Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-11-2019 Ran by Debra (10-11-2019 14:22:48) Running from C:\Users\Debra\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2010-02-21 00:51:43) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-680459831-2725585726-4018758263-500 - Administrator - Disabled) Debra (S-1-5-21-680459831-2725585726-4018758263-1000 - Administrator - Enabled) => C:\Users\Debra Guest (S-1-5-21-680459831-2725585726-4018758263-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-680459831-2725585726-4018758263-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3ivx MPEG-4 5.0.3 (remove only) (HKLM-x32\...\3ivx MPEG-4 5.0.3) (Version: 5.0.3 - 3ivx Technologies, Pty. Ltd.) Acrobat.com (HKLM-x32\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.021.20049 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.) Adobe Digital Editions (HKLM-x32\...\Digital Editions) (Version: - ) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated) Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.213 - Adobe Systems Incorporated) aioscnnr (HKLM-x32\...\{EF53BFAB-4C10-40DB-A82D-9B07111715C6}) (Version: 7.6.13.10 - Your Company Name) Hidden Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: 1.26.0.55076 - Amazon) ANT Drivers Installer x64 (HKLM\...\{4CBCD610-92A0-4B1E-893F-FC1E889F8B90}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden ANT Drivers Installer x64 (HKLM\...\{C14C3A1D-B5B3-41BB-9358-6FEA3FC642AF}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version: - AOMEI Technology Co., Ltd.) Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) C4USelfUpdater (HKLM-x32\...\{48B41C3A-9A92-4B81-B653-C97FEB85C910}) (Version: 1.00.0000 - Your Company Name) Hidden Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) CDDRV_Installer (HKLM\...\{0C826C5B-B131-423A-A229-C71B3CACCD6A}) (Version: 4.60 - Logitech) Hidden center (HKLM-x32\...\{56BA241F-580C-43D2-8403-947241AAE633}) (Version: 7.7.2.0 - Eastman Kodak Company) Hidden Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.58.1.0 - Conexant) CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - Cambridge Silicon Radio Limited.) CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2203 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2519 - CyberLink Corp.) D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden Elevated Installer (HKLM-x32\...\{B11981DA-5AEA-459F-978A-F99541F77AD5}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Hidden erLT (HKLM-x32\...\{A498D9EB-927B-459B-85D6-DD6EF8C2C564}) (Version: 1.20.0137 - Logitech, Inc.) Hidden essentials (HKLM-x32\...\{BE94C681-68E2-4561-8ABC-8D2E799168B4}) (Version: 7.7.2.0 - Eastman Kodak Company) Hidden ESU for Microsoft Vista (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) FlipShare (HKLM-x32\...\{97C658D2-61FB-027F-0D76-E9CDC84AFEC7}) (Version: 5.12.3.0 - Flip Video) Garmin Express (HKLM-x32\...\{4cc2749e-1c2a-4f48-abdf-c17069bac4da}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Garmin Express (HKLM-x32\...\{9BE7B09F-C8D2-4B1E-B83E-7387FDDA8BCD}) (Version: 6.15.0.0 - Garmin Ltd or its subsidiaries) Hidden HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.4.50 - Conexant Systems) Hewlett-Packard ACLM.NET v1.1.0.0 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard) Hidden HP Active Support Library (HKLM-x32\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard) HP Customer Experience Enhancements (HKLM-x32\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard) HP Doc Viewer (HKLM-x32\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard) HP DVD Play 3.7 (HKLM-x32\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: 3.7.0.6310 - Hewlett-Packard) HP ENVY 5530 series Basic Device Software (HKLM\...\{E43084F2-A74C-47A3-BD6D-AA57FC0A381E}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.) HP ENVY 5530 series Help (HKLM-x32\...\{97EAE055-1BE8-4775-8101-453E9715EC3F}) (Version: 30.0.0 - Hewlett Packard) HP Help and Support (HKLM-x32\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.3.0 - Hewlett-Packard Company) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP) HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.13.1 - Hewlett-Packard Company) HP Total Care Advisor (HKLM-x32\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard) HP Total Care Setup (HKLM-x32\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HP User Guides 0118 (HKLM-x32\...\{665CBCA4-5AB0-414B-A288-3F8F99FEFC45}) (Version: 1.01.0000 - Hewlett-Packard) HP Wireless Assistant (HKLM-x32\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard) HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.7 - Hewlett-Packard) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden KhalInstallWrapper (HKLM\...\{F3F18612-7B5D-4C05-86C9-AB50F6F71727}) (Version: 2.00.0000 - Logitech) Hidden Kodak AIO Printer (HKLM\...\{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}) (Version: 7.7.2.0 - Eastman Kodak Company) Hidden KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.7.6.0 - Eastman Kodak Company) LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0926 - CyberLink Corp.) LightScribe System Software (HKLM-x32\...\{4A9849CA-E11C-4F24-8BB1-97C717A1C898}) (Version: 1.18.1.1 - LightScribe) Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech) Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation) Microsoft Live Search Toolbar (HKLM-x32\...\{96384578-C6A2-4EC6-92CD-B62A60713040}) (Version: 3.0.541.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee Reveal (HKLM-x32\...\{DD35C328-F115-BEDA-6EEE-E00C5AACCCBC}) (Version: 7.0.35.6951 - muvee Technologies Pte Ltd) muvee Reveal (HKLM-x32\...\{DE626616-D7C4-4F00-7E0B-EAF26FA65749}) (Version: 7.0.43.12698 - muvee Technologies Pte Ltd) ocr (HKLM-x32\...\{BFBCF96F-7361-486A-965C-54B17AC35421}) (Version: 6.2.3.50 - Eastman Kodak Company) Hidden Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.) Hidden Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2202 - CyberLink Corp.) PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2201 - CyberLink Corp.) PreReq (HKLM-x32\...\{DA5BDB2A-12F0-4343-8351-21AAEB293990}) (Version: 6.2.4.0 - Eastman Kodak Company) Hidden PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.) Product Improvement Study for HP ENVY 5530 series (HKLM\...\{3FB74B78-098D-48EF-8CC4-BE6C431C0E16}) (Version: 32.0.1180.44630 - Hewlett-Packard Co.) QLBCASL (HKLM-x32\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) RCA Detective™ 3.0.0.101 (HKLM-x32\...\RCA Detective™_is1) (Version: - RCA) RCA easyRip 2.4.6.0 (HKLM-x32\...\RCA easyRip_is1) (Version: - RCA) RCA Updater 2.0.0.0 (HKLM-x32\...\RCA Updater_is1) (Version: - RCA) Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek) Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version: 6.0.6000.20133 - Realtek Semiconductor Corp.) Skype Web Plugin (HKLM-x32\...\{DF6DC2FB-6783-4340-8B98-401CB656AD3A}) (Version: 7.26.0.48 - Skype Technologies S.A.) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.1.3.0 - Synaptics) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.8 - VideoLAN) VoiceOver Kit (HKLM-x32\...\{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}) (Version: 1.42.128.0 - Apple Inc.) Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.) Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-680459831-2725585726-4018758263-1000_Classes\CLSID\{BB384F15-7676-403E-B797-1F9D935525A3}\InprocServer32 -> C:\Users\Debra\AppData\Local\SkypePlugin\7.26.0.48\GatewayActiveX-x64.dll (Microsoft Corporation -> Skype Technologies S.A.) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32: [vidc.3IV2] => C:\Windows\SysWOW64\3ivxVfWCodec.dll [335760 2008-02-18] (3ivx Technologies Pty. Ltd. -> 3ivx Technologies Pty. Ltd.) [File not signed] ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] ==================== Loaded Modules (Whitelisted) ============= 2010-05-20 12:49 - 2010-05-20 12:49 - 000258048 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll 2011-05-06 12:07 - 2011-05-06 12:07 - 004317184 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\Core.dll 2010-10-25 23:37 - 2010-10-25 23:37 - 000258048 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 001199104 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 000642048 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 000511488 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll 2011-05-06 12:02 - 2011-05-06 12:02 - 000737280 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll 2010-10-25 23:06 - 2010-10-25 23:06 - 002248704 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll 2010-10-25 23:23 - 2010-10-25 23:23 - 008351744 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll 2010-10-25 23:08 - 2010-10-25 23:08 - 000983040 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll 2010-10-25 23:23 - 2010-10-25 23:23 - 000204800 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll 2010-10-26 07:34 - 2010-10-26 07:34 - 011853824 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll 2010-10-25 23:06 - 2010-10-25 23:06 - 000364544 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll 2010-05-20 12:49 - 2010-05-20 12:49 - 000258048 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\boost_serialization-vc80-mt-1_43.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 000110592 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\PocoCrypto.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 001199104 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\PocoFoundation.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 000642048 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNet.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 000175616 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\PocoNetSSL.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 000291840 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\PocoUtil.dll 2010-05-17 08:47 - 2010-05-17 08:47 - 000511488 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\PocoXML.dll 2010-10-25 23:06 - 2010-10-25 23:06 - 002248704 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\QtCore4.dll 2010-10-25 23:08 - 2010-10-25 23:08 - 000983040 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\QtNetwork4.dll 2010-10-25 23:23 - 2010-10-25 23:23 - 000204800 _____ () [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\QtSql4.dll 2016-07-24 10:43 - 2015-02-25 23:00 - 002403504 _____ (Aomei Technology Co., Limited -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000114296 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Backup.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000286328 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrFat.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000102008 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrLog.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000966264 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000102008 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\BrVol.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000278136 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Clone.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000315000 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Comn.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000069240 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Compress.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000061048 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Device.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000175736 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000241272 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000028280 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000482936 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000155256 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000122488 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000253560 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000347768 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000077432 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Ldm.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000700024 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\Sync.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000384632 _____ (CHENGDU AOMEI Tech Co., Ltd. -> ) [File not signed] C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 001181304 _____ (CHENGDU AOMEI Tech Co., Ltd. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AOMEI Backupper\LIBEAY32.dll 2016-07-24 10:43 - 2016-07-11 10:34 - 000275064 _____ (CHENGDU AOMEI Tech Co., Ltd. -> The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\AOMEI Backupper\SSLEAY32.dll 2012-09-26 10:57 - 2012-09-26 10:57 - 000075264 _____ (Eastman Kodak Company) [File not signed] C:\Program Files (x86)\Kodak\AiO\Center\Logger.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 000297984 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Automation\ad8ca41334ee9f0c28c48dea8b907e58\Inkjet.Automation.ni.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 000076800 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Configuration\b5ce69ba0b9b92aa33ca757db763c02c\Inkjet.Configuration.ni.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 000094720 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Devidd83fa01#\c015da6c40cb02386d4e4debf961c601\Inkjet.DeviceSettings.ni.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 000101376 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Diagnostics\6dcabe8e3d798a6b6338b8c1628dd244\Inkjet.Diagnostics.ni.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 000862208 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Hardware\d7a808603f118bdcba195f0a70cb73f2\Inkjet.Hardware.ni.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 000235520 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Localization\2fb543583eade7a6e6e000e0de8b3ee4\Inkjet.Localization.ni.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 000178176 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Statistics\6060ca2d8dceaae47b04ed34536b83c3\Inkjet.Statistics.ni.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 000286720 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Inkjet.Utilities\739424ba897ae965a66d599ba820615c\Inkjet.Utilities.ni.dll 2009-01-27 21:37 - 2009-01-27 21:37 - 000033792 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSLog.dll 2009-01-27 21:37 - 2009-01-27 21:37 - 000110592 _____ (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSProxy.dll 2010-02-20 16:14 - 2010-02-20 16:14 - 000098304 _____ (Hewlett-Packard) [File not signed] C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll 2009-09-06 07:41 - 2009-07-20 03:00 - 000013824 _____ (Logitech, Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\AdobeHookDll.dll 2009-09-06 07:41 - 2009-07-20 03:00 - 000014336 _____ (Logitech, Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\AOLHookDll.dll 2009-09-06 07:41 - 2009-07-20 03:00 - 000057344 _____ (Logitech, Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\GameHook.dll 2009-09-06 07:41 - 2009-07-20 03:00 - 000012288 _____ (Logitech, Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\HookDll.dll 2009-09-06 07:41 - 2009-07-20 03:00 - 000010752 _____ (Logitech, Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\IMHook.dll 2009-09-06 07:41 - 2009-07-20 03:00 - 000027648 _____ (Logitech, Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\KEMHook.dll 2009-09-06 07:41 - 2009-07-20 03:00 - 000038912 _____ (Logitech, Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\lgscroll.dll 2009-09-06 07:41 - 2009-07-20 03:00 - 000069632 _____ (Logitech, Inc.) [File not signed] C:\Program Files\Logitech\SetPoint\x86\MessengerHook.dll 2009-09-11 19:06 - 2009-01-12 15:50 - 001060864 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hp\QuickPlay\MFC71.DLL 2009-09-11 19:06 - 2009-01-12 15:50 - 000499712 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hp\QuickPlay\MSVCP71.dll 2009-09-11 19:06 - 2009-01-12 15:50 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hp\QuickPlay\MSVCR71.dll 2009-09-11 19:06 - 2009-01-12 15:50 - 000017408 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Hp\QuickPlay\Powrprof.DLL 2011-06-21 12:07 - 2011-06-21 12:07 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL 2011-06-21 12:07 - 2011-06-21 12:07 - 001654784 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\MFC80U.DLL 2011-06-21 12:07 - 2011-06-21 12:07 - 000047104 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\MFC80ENU.DLL 2011-06-21 12:08 - 2011-06-21 12:08 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.6195_none_3b1209fdc9ac7774\vcomp.dll 2019-07-06 19:43 - 2019-07-06 19:43 - 001735680 _____ (Newtonsoft) [File not signed] C:\Windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.58a71267#\5ac62718ad6a4523ebb79c2eead84fb3\Newtonsoft.Json.Net20.ni.dll 2010-05-10 13:56 - 2010-05-10 13:56 - 001044480 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\LIBEAY32.dll 2010-05-10 13:56 - 2010-05-10 13:56 - 000200704 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Flip Video\FlipShareServer\SSLEAY32.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-680459831-2725585726-4018758263-1000\...\nutritionaction.com -> hxxps://www.nutritionaction.com ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2006-11-02 04:34 - 2006-09-18 13:37 - 000000761 _____ C:\Windows\system32\drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files (x86)\CyberLink\Power2Go;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\QuickTime\QTSystem\ HKU\S-1-5-21-680459831-2725585726-4018758263-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Debra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) mpsdrv => Firewall Service is not running. MpsSvc => Firewall Service is not running. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7A7A6529-E15F-4464-B0A6-5E24AC033D48}] => (Allow) C:\Program Files (x86)\HP\QuickPlay\QPService.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{A8C713AA-0E68-4CEC-A1A4-48CF24DB1185}] => (Allow) C:\Program Files (x86)\HP\QuickPlay\QP.exe (CyberLink -> CyberLink Corp.) FirewallRules: [{8CFB2E90-C33D-4CC6-98A8-9EB453845C25}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{55C74328-151F-473E-9B4C-77C5ED0071AC}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation) FirewallRules: [{237260A8-3BC6-4AE7-BFA4-9F959FCB03A6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{93ED0128-52D7-4F81-982E-0E57C78E4891}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE (CyberLink -> CyberLink Corp.) FirewallRules: [{E0A76967-9BB5-4049-B753-97BA67BF916C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{33C935D5-33E4-4CB4-9202-498C60973E5C}] => (Allow) LPort=2869 FirewallRules: [{A2D50AB0-EB66-4731-8CC7-3E80D47C3564}] => (Allow) LPort=1900 FirewallRules: [{BBD25185-1693-432B-948F-9A73BB171581}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D31D4583-9F1F-4CC5-972F-C688DCE1E2F0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe No File FirewallRules: [{F142EB26-9772-48CE-8D44-F37443EB9B63}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{94551329-D82B-4584-BD1D-CD495A734099}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2068EDA0-1BB6-4975-9848-947843EF2825}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BE3CC40B-3A7E-4A2D-B355-258D8FB3190C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{23F2588C-A38E-4BF0-BD0B-1F93130F7A7B}] => (Allow) LPort=24726 FirewallRules: [{58D0BC5E-1109-41C3-B0A9-D753A61E9CFE}] => (Allow) LPort=24727 FirewallRules: [{47C02C98-E447-4DE4-8E0F-1B35576D37B5}] => (Allow) LPort=5353 FirewallRules: [{BD0CF1F1-9FF4-4DDE-9C7D-678EF224BBD2}] => (Allow) LPort=9322 FirewallRules: [{E21F204F-E79C-4A0F-8A2B-F75B0C882867}] => (Allow) LPort=5353 FirewallRules: [{EB45493A-3EAF-4DAD-8647-E6903391E317}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{99A3E8FE-3525-4FE9-B2E8-FA83785C7571}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe No File FirewallRules: [{BDFF826F-E2B5-41DF-91EC-6D815BF09689}] => (Allow) LPort=9322 FirewallRules: [{385D5BD6-33FC-4C91-BC70-BEC7FE3DC311}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{7FB745E3-5E12-41A5-BFBA-378815330BA9}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{0373A30F-668D-47DC-A2DA-A13204ABC5C4}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{9BD54BC7-AC23-48BE-AA2E-0F33D7BBC0B5}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{5A0386B7-AFD1-4DC0-837A-56309516C9CF}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{E922C183-CB83-4724-A7B4-555178D19283}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{6E09B8B2-0977-4A81-ABA1-9ADA19332707}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{F19251DC-F96B-4A5C-B1B2-344D84627113}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{F0E4AE97-4C7A-47AA-8333-18CF89499E5E}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe (Eastman Kodak Company -> Eastman Kodak Company) FirewallRules: [{755386B6-68AD-47EA-B543-30E4746B74DD}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe (Eastman Kodak Company -> Eastman Kodak Company) ==================== Restore Points ========================= 09-07-2019 18:13:34 Windows Update 09-07-2019 22:27:36 Windows Update 14-07-2019 12:55:26 Garmin Express 14-07-2019 13:13:00 Windows Update 04-08-2019 10:37:12 Windows Update 04-08-2019 15:05:03 Configured HP Quick Launch Buttons ==================== Faulty Device Manager Devices ============ Name: MpKsl982f3609 Description: MpKsl982f3609 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: MpKsl982f3609 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ======================== Application errors: ================== Error: (11/10/2019 01:08:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70 Faulting module name: ntdll.dll, version: 6.1.7601.24499, time stamp: 0x5d0115b0 Exception code: 0xc0000374 Fault offset: 0x00000000000bf302 Faulting process id: 0xacc Faulting application start time: 0x01d5980af8fb97ca Faulting application path: C:\Windows\system32\LogonUI.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 39f2c9cb-03fe-11ea-8d66-001f16e2f0b8 Error: (11/10/2019 01:07:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70 Faulting module name: ntdll.dll, version: 6.1.7601.24499, time stamp: 0x5d0115b0 Exception code: 0xc0000374 Fault offset: 0x00000000000bf302 Faulting process id: 0x354 Faulting application start time: 0x01d5980aaa4104b8 Faulting application path: C:\Windows\system32\LogonUI.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 195dccfb-03fe-11ea-8d66-001f16e2f0b8 Error: (11/10/2019 01:06:57 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (11/10/2019 01:06:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 173.1.168.192.in-addr.arpa. PTR Debra-PC.local. Error: (11/10/2019 01:06:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.1.173:5353 18 173.1.168.192.in-addr.arpa. PTR Debra-PC-2.local. Error: (08/04/2019 07:15:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b Faulting module name: CsrBtOBEXService.exe, version: 2.1.63.0, time stamp: 0x4f68683b Exception code: 0xc0000005 Fault offset: 0x0000000000006f58 Faulting process id: 0x744 Faulting application start time: 0x01d54b388cee241b Faulting application path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe Faulting module path: C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe Report Id: 42d9e24c-b72f-11e9-96e0-001f16e2f0b8 Error: (08/04/2019 06:52:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (08/04/2019 06:51:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: LogonUI.exe, version: 6.1.7601.17514, time stamp: 0x4ce79f70 Faulting module name: ntdll.dll, version: 6.1.7601.24499, time stamp: 0x5d0115b0 Exception code: 0xc0000374 Fault offset: 0x00000000000bf302 Faulting process id: 0x348 Faulting application start time: 0x01d54b386f194580 Faulting application path: C:\Windows\system32\LogonUI.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: f09b951c-b72b-11e9-96e0-001f16e2f0b8 System errors: ============= Error: (11/10/2019 01:40:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (11/10/2019 01:40:33 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (11/10/2019 01:39:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (11/10/2019 01:39:23 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 70. Error: (11/10/2019 01:17:48 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.305.1824.0 Update Source: Microsoft Update Server Update Stage: Install Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.16500.1 Error code: 0x80240017 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. Error: (08/04/2019 07:15:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The CSR OBEX Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/04/2019 07:15:18 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {2EAD57C2-492A-4713-A340-8272B88BFF1B} did not register with DCOM within the required timeout. Error: (08/04/2019 06:52:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The hpqwmiex service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Windows Defender: =================================== Date: 2010-02-20 16:39:49.701 Description: Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures. Signatures Attempted:Current Error Code:0x80070003 Error description:The system cannot find the path specified. Signature version:0.0.0.0 Engine version:0.0.0.0 CodeIntegrity: =================================== Date: 2010-02-20 14:41:21.968 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2010-02-20 14:41:21.890 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2010-02-20 14:41:21.796 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2010-02-20 14:41:21.703 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2010-02-20 14:41:21.609 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system. Date: 2009-09-12 15:08:23.928 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Logitech\SetPoint\lgscroll.dll because the set of per-page image hashes could not be found on the system. Date: 2009-09-12 15:08:23.881 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Logitech\SetPoint\lgscroll.dll because the set of per-page image hashes could not be found on the system. Date: 2009-09-12 15:07:56.619 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Logitech\SetPoint\lgscroll.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== BIOS: Hewlett-Packard F.52 08/26/2009 Motherboard: Wistron 3612 Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Percentage of memory in use: 85% Total physical RAM: 3999.19 MB Available physical RAM: 595.7 MB Total Virtual: 7996.53 MB Available Virtual: 4554.71 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:285.81 GB) (Free:134.95 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (RECOVERY) (Fixed) (Total:12.28 GB) (Free:1.5 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: AA0A7A18) Partition 1: (Active) - (Size=285.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=12.3 GB) - (Type=07 NTFS) ==================== End of Addition.txt =======================