Hi,
can I have some help pleas. I'm finding my laptop is running slow and Is hanging a lot, especially when using the internet. WHen I open task manager I see that the system program is using 99% of disk a lot which I think is slowing the computer.
I pasted the two logs below
thanks for your help
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by bibblebucket1 (administrator) on BIBBLEBUCKET on 16-07-2015 11:49:57
Running from C:\Users\bibblebucket1\Desktop
Loaded Profiles: bibblebucket1 (Available Profiles: bibblebucket1 & fbwuser & fbwuser0B88 & fbwuser5406 & fbwuser82D0 & fbwuserC806 & fbwuser124E & fbwuserF244)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
() C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Western Digital ) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\HSSCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Sanford, L.P.) C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
() C:\Users\bibblebucket1\AppData\Roaming\Settings Manager\SettingsManager.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Dropbox, Inc.) C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
(BitTorrent Inc.) C:\Users\bibblebucket1\AppData\Roaming\BitTorrent\BitTorrent.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
Failed to access process -> iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAH\FAHWindow64.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191824 2012-08-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-09-14] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-09-14] (Qualcomm Atheros Commnucations)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3940040 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2995904 2012-07-11] (Symantec Corporation)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [40336 2015-04-29] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1688008 2012-09-06] (Western Digital)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5236664 2012-09-19] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2013-09-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe_ID0ENQBO] => C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe [378224 2008-08-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12118840 2015-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.)
HKLM-x32\...\RunOnce: [Polono] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\BIBBLE~1\AppData\Local\552A60~1\Senapihu.dat"
HKLM-x32\...\RunOnce: [Rufoco] => C:\WINDOWS\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\BIBBLE~1\AppData\Local\621BF1~1\Netup.dat"
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Run: [Clip2Net] => C:\Program Files (x86)\Clip2Net\clip2net.exe [1887744 2012-12-12] ()
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Run: [DymoQuickPrint] => C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe [1825360 2011-01-28] (Sanford, L.P.)
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1043968 2014-10-10] ()
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2015-03-18] (Microsoft Corporation)
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Run: [Settings Manager] => C:\Users\bibblebucket1\AppData\Roaming\Settings Manager\SettingsManager.EXE [897520 2015-05-22] ()
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Run: [Dropbox Update] => C:\Users\bibblebucket1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\MountPoints2: {df61b3b8-0f2a-11e3-be8d-50b7c357ec82} - "E:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [220992 2014-06-26] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2015-07-15]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAH\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2015-07-15]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\bibblebucket1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-05-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\bibblebucket1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2014-04-18]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll [2015-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://Vosteran.com/...r=1627451199=
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = http://astromenda.co...cr=134114094=
SearchScopes: HKLM-x32 -> DefaultScope {3510A9C9-89BD-4CA3-AD0B-170752148322} URL =
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> DefaultScope {B61B11C7-4BFF-43C4-8A1E-B8F2948AA5C3} URL = https://uk.search.ya...&p={searchTerms}
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = http://Vosteran.com/...r=1627451199=
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://rocket-find.c...cr=173684390=
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> {3510A9C9-89BD-4CA3-AD0B-170752148322} URL = http://astromenda.co...cr=825971628=
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://search.condui...0502360717&UM=1
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> {B61B11C7-4BFF-43C4-8A1E-B8F2948AA5C3} URL = https://uk.search.ya...&p={searchTerms}
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = http://astromenda.co...cr=134114094=
SearchScopes: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> {EF878356-A90F-4751-9908-9086B52C0B5C} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-03-03] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-03-12] (Microsoft Corporation)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File
BHO-x32: No Name -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Lync\OCHelper.dll [2010-10-22] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {c95a4e8e-816d-4655-8c79-d736da1adb6d} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-03-12] (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2008-06-11] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-515815168-1746495529-2309485121-1001 -> No Name - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{152FD92D-6987-4A1F-8044-509E0CC6AD51}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{58FE4501-52FE-47DF-B17F-2375240D7896}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{5D5A3753-FE3D-4867-94BA-9A7CE4E7645C}: [DhcpNameServer] 8.8.8.8
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
FF Plugin-x32: @dymo.com/DymoLabelFramework -> C:\Program Files (x86)\DYMO\DYMO Label Software\Framework\npDYMOLabelFramework.dll [2011-01-28] ( Sanford L.P.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-28] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-515815168-1746495529-2309485121-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bibblebucket1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-10-03] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-28] ()
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-07-15]
Chrome:
=======
CHR Profile: C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-23]
CHR Extension: (Google Drive) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-23]
CHR Extension: (YouTube) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-23]
CHR Extension: (Google Search) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-23]
CHR Extension: (Rocket New Tab) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom [2014-07-03]
CHR Extension: (Norton Identity Safe) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-12-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]
CHR Extension: (Norton Security Toolbar) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-07-05]
CHR Extension: (Google Wallet) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Vosteran New Tab) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2015-03-18]
CHR Extension: (Astromenda New Tab) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae [2015-03-18]
CHR Extension: (Gmail) - C:\Users\bibblebucket1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-23]
CHR HKLM\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ibnjmihbbanannlbobkbmnmckjnmdnom] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-21]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - https://clients2.goo...ice/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe Version Cue CS4; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [288112 2013-09-28] (Adobe Systems Incorporated)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) [File not signed]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 DymoPnpService; C:\Program Files (x86)\DYMO\DYMO Label Software\DymoPnpService.exe [32336 2011-01-28] (Sanford, L.P.)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-09-05] (Samsung Electronics CO., LTD.)
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [1169704 2015-03-30] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96688 2015-03-30] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [589608 2015-03-30] ()
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3939008 2012-07-11] (Symantec Corporation)
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246464 2015-06-12] (Synaptics Incorporated)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1157056 2012-09-19] (Western Digital )
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-09-06] (Western Digital)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WDRulesService; C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [1177536 2012-09-19] (Western Digital )
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
S2 APXACC; C:\Windows\system32\DRIVERS\appexDrv.sys [199008 2012-06-22] (AppEx Networks Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140718.001\BHDrvx64.sys [1530160 2014-06-06] (Symantec Corporation)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-09-14] (Qualcomm Atheros)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00B\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-12-13] (Symantec Corporation)
S1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20141212.002\IDSvia64.sys [637656 2014-12-12] (Symantec Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140731.025\ENG64.SYS [126040 2014-07-05] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140731.025\EX64.SYS [2099288 2014-07-05] (Symantec Corporation)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows ® Win 7 DDK provider)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\N360x64\1507000.00B\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-03] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-16 11:49 - 2015-07-16 11:52 - 00036262 _____ C:\Users\bibblebucket1\Desktop\FRST.txt
2015-07-16 11:48 - 2015-07-16 11:48 - 02133504 _____ (Farbar) C:\Users\bibblebucket1\Desktop\FRST64.exe
2015-07-16 11:44 - 2015-07-16 11:50 - 00000000 ____D C:\FRST
2015-07-15 18:09 - 2015-07-15 18:09 - 00002295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2015-07-15 18:09 - 2015-07-15 18:09 - 00002289 _____ C:\Users\Public\Desktop\WinZip.lnk
2015-07-15 18:09 - 2015-07-15 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2015-07-15 18:08 - 2015-07-15 18:11 - 00000000 ____D C:\Users\bibblebucket1\AppData\Local\WinZip
2015-07-15 18:06 - 2015-07-15 18:08 - 00000000 ____D C:\Program Files\WinZip
2015-07-15 16:36 - 2015-07-15 16:36 - 00000000 ___RD C:\Users\bibblebucket1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-07-14 14:35 - 2015-07-14 14:35 - 00001015 _____ C:\Users\bibblebucket1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\under the dome s1.lnk
2015-07-13 05:51 - 2015-07-13 05:52 - 00281216 _____ C:\WINDOWS\Minidump\071315-138625-01.dmp
2015-07-12 19:07 - 2015-07-12 19:08 - 00000000 ____D C:\Users\bibblebucket1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-07 22:44 - 2015-07-07 22:48 - 00000000 ____D C:\WINDOWS\SysWOW64\vbox
2015-07-07 22:44 - 2015-07-07 22:48 - 00000000 ____D C:\WINDOWS\system32\vbox
2015-07-07 22:32 - 2015-07-15 16:28 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-06 05:54 - 2015-07-06 05:56 - 00281160 _____ C:\WINDOWS\Minidump\070615-94906-01.dmp
2015-07-01 10:51 - 2015-07-01 10:52 - 00281160 _____ C:\WINDOWS\Minidump\070115-88718-01.dmp
2015-06-29 19:05 - 2015-06-29 19:05 - 00002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-24 21:34 - 2015-06-24 21:50 - 00014887 ____H C:\Users\bibblebucket1\Desktop\~WRL0301.tmp
2015-06-19 07:18 - 2015-06-19 07:18 - 00000000 ____D C:\Users\bibblebucket1\AppData\Local\GWX
2015-06-18 22:23 - 2015-06-18 22:24 - 00281160 _____ C:\WINDOWS\Minidump\061815-113671-01.dmp
2015-06-18 07:45 - 2015-07-16 11:50 - 00000976 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-515815168-1746495529-2309485121-1001UA.job
2015-06-18 07:45 - 2015-07-16 07:51 - 00000924 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-515815168-1746495529-2309485121-1001Core.job
2015-06-18 07:45 - 2015-06-18 07:45 - 00003938 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-515815168-1746495529-2309485121-1001UA
2015-06-18 07:45 - 2015-06-18 07:45 - 00003558 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-515815168-1746495529-2309485121-1001Core
2015-06-18 07:45 - 2015-06-18 07:45 - 00000000 ____D C:\Users\bibblebucket1\AppData\Local\Dropbox
2015-06-18 07:45 - 2015-06-18 07:45 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-17 22:24 - 2015-06-17 22:25 - 00281160 _____ C:\WINDOWS\Minidump\061715-119218-01.dmp
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-16 11:56 - 2014-12-13 10:01 - 00000000 ____D C:\Users\bibblebucket1\AppData\Roaming\BitTorrent
2015-07-16 11:54 - 2014-12-01 17:54 - 00000340 _____ C:\WINDOWS\Tasks\WSE_Vosteran.job
2015-07-16 11:53 - 2014-08-20 17:30 - 00000340 _____ C:\WINDOWS\Tasks\WSE_Astromenda.job
2015-07-16 11:12 - 2013-08-23 20:36 - 00000932 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-16 11:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-16 11:00 - 2012-09-19 03:58 - 00000360 _____ C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job
2015-07-16 06:11 - 2013-08-23 20:36 - 00000928 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-16 06:07 - 2013-08-23 20:36 - 00003904 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 06:06 - 2013-08-23 20:36 - 00003668 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 18:47 - 2014-08-04 13:39 - 01137263 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-15 18:31 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-07-15 18:15 - 2012-09-19 03:50 - 00000000 ____D C:\ProgramData\WinClon
2015-07-15 18:14 - 2013-08-23 20:35 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-515815168-1746495529-2309485121-1001
2015-07-15 18:10 - 2014-11-03 17:52 - 00000000 ____D C:\ProgramData\WinZip
2015-07-15 18:09 - 2013-08-23 20:28 - 00000000 ____D C:\Users\bibblebucket1\AppData\Local\CrashDumps
2015-07-15 16:41 - 2013-10-23 20:17 - 00000000 ___RD C:\Users\bibblebucket1\Dropbox
2015-07-15 16:41 - 2013-10-23 20:11 - 00000000 ____D C:\Users\bibblebucket1\AppData\Roaming\Dropbox
2015-07-15 16:37 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-15 16:31 - 2013-08-22 15:46 - 00373423 _____ C:\WINDOWS\setupact.log
2015-07-15 16:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-15 16:28 - 2014-03-18 09:16 - 00540802 _____ C:\WINDOWS\PFRO.log
2015-07-14 16:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-14 15:46 - 2013-08-23 20:37 - 00002205 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-14 14:25 - 2014-03-18 16:26 - 00338232 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-14 00:02 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\tracing
2015-07-13 05:51 - 2014-08-10 17:50 - 00000000 ____D C:\WINDOWS\Minidump
2015-07-13 05:50 - 2014-07-25 11:37 - 876739006 _____ C:\WINDOWS\MEMORY.DMP
2015-07-12 18:22 - 2014-08-04 12:54 - 00000000 ____D C:\Users\bibblebucket1
2015-07-08 10:30 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-07-08 10:24 - 2015-05-06 21:01 - 00000000 ____D C:\Users\bibblebucket1\AppData\Roaming\Update Manager
2015-07-06 22:24 - 2015-06-14 14:11 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-07-06 22:24 - 2015-06-14 14:11 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-05 11:08 - 2014-07-03 10:07 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-07-03 17:50 - 2015-03-02 00:08 - 00000000 ____D C:\Users\bibblebucket1\Desktop\invoices
2015-07-02 10:25 - 2014-09-08 20:07 - 00068096 ___SH C:\Users\bibblebucket1\Desktop\Thumbs.db
2015-07-01 10:01 - 2014-07-05 10:20 - 00000000 ____D C:\Users\bibblebucket1\AppData\Roaming\vlc
2015-06-29 19:04 - 2013-08-23 20:36 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-29 00:53 - 2014-08-25 19:30 - 00000212 _____ C:\Users\bibblebucket1\AppData\Roaming\WB.CFG
2015-06-25 17:42 - 2015-01-04 16:22 - 00001800 _____ C:\WINDOWS\BRRBCOM.INI
2015-06-24 14:46 - 2014-12-29 11:00 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-06-16 16:49 - 2013-11-18 10:16 - 03120128 ___SH C:\Users\bibblebucket1\Downloads\Thumbs.db
==================== Files in the root of some directories =======
2014-06-22 13:58 - 2014-06-22 14:00 - 0028456 __RSH () C:\Program Files (x86)\DLS8Uninstall.log
2014-08-25 19:30 - 2015-06-29 00:53 - 0000212 _____ () C:\Users\bibblebucket1\AppData\Roaming\WB.CFG
2014-12-02 19:53 - 2014-12-17 19:53 - 0000010 _____ () C:\Users\bibblebucket1\AppData\Local\DSI.DAT
2014-12-17 19:53 - 2014-12-17 19:53 - 0022528 _____ () C:\Users\bibblebucket1\AppData\Local\dsisetup10758432.exe
2014-12-02 19:53 - 2014-12-02 19:53 - 0022528 _____ () C:\Users\bibblebucket1\AppData\Local\dsisetup791875462.exe
2014-10-02 16:44 - 2014-10-02 16:44 - 0000000 _____ () C:\Users\bibblebucket1\AppData\Local\{8CC977A3-DDC4-4A18-9AD9-7AF6007B92EF}
2014-08-22 21:37 - 2014-08-22 21:37 - 0000000 _____ () C:\Users\bibblebucket1\AppData\Local\{D6242BCA-071C-430A-8C98-E56B7D61DDBF}
2012-09-19 03:58 - 2012-08-08 05:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-09-19 03:58 - 2012-08-07 11:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
Files to move or delete:
====================
C:\ProgramData\MakeMarkerFile.exe
C:\Users\EasySurvey\EasySurvey.exe
Some files in TEMP:
====================
C:\Users\bibblebucket1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbapioa.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-13 17:41
==================== End of log ============================
here is the second log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by bibblebucket1 at 2015-07-16 11:57:40
Running from C:\Users\bibblebucket1\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-515815168-1746495529-2309485121-500 - Administrator - Disabled)
bibblebucket1 (S-1-5-21-515815168-1746495529-2309485121-1001 - Administrator - Enabled) => C:\Users\bibblebucket1
fbwuser (S-1-5-21-515815168-1746495529-2309485121-1004 - Limited - Disabled) => C:\Users\fbwuser
fbwuser0B88 (S-1-5-21-515815168-1746495529-2309485121-1008 - Limited - Disabled) => C:\Users\fbwuser0B88
fbwuser124E (S-1-5-21-515815168-1746495529-2309485121-1012 - Limited - Disabled) => C:\Users\fbwuser124E
fbwuser5406 (S-1-5-21-515815168-1746495529-2309485121-1009 - Limited - Disabled) => C:\Users\fbwuser5406
fbwuser82D0 (S-1-5-21-515815168-1746495529-2309485121-1010 - Limited - Disabled) => C:\Users\fbwuser82D0
fbwuserC806 (S-1-5-21-515815168-1746495529-2309485121-1011 - Limited - Disabled) => C:\Users\fbwuserC806
fbwuserF244 (S-1-5-21-515815168-1746495529-2309485121-1013 - Limited - Disabled) => C:\Users\fbwuserF244
Guest (S-1-5-21-515815168-1746495529-2309485121-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-515815168-1746495529-2309485121-1006 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Disabled - Out of date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Disabled - Out of date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Disabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.2.443 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 4 Master Collection (HKLM-x32\...\Adobe_7e74552a59eaf9fafd13f90894ac9bd) (Version: 4.0 - Adobe Systems Incorporated)
Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}) (Version: 10.0.2.54 - Adobe Systems, Inc.)
Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
Amazon Kindle (HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Amazon Kindle) (Version: - Amazon)
AMD Catalyst Install Manager (HKLM\...\{8C6A4815-2E50-7B6E-9159-6608871EB5BF}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.3.26.0 - AppEx Networks)
AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Avery Wizard 5.0 (HKLM\...\{FC3B3A5D-7058-4627-9F1E-F95CC38B6054}) (Version: 5.0.5 - Avery)
AVG PC TuneUp 2014 (en-GB) (x32 Version: 14.0.1001.423 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.423 - AVG)
AVG PC TuneUp 2014 (x32 Version: 14.0.1001.423 - AVG) Hidden
BitTorrent (HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.)
Brother MFL-Pro Suite DCP-J4120DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.4.0 - Brother Industries, Ltd.)
Clip2Net 0.9.4b (HKLM-x32\...\Clip2Net_is1) (Version: - AU78)
Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.)
DYMO Label v.8 (HKLM-x32\...\DYMO Label v.8) (Version: 8.3.0.1242 - Sanford, L.P.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elite Dangerous Launcher version 0.4.1765.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.1765.0 - Frontier Developments)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
free-4-pc bundle (HKLM-x32\...\free-4-pc bundle) (Version: 2.0.0.5 - free-4-pc)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Help Desk (HKLM\...\{D93F0B49-12AA-4AE6-8349-0ECB13B9532F}) (Version: 1.0.5 - Samsung Electronics CO., LTD.)
Hotspot Shield 4.15 (HKLM-x32\...\HotspotShield) (Version: 4.15 - AnchorFree Inc.)
kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Microsoft Lync 2010 (HKLM\...\{81BE0B17-563B-45D4-B198-5721E6C665CD}) (Version: 4.0.7577.4461 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.45 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.11 - Symantec Corporation) Hidden
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
PlanetSide 2 (HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\SOE-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version: - PopCap Games)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.209 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6702 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.6.5 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Scansoft PDF Professional (x32 Version: - ) Hidden
Secure Download Manager (HKLM-x32\...\{E040B65B-8683-4228-8C33-D44A141E40EA}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Settings Manager (HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\Settings Manager) (Version: 21.4.0.1 - Spigot, Inc.) <==== ATTENTION
Speedial (HKLM-x32\...\Speedial) (Version: - Speedial) <==== ATTENTION!
Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Support Center (HKLM\...\{AC0273F1-68A3-42CF-B487-C594B0A92F8D}) (Version: 2.0.12 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.3 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{391A07F0-748F-474F-986C-F03934F98F6E}) (Version: 2.0.19 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.11.1 - Synaptics Incorporated)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)
Unity Web Player (HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
User Guide (HKLM-x32\...\{66172F70-0BDE-4BAB-A973-E2E4EF501F6D}) (Version: 1.2.00 - Samsung Electronics CO., LTD.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WD Drive Utilities (HKLM-x32\...\{72E40002-8CEC-47C1-A099-83AC8E173BF0}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{83270912-15C7-4336-822E-E8F1B1BBCA60}) (Version: 1.0.3.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}) (Version: 1.6.4.7 - Western Digital Technologies, Inc.)
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735) (HKLM\...\9F04C462DAB591BDCCE784F77E4D4F1736010B92) (Version: 07/27/2012 20.57.1.735 - Samsung Electronics Co. Ltd.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240ED}) (Version: 19.5.11532 - WinZip Computing, S.L. )
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
WSE Rocket (HKLM-x32\...\WSE Rocket) (Version: - WSE Rocket) <==== ATTENTION!
WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version: - WSE_Astromenda) <==== ATTENTION!
WSE_Vosteran (HKLM-x32\...\WSE_Vosteran) (Version: - WSE_Vosteran) <==== ATTENTION!
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{0207CA76-8233-4478-9A40-607AC304C435}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{2BB2DE4F-FCDF-46F2-9723-5B1959E1BDE0}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{95775FC2-FFFA-4432-A4BC-352AB1A84581}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{BE892433-7479-4231-AB95-A313BDA3D409}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{D0E9EEAE-9AC7-4204-BA07-B72DD6077E82}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Avery\Avery Wizard 5.0\AvWizRes.dll (Avery Products Corporation. Envel Informationssysteme GmbH.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{D2776BCC-5F09-4068-B4E2-7EE1202F95CF}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Avery\Avery Wizard 5.0\EnvBCode.ocx (Envel Informationssysteme GmbH)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-515815168-1746495529-2309485121-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00CD76F1-D4E6-4125-A02E-ED0166393312} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {07736EE8-2192-4E15-A52B-5C7F16BCC854} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-09-17] (SEC)
Task: {136B747D-E273-44A7-B884-43549BDABE9A} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {1FE52322-05CF-4B86-88C2-230B4C1F5993} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2AA17891-BAC0-491F-9269-913D94E05CD2} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-09-14] (Samsung Electronics CO., LTD.)
Task: {3937CFCF-EECD-4C0F-97ED-1282DA2C8671} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: {46E957D8-F993-416F-A946-500C7E809BD7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-23] (Google Inc.)
Task: {55117C80-DC4A-4F97-AD02-EE4ACC359019} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\msoia.exe
Task: {6258514D-6D79-48CB-82F7-84351242B84C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-515815168-1746495529-2309485121-1001Core => C:\Users\bibblebucket1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {65CBDADE-3BC5-4BCF-AC52-3D23722D73A3} - System32\Tasks\WSE_Vosteran => C:\Users\bibblebucket1\AppData\Roaming\WSE_Vosteran\UpdateProc\UpdateTask.exe [2014-12-01] () <==== ATTENTION
Task: {84519659-0E6A-4C20-AC3E-902EEA032291} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-06-12] (Synaptics Incorporated)
Task: {9156DACE-469B-48C9-B8BC-4472E1B779D0} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-09-05] (Samsung Electronics CO., LTD.)
Task: {9AFDCE98-F2E3-4513-8E36-29D4DEA7AF1E} - System32\Tasks\WSE_Astromenda => C:\Users\bibblebucket1\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-12-31] () <==== ATTENTION
Task: {9B18EC55-2BE6-4215-B2DD-3EF892506C65} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-23] (Google Inc.)
Task: {9F528BB4-DB29-42EE-9831-090732FA199A} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B16B4216-110B-450C-81EA-C971DBE65523} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe
Task: {B8DFA1EA-8260-41F2-8276-C7D4E2C68213} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {BDF08D92-A75C-4D0B-9C0A-B6C8FC47CE3C} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {C1FE76CC-D609-4345-84D8-C3FF0104426B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-10] (Microsoft Corporation)
Task: {C3B521B5-3306-4DFA-9560-6BB756E317BC} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-06-16] (Symantec Corporation)
Task: {D38908C0-0CE1-481E-910E-92AD310CF7FF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-515815168-1746495529-2309485121-1001UA => C:\Users\bibblebucket1\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.)
Task: {D85E0B9D-6E5E-4A6C-93C7-0630A12F5C97} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {DCD799A5-ACB2-472A-9579-007056ED000A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\msoia.exe
Task: {F9469DEE-F7E3-45BD-BB1F-4FDF8BA0A0CC} - System32\Tasks\MakeMarkerFile => %ProgramData%\MakeMarkerFile.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-515815168-1746495529-2309485121-1001Core.job => C:\Users\bibblebucket1\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-515815168-1746495529-2309485121-1001UA.job => C:\Users\bibblebucket1\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\WSE_Astromenda.job => 0x0306010057ADD92D9443F3408746C48A85DACA0C460022010000000044440000200000000014730F000000000013040020208021DF070700040010000B0035000000DB000000410043003A005C00550073006500720073005C0042004900420042004C0045007E0031005C0041007000700044006100740061005C0052006F0061006D0069006E0067005C005700530045005F00410053007E0031005C005500500044004100540045007E0031005C005500500044004100540045007E0031002E00450058004500000007002F0043006800650063006B00000000001B0062006900620062006C0065006200750063006B00650074005C0062006900620062006C0065006200750063006B0065007400310000000000000008000000000000000000010030000000D4070800020000000000000001003500A00500003C0000000000000001000000010000000000000000000000
Task: C:\WINDOWS\Tasks\WSE_Vosteran.job => C:\Users\BIBBLE~1\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe
==================== Loaded Modules (Whitelisted) ==============
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-08-06 13:47 - 2014-03-12 20:09 - 08884904 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00085112 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2015-03-30 23:18 - 2015-03-30 23:18 - 00589608 _____ () C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
2015-01-04 16:18 - 2005-04-22 05:36 - 00143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2012-09-14 04:42 - 2012-09-14 04:42 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2014-08-20 17:29 - 2014-10-10 19:16 - 01043968 _____ () C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
2015-05-22 17:44 - 2015-05-22 17:44 - 00897520 _____ () C:\Users\bibblebucket1\AppData\Roaming\Settings Manager\SettingsManager.exe
2012-09-14 11:18 - 2012-09-14 11:18 - 04238968 _____ () C:\Program Files\Samsung\Support Center\GuaranaAgent.exe
2012-09-05 08:50 - 2012-09-05 08:50 - 00026744 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00060536 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00103544 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2015-03-30 23:17 - 2015-03-30 23:17 - 01749288 _____ () C:\Program Files (x86)\Hotspot Shield\bin\af_proxy.dll
2015-03-30 23:26 - 2015-03-30 23:26 - 00616232 _____ () C:\Program Files (x86)\Hotspot Shield\bin\HssRep.4.15.dll
2015-03-03 21:44 - 2015-03-03 21:44 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00028792 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 01012856 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-09-05 08:50 - 2012-09-05 08:50 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2011-01-28 20:14 - 2011-01-28 20:14 - 00094208 _____ () C:\Program Files (x86)\DYMO\DYMO Label Software\DYMO.Common.dll
2012-09-19 03:55 - 2012-06-08 04:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 03:34 - 2012-06-08 03:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-07-15 16:37 - 2015-07-15 16:37 - 00043008 _____ () c:\Users\bibblebucket1\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbapioa.dll
2015-03-04 22:45 - 2015-03-19 08:15 - 00750080 _____ () C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 22:45 - 2015-03-19 08:15 - 00047616 _____ () C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 22:45 - 2015-03-19 08:15 - 00865280 _____ () C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 22:45 - 2015-03-19 08:15 - 00200704 _____ () C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-07-12 19:07 - 2015-03-19 08:15 - 00010240 _____ () C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-03-19 08:15 - 00726016 _____ () C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-12 19:07 - 2015-03-19 08:15 - 00010240 _____ () C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-01-04 16:15 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\sharepoint.com -> hxxps://maidenhillschool.sharepoint.com
IE trusted site: HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img12.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "vProt"
HKLM\...\StartupApproved\Run32: => "Communicator"
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-515815168-1746495529-2309485121-1001\...\StartupApproved\Run: => "AdobeBridge"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CD84EDE2-D3FF-4C03-8B9C-CF9CF89BDA70}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{80CE6C2D-BB58-40AE-8C44-C47A954B2B27}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [UDP Query User{93EEFD9C-A222-4B43-BF15-FE8B452F2C43}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [TCP Query User{9945D442-C992-4851-98FC-D35A4EBA00BF}C:\program files (x86)\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\tera\tera-launcher.exe
FirewallRules: [UDP Query User{712D58E0-8DD6-470C-B5C5-0C64A7B73CF8}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{6F375649-5463-4869-9F94-33792DC721D6}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{37F31F80-AB52-48A8-88E8-75A9CA301C98}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{C6B33620-E856-490E-A192-B1AC863C92B5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{257F3770-2BBC-44FA-852D-969657E4B624}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A0516878-FD5E-46EA-B476-09A587829C52}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{F666ADDC-B153-4685-A8D8-0D03F9C777E0}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [TCP Query User{185B11D0-D313-4017-8F2E-DA9E3A2DF920}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{1C089CB7-FC2E-4E04-9580-A6487B6A4419}C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe
FirewallRules: [TCP Query User{89D19706-000D-4CA3-BC12-6D20518273D6}C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe] => (Allow) C:\users\public\sony online entertainment\installed games\planetside 2 psg\planetside2.exe
FirewallRules: [UDP Query User{8998C44D-964E-460A-A2A8-93A03FE78AA4}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{18D631FB-4704-4D2F-8E40-5E8CDC41F6CC}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{0C1EAB3A-94DA-4828-BA45-E7296B5AEF72}C:\users\bibblebucket1\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\bibblebucket1\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4B0584C2-A8F3-4C48-91D0-0164B7E0D1CE}C:\users\bibblebucket1\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\bibblebucket1\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{F9768D2D-73A4-44D8-881E-7156B2BBAB86}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{854716D8-D445-47C1-8DF4-D1ED29963FFC}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{6A769E86-EFE3-46C2-B027-6F702817C49E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8B493322-C4DD-4D70-9F8C-A7EC3515C409}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E30A0338-220F-48BA-94D0-FB49042DDA7F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1558A73A-BDD2-4F0C-AF81-36EBE56B35DD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{040BA406-EBD2-49BC-A5A4-53FC9969EFFF}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{C4E9308E-3320-4AD3-8B00-3D3200758994}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe
FirewallRules: [{DB4A51DB-69CE-48B3-A7DF-DD4376860297}] => (Allow) LPort=51001
FirewallRules: [{FC83AFD7-4800-4F7B-B86F-94F4F06106F3}] => (Allow) LPort=51000
FirewallRules: [{732D7ACC-72E4-4D4A-B8B5-567393AB747C}] => (Allow) LPort=3704
FirewallRules: [{6D66E561-FA0A-46F2-91E7-476FEE987CB0}] => (Allow) LPort=3703
FirewallRules: [{783B7B83-61F7-4924-9810-70C7A6500AD9}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{78233243-38FE-4D34-B665-469139AA2735}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{6659F786-D7F8-4453-83E8-809975C07929}] => (Allow) LPort=5353
FirewallRules: [{791BF3F4-85F5-4524-8478-F88C78ECAC34}] => (Allow) C:\Users\bibblebucket1\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{AD163CF9-710D-47B5-8D5C-ADC9EA3D3BA7}] => (Allow) C:\Users\bibblebucket1\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1F2CE9B7-6B61-4F5B-A09C-8D65E48B87B7}] => (Allow) LPort=1900
FirewallRules: [{01004575-EDC3-46D4-AB0C-C9D6CC74F459}] => (Allow) LPort=2869
FirewallRules: [{8CA8B631-F2D8-48EE-A7AC-032E71050173}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{56E1CFC4-48E3-4BAB-A573-3C9B21EA376A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{0189B57F-AEAF-4419-AFF4-1CC3C37B365B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{9975384C-9363-4B02-BFE1-4C83613C4B7A}] => (Allow) C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{ECE0790F-A91B-4303-8A60-6953AA97C1EF}] => (Allow) C:\Users\bibblebucket1\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B4CE0025-741F-4E7D-B269-EF21B8045B93}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{4B6B6EF5-D9E8-47DE-A5ED-3C157B84BD23}] => (Allow) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
FirewallRules: [{A0AD0112-C28F-485E-83C0-8C55475E4BC7}] => (Allow) C:\Program Files\Microsoft Lync\UcMapi64.exe
FirewallRules: [TCP Query User{421F2EAC-EB06-41B4-8FEA-E12D833C943D}C:\users\bibblebucket1\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\bibblebucket1\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{6F9F9838-0463-4528-A25F-E145287B6920}C:\users\bibblebucket1\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\bibblebucket1\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{DAEE4BFC-846F-45FD-81EE-97198FFDCE5D}] => (Allow) C:\Users\bibblebucket1\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7698D9DF-2F4E-41A9-A172-A92B8F0BCBB2}] => (Allow) C:\Users\bibblebucket1\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{6514FA54-A7E9-4DB2-848D-B90AB7964447}C:\users\bibblebucket1\appdata\local\frontier_developments\products\forc-fdev-d-1003\elitedangerous32.exe] => (Allow) C:\users\bibblebucket1\appdata\local\frontier_developments\products\forc-fdev-d-1003\elitedangerous32.exe
FirewallRules: [UDP Query User{EB985AE2-4F7C-4D44-8698-D4B29C5B61EA}C:\users\bibblebucket1\appdata\local\frontier_developments\products\forc-fdev-d-1003\elitedangerous32.exe] => (Allow) C:\users\bibblebucket1\appdata\local\frontier_developments\products\forc-fdev-d-1003\elitedangerous32.exe
FirewallRules: [{2A867EE9-EC82-4B9A-8F42-1421EFABE64B}] => (Allow) LPort=54925
FirewallRules: [{978DC8CD-C0BA-4C39-B2B2-4DC31738790E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/15/2015 06:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SynTPEnh.exe, version: 19.0.11.1, time stamp: 0x55765a4b
Faulting module name: SynCOM.dll, version: 19.0.11.1, time stamp: 0x557656e7
Exception code: 0xc0000005
Fault offset: 0x0000000000017989
Faulting process ID: 0x9d8
Faulting application start time: 0xSynTPEnh.exe0
Faulting application path: SynTPEnh.exe1
Faulting module path: SynTPEnh.exe2
Report ID: SynTPEnh.exe3
Faulting package full name: SynTPEnh.exe4
Faulting package-relative application ID: SynTPEnh.exe5
Error: (07/15/2015 06:02:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_SysMain, version: 6.3.9600.17415, time stamp: 0x54504177
Faulting module name: sysmain.dll, version: 6.3.9600.17415, time stamp: 0x545041b7
Exception code: 0xc0000305
Fault offset: 0x000000000001cf9f
Faulting process ID: 0x9ac
Faulting application start time: 0xsvchost.exe_SysMain0
Faulting application path: svchost.exe_SysMain1
Faulting module path: svchost.exe_SysMain2
Report ID: svchost.exe_SysMain3
Faulting package full name: svchost.exe_SysMain4
Faulting package-relative application ID: svchost.exe_SysMain5
Error: (07/15/2015 05:44:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program DllHost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1a34
Start Time: 01d0bf1d5eb0f0b1
Termination Time: 40531
Application Path: C:\WINDOWS\system32\DllHost.exe
Report Id: aafca821-2b10-11e5-8013-50b7c357ec82
Faulting package full name:
Faulting package-relative application ID:
Error: (07/15/2015 05:16:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1bd8
Start Time: 01d0bf16679e3e5c
Termination Time: 13031
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: c3640477-2b0c-11e5-8013-50b7c357ec82
Faulting package full name:
Faulting package-relative application ID:
Error: (07/15/2015 05:10:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 98c
Start Time: 01d0bf14330e7ba4
Termination Time: 15156
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 006005c0-2b0c-11e5-8013-50b7c357ec82
Faulting package full name:
Faulting package-relative application ID:
Error: (07/15/2015 04:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: MakeMarkerFile.exe, version: 1.0.0.2, time stamp: 0x5021e5e8
Faulting module name: MakeMarkerFile.exe, version: 1.0.0.2, time stamp: 0x5021e5e8
Exception code: 0xc0000417
Fault offset: 0x000000000014d7cc
Faulting process ID: 0x624
Faulting application start time: 0xMakeMarkerFile.exe0
Faulting application path: MakeMarkerFile.exe1
Faulting module path: MakeMarkerFile.exe2
Report ID: MakeMarkerFile.exe3
Faulting package full name: MakeMarkerFile.exe4
Faulting package-relative application ID: MakeMarkerFile.exe5
Error: (07/15/2015 07:55:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17840 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 18d0
Start Time: 01d0be630659a153
Termination Time: 1281
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Report Id: 6ac1d5be-2abe-11e5-8012-50b7c357ec82
Faulting package full name:
Faulting package-relative application ID:
Error: (07/14/2015 09:16:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
.
Error: (07/14/2015 09:16:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
System Error:
The system cannot find the file specified.
.
Error: (07/14/2015 09:16:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
System Error:
The system cannot find the file specified.
.
System errors:
=============
Error: (07/16/2015 11:53:26 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.
Error: (07/16/2015 11:53:26 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.
Error: (07/16/2015 11:40:18 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.
Error: (07/16/2015 11:40:18 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.
Error: (07/16/2015 11:37:23 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.
Error: (07/16/2015 11:34:35 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.
Error: (07/15/2015 09:40:53 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 252.
Error: (07/15/2015 07:12:00 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106.
Error: (07/15/2015 06:49:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106.
Error: (07/15/2015 06:16:13 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 106.
Microsoft Office:
=========================
Error: (07/15/2015 06:09:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SynTPEnh.exe19.0.11.155765a4bSynCOM.dll19.0.11.1557656e7c000000500000000000179899d801d0bf137fe15bebC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\system32\SynCOM.dll33222e4e-2b14-11e5-8013-50b7c357ec82
Error: (07/15/2015 06:02:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_SysMain6.3.9600.1741554504177sysmain.dll6.3.9600.17415545041b7c0000305000000000001cf9f9ac01d0bf137fdc95e9C:\WINDOWS\system32\svchost.exec:\windows\system32\sysmain.dll5141273d-2b13-11e5-8013-50b7c357ec82
Error: (07/15/2015 05:44:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: DllHost.exe6.3.9600.174151a3401d0bf1d5eb0f0b140531C:\WINDOWS\system32\DllHost.exeaafca821-2b10-11e5-8013-50b7c357ec82
Error: (07/15/2015 05:16:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.178401bd801d0bf16679e3e5c13031C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEc3640477-2b0c-11e5-8013-50b7c357ec82
Error: (07/15/2015 05:10:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1784098c01d0bf14330e7ba415156C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE006005c0-2b0c-11e5-8013-50b7c357ec82
Error: (07/15/2015 04:40:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MakeMarkerFile.exe1.0.0.25021e5e8MakeMarkerFile.exe1.0.0.25021e5e8c0000417000000000014d7cc62401d0bf137797625eC:\ProgramData\MakeMarkerFile.exeC:\ProgramData\MakeMarkerFile.exed150250c-2b07-11e5-8013-50b7c357ec82
Error: (07/15/2015 07:55:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1784018d001d0be630659a1531281C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE6ac1d5be-2abe-11e5-8012-50b7c357ec82
Error: (07/14/2015 09:16:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddWin32ServiceFiles: Unable to back up image of service Avast Antivirus since QueryServiceConfig API failed
System Error:
The system cannot find the file specified.
Error: (07/14/2015 09:16:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary avast! VM Monitor.
System Error:
The system cannot find the file specified.
Error: (07/14/2015 09:16:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary aswSP.
System Error:
The system cannot find the file specified.
CodeIntegrity Errors:
===================================
Date: 2015-07-14 16:24:37.123
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-07-14 16:10:43.170
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-23 20:40:52.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-23 20:40:50.661
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-23 20:40:49.123
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-23 20:40:47.874
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-23 20:40:46.534
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-23 20:40:45.376
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-23 20:40:43.470
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-03-23 20:40:41.935
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD A6-4400M APU with Radeon HD Graphics
Percentage of memory in use: 45%
Total physical RAM: 5595.1 MB
Available physical RAM: 3050.4 MB
Total Virtual: 11227.1 MB
Available Virtual: 7762.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:441.15 GB) (Free:218.29 GB) NTFS
Drive d: (My Disc) (CDROM) (Total:0.32 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
==================== End of log ============================