 2016-12-13 01:50 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-12-13 01:49 - 2016-12-13 01:50 - 21861888 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-06 16:22 - 2016-06-06 16:23 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-11-30 20:08 - 2016-11-30 20:08 - 00307712 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll 2016-11-30 20:08 - 2016-11-30 20:08 - 01046016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll 2016-06-21 11:27 - 2016-06-21 11:27 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1207.10020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2015-07-30 03:32 - 2015-07-30 03:32 - 02210480 _____ () C:\Program Files\Microsoft Office\Office16\tmpod.dll 2016-11-15 06:28 - 2016-11-15 06:28 - 01466048 _____ () C:\Program Files\Microsoft Office\Office16\ADDINS\UmOutlookAddin.dll 2016-12-13 01:50 - 2016-12-13 01:50 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe\PilotshubApp.exe 2016-12-13 01:50 - 2016-12-13 01:50 - 14038016 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe\PilotshubApp.dll 2016-12-13 01:50 - 2016-12-13 01:50 - 00369664 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsFeedbackHub_1.1611.3471.0_x64__8wekyb3d8bbwe\Helper.dll 2016-12-03 07:35 - 2016-12-03 09:01 - 10812416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-12-03 07:35 - 2016-12-03 09:01 - 01100800 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-12-03 07:35 - 2016-12-03 09:01 - 05280256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2014-08-13 12:56 - 2014-08-13 12:56 - 00102736 _____ () C:\Program Files\Alienware\Command Center\ClockGen\IccLibDll.dll 2016-11-11 12:52 - 2016-11-11 12:52 - 00040248 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2016-11-11 12:52 - 2016-11-11 12:52 - 00042296 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2016-11-11 12:52 - 2016-11-11 12:52 - 00039752 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll 2017-01-02 15:02 - 2016-12-12 16:30 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-01-02 15:01 - 2016-12-12 16:30 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-01-02 15:01 - 2016-12-12 16:30 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2016-11-15 22:11 - 2016-04-19 04:12 - 00695808 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\tag.dll 2016-11-15 22:11 - 2016-10-20 00:50 - 00915736 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\UNO.dll 2016-11-15 22:11 - 2016-10-11 03:00 - 01912088 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\Language\ENU\P2GRC.dll 2016-11-15 22:11 - 2016-10-20 00:51 - 01621272 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\runtime\authoring\AuroraU.dll 2015-09-25 01:21 - 2014-06-27 02:40 - 00028672 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll 2016-11-15 22:11 - 2012-10-31 23:10 - 00548352 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\runtime\mediacache\libmatroska.dll 2016-11-15 22:11 - 2012-10-31 23:10 - 00249344 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\runtime\mediacache\libebml.dll 2016-11-15 22:11 - 2016-10-20 00:50 - 00192792 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\CLVistaAudioMixer.dll 2016-11-15 22:11 - 2016-10-20 00:52 - 00334104 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\runtime\authoring\EditingMgrWrapperU.dll 2016-11-15 22:11 - 2016-10-20 00:52 - 00634648 _____ () C:\Program Files (x86)\CyberLink\Power2Go11\CLMediaLibrary.dll 2016-12-31 20:36 - 2016-12-06 00:49 - 00882456 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\common\UNO\UNO.dll 2016-12-31 20:36 - 2016-04-06 01:09 - 00087552 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Common\Koan\_ctypes.pyd 2016-12-31 20:36 - 2016-04-06 01:09 - 00805888 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Common\Koan\_hashlib.pyd 2016-12-31 20:36 - 2016-04-06 01:09 - 00045568 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Common\Koan\_socket.pyd 2016-12-31 20:36 - 2016-04-06 01:09 - 01243136 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Common\Koan\_ssl.pyd 2016-12-31 20:36 - 2016-12-06 00:49 - 00059160 _____ () C:\Program Files (x86)\CyberLink\PowerDVD16\Kernel\DHProcedure\DHProcedure.dll 2015-11-23 13:13 - 2014-09-05 11:55 - 00132808 _____ () C:\Users\Larry\AppData\Local\Microsoft\BingDesktop\en-US\Apps\Wallpaper_5386c77076d04cf9a8b5d619b4cba48e\1.4.82\wallpaper.dll 2015-03-16 10:28 - 2015-03-16 10:28 - 00155528 _____ () C:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2017-01-02 15:02 - 2016-12-12 07:36 - 00525760 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-01-02 15:02 - 2016-12-12 07:36 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-01-02 15:02 - 2016-12-12 07:36 - 02808888 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-01-02 15:02 - 2016-12-12 07:36 - 00384568 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-01-02 15:02 - 2016-12-12 07:36 - 00447424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-01-02 15:02 - 2016-12-12 07:36 - 00336832 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-01-02 15:02 - 2016-12-12 07:36 - 01003456 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node 2017-01-02 15:02 - 2016-12-12 07:36 - 00956472 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node 2016-01-05 10:19 - 2015-12-18 16:52 - 01607920 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\STRestoreAPI.dll 2015-09-03 20:32 - 2012-11-25 23:19 - 01153384 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\libxml2.dll 2015-10-06 14:57 - 2014-02-18 14:12 - 00117568 _____ () C:\Program Files (x86)\AlienRespawn\Components\Restore\zlib1.dll 2017-01-10 07:16 - 2017-01-10 07:16 - 01244376 _____ () C:\Users\Larry\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\ClientTelemetry.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2017-01-02 03:54 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3336670907-1719923216-113533501-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Larry\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\panoramic_waves1.jpg DNS Servers: 24.56.178.101 - 24.56.178.102 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\StartupFolder: => "Dell Display Manager.lnk" HKLM\...\StartupApproved\StartupFolder: => "PlutoTV.lnk" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "NvBackend" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "UpdReg" HKLM\...\StartupApproved\Run32: => "DropboxOEM" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "Sound Blaster Recon3Di SBX Control Panel" HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-3336670907-1719923216-113533501-1001\...\StartupApproved\Run: => "Power2GoExpress10" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => LPort=139 FirewallRules: [holoshellapp-In-TCP] => %systemroot%\holoshell\holoshellapp.exe FirewallRules: [holoshellapp-Out-TCP] => %systemroot%\holoshell\holoshellapp.exe FirewallRules: [compositor-In-TCP] => LPort=48862 FirewallRules: [compositor-Out-TCP] => LPort=48862 FirewallRules: [{0ADD1729-BDAA-4AA9-9233-FDECC518F992}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{B27C9A6D-2DD5-47C1-BFBF-CEF3FC9FEFA1}] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{82C006B0-FCB7-4C49-B111-9D9AC916519B}] => C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{55EE65FE-3BCF-4D56-879E-9B87D300566E}] => C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{0AF70686-8796-469A-BA88-044BE553F427}] => C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{7C5CCAA7-69BA-485E-BC63-5B3DA20448F9}] => C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{D6492391-3B93-41E3-8E38-240D151C16FB}] => C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe FirewallRules: [{0E50B734-3B08-41D1-974F-D34174E33358}] => C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe FirewallRules: [{21112920-E2F2-455D-A6F9-34E68503B7B4}] => C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{92016AFD-04A1-419B-9D2E-717A88C79BB9}] => C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{41B39979-BC8A-4498-AB58-B0689B7EC991}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{800FF5D5-4112-44C9-842F-B29D29050C17}] => C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [UDP Query User{9167CFB6-4C1C-4D3E-AB16-F68A886EAD63}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{593871AC-5020-4E57-B257-01CDA07E1473}C:\program files (x86)\skype\phone\skype.exe] => C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{806795DA-0F77-48B4-B811-1F13D0804928}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{491BC49F-B5C8-431A-8032-65E0AAD05881}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A1DD7096-C9EB-4E42-BB4B-11DCACAAD986}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{11EA7A24-8883-4879-8CFC-B09D20634EF3}] => C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{92FAB7FC-41B9-4B14-9211-AE7E545F904B}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{1F45C000-5731-4B7B-A826-BB18EB611D33}] => C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{749E7800-ECB4-4DD1-A527-6C2392F78F58}] => C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe FirewallRules: [{DC400F0C-B0C6-440F-8C51-A12153E573B6}] => C:\Program Files\HP\HP Officejet 6700\Bin\DeviceSetup.exe FirewallRules: [{10A39B1D-FC41-4F61-A9F4-7D1FF0830AC1}] => C:\Program Files\HP\HP Officejet 6700\bin\SendAFax.exe FirewallRules: [{75502190-78CC-425E-9F44-747B831DEBA8}] => C:\Program Files\HP\HP Officejet 6700\bin\DigitalWizards.exe FirewallRules: [{3E7D7498-F03E-414A-938C-26CFD4C3F079}] => C:\Program Files\HP\HP Officejet 6700\bin\FaxApplications.exe FirewallRules: [{89D6B2DB-C8AD-4EBE-A67C-89E200FC586C}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5F8EF517-053C-46C6-87B9-B3CBC7E0085C}] => C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5FA11187-FBFA-4C34-93DF-3DE0FBCE7FF0}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{0180A372-4E33-41C8-80C7-0E2E5F86CD9A}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{5E723AF9-4712-4A7C-81C0-49DC779371A5}] => C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE FirewallRules: [{E310148F-BEF0-4FA3-9CAA-ACD5255B1B4A}] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{D1713330-8FA2-491C-8809-2AEA8CFD9F4E}] => C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{41A20AE5-E7BD-4FB1-A132-1417949D985F}] => C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{0A7CB4C8-1DE9-4B7F-865D-C2B88FCECD67}] => C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{9F74EE94-D89E-4353-82F3-93679BEE1033}] => C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{9007287E-737F-4ABC-996E-4A9100F4B1F8}] => C:\Program Files (x86)\uTorrent\utorrent.exe FirewallRules: [{28B6B59A-6DE5-44F5-8FF0-DF0D47E20BF8}] => C:\Program Files (x86)\uTorrent\utorrent.exe FirewallRules: [TCP Query User{BC2611B9-4EAB-4BF4-A72B-DBECE568CD53}C:\program files (x86)\utorrent\utorrent.exe] => C:\program files (x86)\utorrent\utorrent.exe FirewallRules: [UDP Query User{9FD74C92-0302-4DEF-9D66-09048A7A03C9}C:\program files (x86)\utorrent\utorrent.exe] => C:\program files (x86)\utorrent\utorrent.exe FirewallRules: [{72F43AA0-558C-448D-9410-ABE968BBA5FE}] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe FirewallRules: [{094CD586-D665-46B6-8DBC-44AFC1EE3506}] => C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe FirewallRules: [{927A3997-09A8-4C2C-A39E-751B043A73DF}] => C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe FirewallRules: [{5B84405F-B58D-40F2-9B89-11E4A3E5ED9B}] => C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe FirewallRules: [{F9379BAA-5B1A-4165-81A8-37220DB5F92A}] => C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe FirewallRules: [{D18FE7CD-D47B-4C4F-B083-2C346E3B7CFC}] => C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{F881AD85-F4F1-4DBE-AE9E-62D0F6DE12AF}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdater.exe FirewallRules: [{33B9A6C4-968B-40C6-937E-E5938BACBDC5}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{6EBABC78-9213-49B8-AE57-2D6827C5CF24}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{B270DF64-9225-4DC8-BA99-C04753DD3444}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{EBE4995D-7B5F-4DDC-965D-750FE4C8C6E7}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{3452326E-53B5-4AFB-BF50-0F0CF922A7B0}] => C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe FirewallRules: [{B2A400D6-9F59-41D0-A616-236B2F9E2E7B}] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD.exe FirewallRules: [{E03B3309-4593-4D08-9216-66EEE2C53DAC}] => C:\Program Files (x86)\CyberLink\PowerDVD16\Kernel\DMS\CLMSServerPDVD16.exe FirewallRules: [{9F5F33AE-D310-45CA-8E09-B7DA82185B99}] => C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe FirewallRules: [{2B5D5A43-7831-4CBC-A5A0-4AF2DCD429C1}] => C:\Program Files (x86)\CyberLink\PowerDVD16\Movie\PowerDVDMovie.exe FirewallRules: [{59C9969A-EF87-4157-AF99-678EDD00A7C7}] => C:\Program Files (x86)\CyberLink\PowerDVD16\CastingStation.exe FirewallRules: [{BE6CCA1D-42BE-4444-8837-46899B662C51}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{4183DF5A-A6D3-4167-8FC9-8678EBC65EED}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{29E56029-A928-4417-B5ED-88A8DB9FE0AB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{8228DCFB-1CE5-4F99-81A4-08BE6B2C9619}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{B381A423-F6CF-45AD-AAC1-BE65097D02D1}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F2F181E3-CB9D-4960-942E-DFC1ADDDC076}] => LPort=8501 FirewallRules: [{A7DD94C5-D549-4124-A6A2-09113AD66008}] => LPort=8501 FirewallRules: [{D8FB2016-D4EB-4267-9110-5788FFE8327A}] => C:\Program Files (x86)\uTorrent 1\uTorrent.exe FirewallRules: [{B411B5AA-0858-4712-9418-9C12436EECC4}] => C:\Program Files (x86)\uTorrent 1\uTorrent.exe ==================== Restore Points ========================= 24-12-2016 02:56:53 Windows Update 28-12-2016 03:26:31 Windows Update 31-12-2016 04:45:24 Installed TurboTax 2016 wrapper 02-01-2017 15:11:15 Installed Skype™ 7.30 05-01-2017 19:08:21 Windows Update 09-01-2017 08:42:52 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/08/2017 08:17:35 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: ALIENINSIDER) Description: Package Microsoft.MicrosoftEdge_39.14986.1000.0_neutral__8wekyb3d8bbwe+ContentProcess#{00061401-0001-0000-07f8-010000000000} was terminated because it took too long to suspend. Error: (01/08/2017 08:17:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdgeCP.exe, version: 11.0.14986.1001, time stamp: 0x584e4e99 Faulting module name: KERNELBASE.dll, version: 10.0.14986.1000, time stamp: 0x5cabbcb9 Exception code: 0x800706bf Fault offset: 0x0000000000039668 Faulting process id: 0x1fb4 Faulting application start time: 0x01d269c087391802 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 3fbdb378-f0c5-40d1-877c-6341a64595b9 Faulting package full name: Microsoft.MicrosoftEdge_39.14986.1000.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: ContentProcess Error: (01/08/2017 08:17:24 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Explorer.EXE, version: 10.0.14986.1000, time stamp: 0xf95d161b Faulting module name: DBRShellExtension.dll_unloaded, version: 1.8.0.9, time stamp: 0x559bed87 Exception code: 0xc0000005 Fault offset: 0x0000000000047353 Faulting process id: 0x2238 Faulting application start time: 0x01d269be9fed46af Faulting application path: C:\WINDOWS\Explorer.EXE Faulting module path: DBRShellExtension.dll Report Id: 8a462146-c972-47e7-8bfe-69619fabacfa Faulting package full name: Faulting package-relative application ID: Error: (01/08/2017 08:15:26 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: utorrent 2.2.1.exe, version: 2.2.1.25154, time stamp: 0x4d93a6ca Faulting module name: ntdll.dll, version: 10.0.14986.1000, time stamp: 0x1b7454ed Exception code: 0xc0000005 Fault offset: 0x0003c56e Faulting process id: 0x1e64 Faulting application start time: 0x01d269c1df43cc8a Faulting application path: H:\Unzipped\utorrent 2.2.1.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 17e611bd-f09b-439b-833c-caa374dc8cad Faulting package full name: Faulting package-relative application ID: Error: (01/08/2017 07:51:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALIENINSIDER) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/08/2017 07:51:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALIENINSIDER) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (01/08/2017 07:51:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.14986.1000, time stamp: 0x2d981759 Faulting module name: ucrtbase.dll, version: 10.0.14986.1000, time stamp: 0x91b6c463 Exception code: 0xc0000005 Fault offset: 0x000000000004a6e7 Faulting process id: 0x296c Faulting application start time: 0x01d269bea295a5f2 Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe Faulting module path: C:\WINDOWS\System32\ucrtbase.dll Report Id: 0b63c9f2-e6b2-4fcd-a288-c7fb51db4521 Faulting package full name: Microsoft.Windows.Cortana_1.8.3.14986_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: CortanaUI Error: (01/08/2017 07:50:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: FreemakeUtilsService.exe, version: 1.0.0.0, time stamp: 0x58636ac6 Faulting module name: KERNELBASE.dll, version: 10.0.14986.1000, time stamp: 0x96defb21 Exception code: 0xe0434352 Fault offset: 0x000ee512 Faulting process id: 0xf2c Faulting application start time: 0x01d269be9c3bbb57 Faulting application path: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 5151d276-612b-4b54-b3c6-f89683440421 Faulting package full name: Faulting package-relative application ID: Error: (01/08/2017 07:50:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: FreemakeUtilsService.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.IO.FileNotFoundException at FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs() at FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs) at FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs) at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs) at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object) at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (01/08/2017 07:48:51 AM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x80070006, The handle is invalid. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet System errors: ============= Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ALIENINSIDER) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: ALIENINSIDER) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. Error: (01/10/2017 10:19:23 AM) (Source: Microsoft-Windows-BitLocker-Driver) (EventID: 24620) (User: NT AUTHORITY) Description: Encrypted volume check: Volume information on \\?\Volume{b0215847-42f8-4ca4-94e0-921a8533487d} cannot be read. CodeIntegrity: =================================== Date: 2017-01-10 09:40:19.820 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-08 09:33:11.971 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-08 08:04:52.922 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-08 07:52:06.320 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-07 03:52:09.108 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-02 22:40:14.501 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-02 19:44:42.511 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-02 19:44:36.353 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-02 19:44:35.940 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-01-02 19:30:48.934 Description: Code Integrity determined that a process (\Device\HarddiskVolume8\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume8\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-5960X CPU @ 3.00GHz Percentage of memory in use: 21% Total physical RAM: 32661.74 MB Available physical RAM: 25513.12 MB Total Virtual: 37525.74 MB Available Virtual: 28974.64 MB ==================== Drives ================================ Drive c: (Ailien Insider) (Fixed) (Total:879.1 GB) (Free:480.03 GB) NTFS Drive d: (Larrys Alienware) (Fixed) (Total:884.98 GB) (Free:725.56 GB) NTFS Drive e: (Alienware Backup 2TB) (Fixed) (Total:1853.73 GB) (Free:1397.25 GB) NTFS Drive h: (SSD #3) (Fixed) (Total:237.96 GB) (Free:221.22 GB) NTFS Drive i: (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.23 GB) FAT32 Drive x: (RECOVERY) (Fixed) (Total:0.24 GB) (Free:0 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (Size: 894.3 GB) (Disk ID: D658939F) Partition: GPT. ======================================================== Disk: 2 (Size: 894.3 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 3 (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================