Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HP Notebook needs reanimation

slow windows 10 hp pavilion dm1 help problem

  • Please log in to reply

#1
Fidel Castro

Fidel Castro

    Member

  • Member
  • PipPipPip
  • 162 posts

Hello.

 

I haven't been on this forum for years (luckily cuz I was here only when I had problems) but now I need some help again.

 

I'll try to make this first post as short as possible and then I can provide detailed information, as needed.

 

The problem is with my small 13'' HP Pavilion Notebook (model dm1). It's not a good one (to avoid more specific terms) but I can't compare it to the performance I had when I bought it, like 2 years ago.

 

In short, I've never played games on it but I never had problems with anything else.

 

Nowadays, my basic surfing on 'Mozilla Forefox' has become too slow and watching Youtube videos became a nightmare. I used to watch 720p video (fullscreen) on it with no problems. Now it's lagging even when watching 360p videos, not fullscreen. I even have problems watching offline videos of better quality (720p/1080p). Depending on the player, it lags, video and audio is not sycnchonized or audio is even missing while the video is slowed down.

 

Basically, the performance was never great but now it's tragic to say at least.

 

Here's a quick overview of the system.

 

cpu.png

 

As you can see, I'm using Windows 10 but I just recently upgraded. The upgrade didn't change anything significantly, better or worse. It's basically the same as it was with Windows 7 which I was running last week.

 

Regarding hardware, I know I cannot change the CPU which is the weak point of the system and the only upgrade I could make would be putting an SSD but that would be a high investement which I'm not willing to go for. I've cleaned the system from dust, change the thermal paste and did everything I could but nothing helped..

 

So I have to focus on the software now. Some people advised me to go for Windows XP but I don't want to, mainly due to security reasons. I've tried updating the drivers but that didn't go so successful either. I'm not using any bloatware and besides some (essential) HP programs, nothing is running in the background (at least at first look). Even MalwareBytes is closed, I open it only to scan the system from time to time and then close it again.

 

I consider myself a very light user on this notebook because 90% of the time I'm running 'Mozilla Firefox' with 4-5 tabs opened and Viber. Ocassionally I open Photoshop but just to edit a photo or two and then I close it right away.  That's why it's frustrating when I try  to watch a youtube video and it lags so much that makes it unwatchable.

 

I hope that's enough info to start with. I'm afraid this is not caused due to some viruses or malware but I still hope you can help me because I always had great experiences with 'geeks' on this forum.

 

 

Regarding reports... Last time I used 'HijackThis' (yeah, a long time ago) but now I see reports with 'FRST64'. I've downloaded it but when I try to open it says that the app cannot run on my PC.

 

pc.png

 

I'll be active and ready to provide any additional information needed to improve the performance of my notebook.

 

Thanks a lot in advance,

 

Fidel


Edited by Fidel Castro, 04 August 2015 - 12:16 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,012 posts
  • MVP

FRST64 won't work because you have a 32 bit operating system  You need to try the 32 bit version  FRST.exe.  Remember to right click and Run As Admin.

 

http://www.bleepingc...very-scan-tool/

 

Click the Addition box before Scan and post both logs.

 

Also see if Process Explorer will work:

 

Get Process Explorer

http://live.sysinter...com/procexp.exe
Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures


Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  

Wait a full minute then:

File, Save As, Save.  Open the file Procexp.txt on your desktop and copy and paste the text to a reply.
 

 

Try Speccy:

Get the free version of Speccy:

http://www.filehippo.com/download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  Download, Save and Install it.  

Close all browsers and open progrms before running Speccy.  Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  (It will be near the top about 10 lines down.)  Save the file and close notepad  Attach the file to your next post as it is usually too large for the forum (Click on More Reply Options then Choose file, select the file, Open, Attach this File) Uninstall Speccy.

 

Also see if you can do any of this:

 

Right click on (My) Computer and select Manage (Continue) Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.

Reboot.

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).

sfc  /scannow

(This will check your critical system files. Does this finish without complaint?  If it says it couldn't fix everything then:

Copy the next two lines:

findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \windows\logs\cbs\junk.txt
notepad \windows\logs\cbs\junk.txt

Start, All Programs, Accessories, right click on Command Prompt and Run as Administrator, Continue.  Right click and Paste or Edit then Paste and the copied line should appear.
Hit Enter. Copy and paste the text from notepad or if it is too big, just attach the file.)


1. Please download the Event Viewer Tool by Vino Rosso
http://images.malwar...om/vino/VEW.exe
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:

* System
4. Under 'Select type to list', select:
* Error
* Warning


Then use the 'Number of events' as follows:


1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.


Please post the Output log in your next reply then repeat but select Application.

 

 


  • 0

#3
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

I'll come back when I rip apart the logs and reports because it's too long for replies. I'll try attaching separate ones later on...


Edited by Fidel Castro, 05 August 2015 - 01:37 PM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,012 posts
  • MVP

Separate posts are fine.  You can attach them if you like.  Press the More Reply Options then the Browse button, select the file and then Open.  Then Attach This File.


  • 0

#5
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Alright, the 'basic' FRST log was the longest one. I couldn't fit it even in few posts so I just attached a 'FRST report.txt' file to the post.

 

Since I attached the 'basic' one, the 'additional report' is attached as well. Find it under the 'FRST Additional.txt' name

 

Here is the 'Process Explorer' log: (note that I followed the steps but got 'System Idle Process' txt file, not the 'Procexp' you mentioned.
 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer

procexp.exe    54.87    63.344 K    78.452 K    7020    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation

System    9.55    848 K    277.628 K    4            

System Idle Process    9.49    0 K    8 K    0            

SynTPEnh.exe    6.12    5.552 K    16.716 K    4836    Synaptics TouchPad 32-bit Enhancements    Synaptics Incorporated    (Verified) Synaptics Incorporated

Viber.exe    4.99    199.380 K    95.852 K    6028    Viber        (Verified) Viber Media S.a.r.l

dwm.exe    3.35    16.764 K    27.408 K    924    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows

Interrupts    3.28    0 K    0 K    n/a    Hardware Interrupts and DPCs        

firefox.exe    2.52    788.384 K    680.028 K    3516    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation

explorer.exe    1.45    59.504 K    88.872 K    4392    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows

raptr.exe    1.04    151.320 K    12.664 K    4636    Raptr Desktop App    Raptr, Inc    (Verified) Raptr

csrss.exe    0.92    1.400 K    8.092 K    568    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe    0.72    11.388 K    21.580 K    420    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

mbam.exe    0.50    28.760 K    37.900 K    3580    Malwarebytes Anti-Malware    Malwarebytes Corporation    (Verified) Malwarebytes Corporation

MsMpEng.exe    0.22    109.036 K    66.800 K    2696    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation

svchost.exe    0.17    14.756 K    21.888 K    1088    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

mbamservice.exe    0.14    308.136 K    77.520 K    1604    Malwarebytes Anti-Malware    Malwarebytes Corporation    (Verified) Malwarebytes Corporation

svchost.exe    0.13    13.636 K    20.748 K    1832    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe    0.11    2.968 K    7.360 K    824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

CodeMeter.exe    0.08    2.864 K    10.296 K    1344    CodeMeter Runtime Server    WIBU-SYSTEMS AG    (Verified) WIBU-SYSTEMS AG

raptr_im.exe    0.07    12.688 K    3.488 K    5824    Raptr Desktop App    Raptr, Inc    (Verified) Raptr

svchost.exe    0.06    4.624 K    13.520 K    772    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

services.exe    0.06    2.460 K    6.040 K    676    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe    0.03    20.096 K    37.580 K    972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

MOM.exe    0.03    16.528 K    5.396 K    1000    Catalyst Control Center: Monitoring program    Advanced Micro Devices Inc.    (Verified) Advanced Micro Devices

RtWLan.exe    0.02    4.888 K    11.808 K    2712    RtWLan ( For Vista / Win7) Application(External Registrar)    Realtek Semiconductor Corp.    (No signature was present in the subject) Realtek Semiconductor Corp.

svchost.exe    0.01    47.476 K    59.200 K    1024    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

lsass.exe    0.01    3.992 K    11.840 K    684    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher

taskhostw.exe    0.01    6.268 K    15.432 K    3956    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows

CCC.exe    0.01    51.972 K    6.908 K    5504    Catalyst Control Center: Host application    Advanced Micro Devices Inc.    (Verified) Advanced Micro Devices

HPOSD.exe    < 0.01    4.468 K    11.816 K    4820    HP On Screen Display    Hewlett-Packard Development Company, L.P.    (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.

YCMMirage.exe    < 0.01    1.392 K    656 K    5196    YouCam Mirage    CyberLink    (Verified) CyberLink

ezSharedSvcHost.exe    < 0.01    904 K    5.184 K    752    Shared EasyBits services for Windows    EasyBits Software AS    (Certificate expired) EasyBits Software AS

HPSA_Service.exe    < 0.01    15.692 K    18.304 K    5684    HP Support Assistant Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company

RtlService.exe    < 0.01    784 K    4.328 K    2516    RtlService MFC Application    Realtek    (No signature was present in the subject) Realtek

audiodg.exe    < 0.01    7.136 K    11.748 K    188    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows

csrss.exe    < 0.01    868 K    3.616 K    448    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe    < 0.01    3.052 K    9.136 K    1104    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

MpCmdRun.exe    < 0.01    2.944 K    9.064 K    1420    Microsoft Malware Protection Command Line Utility    Microsoft Corporation    (Verified) Microsoft Corporation

stacsv.exe    < 0.01    4.700 K    9.124 K    1268    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher

hpservice.exe    < 0.01    860 K    4.300 K    1512    HpService    Hewlett-Packard Company    (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company

WmiPrvSE.exe        4.840 K    11.408 K    5388    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows

WmiPrvSE.exe        1.708 K    7.276 K    5608    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows

WmiPrvSE.exe        1.312 K    6.332 K    4812    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows

wlanext.exe        1.092 K    4.648 K    1908    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation    (Verified) Microsoft Windows

winlogon.exe        1.616 K    8.324 K    628    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows

wininit.exe        704 K    3.700 K    560    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher

taskeng.exe        1.348 K    7.368 K    2132    Task Scheduler Engine    Microsoft Corporation    (Verified) Microsoft Windows

SystemSettingsBroker.exe        2.696 K    12.908 K    7992    System Settings Broker    Microsoft Corporation    (Verified) Microsoft Windows

SynTPHelper.exe        872 K    4.320 K    5728    Synaptics Pointing Device Helper    Synaptics Incorporated    (Verified) Synaptics Incorporated

SynTPEnhService.exe        696 K    3.312 K    2592    32-bit Synaptics Pointing Enhance Service    Synaptics Incorporated    (Verified) Synaptics Incorporated

svchost.exe        7.552 K    23.840 K    1096    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe        2.548 K    7.164 K    2296    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe        5.588 K    13.784 K    1440    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe        3.688 K    13.568 K    2636    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe        2.292 K    6.724 K    2012    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe        1.068 K    4.780 K    2784    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe        3.348 K    14.532 K    2972    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe        10.812 K    11.164 K    2732    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

svchost.exe        1.396 K    4.176 K    4276    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher

sttray.exe        7.692 K    14.212 K    5568    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher

spoolsv.exe        4.288 K    10.932 K    1732    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows

SMSvcHost.exe        10.420 K    11.700 K    2880    SMSvcHost.exe    Microsoft Corporation    (Verified) Microsoft Corporation

SMSvcHost.exe        12.860 K    17.356 K    2540    SMSvcHost.exe    Microsoft Corporation    (Verified) Microsoft Corporation

smss.exe        224 K    848 K    308    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher

sihost.exe        4.044 K    17.376 K    2572    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows

ShellExperienceHost.exe    Suspended    25.848 K    55.596 K    5788    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows

SettingSyncHost.exe        2.012 K    3.248 K    7788    Host Process for Setting Synchronization    Microsoft Corporation    (Verified) Microsoft Windows

SearchUI.exe    Suspended    34.460 K    42.408 K    7084    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows

SearchIndexer.exe        31.292 K    30.720 K    4520    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows

RuntimeBroker.exe        21.880 K    31.272 K    1068    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows

rndlresolversvc.exe        784 K    4.372 K    2508            (Verified) RealNetworks

notepad.exe        1.520 K    10.120 K    6900    Notepad    Microsoft Corporation    (Verified) Microsoft Windows

NisSrv.exe        10.796 K    5.376 K    4060    Microsoft Network Realtime Inspection Service    Microsoft Corporation    (Verified) Microsoft Corporation

NetworkUXBroker.exe        4.500 K    13.200 K    7008    Network UX Broker    Microsoft Corporation    (Verified) Microsoft Windows

mqsvc.exe        3.080 K    9.624 K    2168    Message Queuing Service    Microsoft Corporation    (Verified) Microsoft Windows

mbamscheduler.exe        3.840 K    9.424 K    1708    Malwarebytes Anti-Malware    Malwarebytes Corporation    (Verified) Malwarebytes Corporation

hpqWmiEx.exe        1.404 K    7.792 K    5716    HP Software Framework WMI Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company

HPDrvMntSvc.exe        724 K    3.796 K    1600    HP Quick Synchronization Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company

HPClientServices.exe        1.552 K    6.820 K    788    HP Client Services    Hewlett-Packard Company    (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company

HelpPane.exe        3.820 K    18.592 K    5380    Microsoft Help and Support    Microsoft Corporation    (Verified) Microsoft Windows

GrooveMonitor.exe        2.100 K    11.460 K    3220    GrooveMonitor Utility    Microsoft Corporation    (Verified) Microsoft Corporation

Fuel.Service.exe        1.144 K    5.524 K    356    AMD Fuel Service    Advanced Micro Devices, Inc.    (No signature was present in the subject) Advanced Micro Devices, Inc.

fontdrvhost.exe        872 K    8.248 K    2496    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows

dllhost.exe        1.384 K    7.188 K    4860    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows

dasHost.exe        3.412 K    9.008 K    3396    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows

CoolSense.exe        1.852 K    10.100 K    4564    HP CoolSense    Hewlett-Packard Development Company, L.P.    (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.

conhost.exe        492 K    2.976 K    1932    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows

BtwRSupportService.exe        1.416 K    5.608 K    2024    Bluetooth Radio Management Support    Broadcom Corporation.    (Verified) Broadcom Corporation

ApplicationFrameHost.exe        11.772 K    18.000 K    3232    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows

AMDQuickStream.exe        2.312 K    10.340 K    4532    AMD Quick Stream    AppEx Networks Corporation    (Verified) AppEx Networks Corporation

alg.exe        1.048 K    5.632 K    3572    Application Layer Gateway Service    Microsoft Corporation    (Verified) Microsoft Windows

AEstSrv.exe        396 K    2.356 K    2044    Andrea filters APO access service (32-bit)    Andrea Electronics Corporation    (Verified) Microsoft Windows Hardware Compatibility Publisher




The link to the Speecy tool is broken. It looks right but the hyperlink is wrong. I just copied and pasted the link so it was fine. I just wanted to tell you in case it's in your template or something, for future reference.

 

You will find the Speecy report under the name 'SPEECY report.txt'

 

I uninstalled it and then cleared all the logs and rebooted.

 

After the "scannow" command in cmd (which took a looooong time) it showed no errors. I lost the message but basically it said that it found nothing wrong with the system files.

 

Therefore, I didn't run the other commands. If I misunderstood, let me know and I'll do it.

 

And lastly, I was unable to run the "VEW.exe" tool.

 

It's giving me a language error even tho English is set as default everywhere.

 

error.png

 

I double checked everything in 'Language/Region' options and English (US) is set as default everywhere. Even the region is set to 'United States' but it's giving me the above error with 'Serbian' language which I rarely use.

 

If there is a fix for this, let me know. I'd rather not uninstall the 'Serbian' language but if I have to and the report is crucial let me know and I'll do it.

 

 

Well, I think that's all. I hope I didn't skip anything after trying to post so many times and copying and pasting this reply over and over again.

 

Looking forward for the next instructions,

 

Fidel

Attached Files


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,012 posts
  • MVP

Speccy link was good except the space between the link and the rest of the text was missing so the forum picked up the open parens as part of the link.

 

Speccy says your hard drive is showing a lot of errors.   The G-sense value means it has been dropped.  If it has to reread the disk that's going to slow things down.

 

Attribute name    Read Error Rate
                                            Real value    0
                                            Current    120
                                            Worst    99
                                            Threshold    6
                                            Raw Value    000E2C96ED
                                         
                              
                                           
                               
                                     
 Attribute name    Seek Error Rate
                                            Real value    0
                                            Current    77
                                            Worst    60
                                            Threshold    30
                                            Raw Value    000359415D
                                         
                                   
 Attribute name    G-sense error rate
                                            Real value    34
                                            Current    100
                                            Worst    100
                                            Threshold    0
                                            Raw Value    0000000022
                                            Status    Good
                                     
                                     
 Attribute name    Hardware ECC Recovered
                                            Real value    0
                                            Current    54
                                            Worst    45
                                            Threshold    0
                                            Raw Value    000E2C96ED
                                            Status    Good

 

 

 

Your PC is also running a bit warm.  What thermal paste did you use?  When you replaced the thermal paste did you clean the heatsink fins?

 

Let's get Speedfan:

http://www.filehippo...nload_speedfan/

Download, save and Install it (Win 7 or Vista right click and Run As Admin.) then run it (Win 7 or Vista right click and Run As Admin)  (I see you already have it.  No need to reinstall it.)

It will tell you your temps in real time. (If you click on Configure then on Core you can check Show in Tray then OK  and even when minimized it will show the Core temp in the system tray (near the clock),  If you don't see it then Windows is hiding it.  Click on the up arrow to the left of the icons near the clock and  Customize.  Find Speedfan and change it to Show Icons and Notifications.  ) Leave it up and run something like a video or a scan and see if the temps climb into the 70s or higher.  Make sure it is on a hard surface so the vents aren't blocked. 

Your hard drive is a bit suspect.  Looks like it has been dropped or bumped rather hard and it is showing more errors than I like.  In Speedfan, click on the S.M.A.R.T. tab and then on the down arrow to the right of the empty box.  Select your hard drive.  (Only one there on a laptop).  This will show you the info on your hard drive.  It should be all green OKs (or nothing for info only things)  other colors indicate problems.  You can also click on Perform an in depth online analysis of the hard drive   This will open a webpage with more details.  I think if you right click on "this" at the end of: The link to get back and see a new report about this hard disk in the future is this.
and select Copy Link Address.  You can then paste it (ctrl + v) into a reply and I can look at it too.


The Process Explorer log is rather odd.  Did you wait a full minute for it to settle after starting it and before saving the log?  Process Explorer is taking up a lot of CPU time but probably the real killer is   

 

Interrupts    3.28    0 K    0 K    n/a    Hardware Interrupts and DPCs        

 

This is usually under 1.5.  Doesn't sound like much but it makes a big difference in speed and can cause jerky video.  Usually caused by a bad driver tho I have seen it caused by a bad battery.  Try shutting it down, removing the battery and booting up with it connected to the wall plug.  Run Process Explorer again and look at the Interrupts line.   If it drops considerably then the battery needs to be replaced.  If that doesn't make any difference then try booting into Safe Mode (see: 

http://www.7tutorials.com/4-ways-boot-safe-mode-windows-10  )

and run Process Explorer again.      

 

These two programs are using more CPU time than I like:

 

SynTPEnh.exe    6.12    5.552 K    16.716 K    4836    Synaptics TouchPad 32-bit Enhancements    Synaptics Incorporated    (Verified) Synaptics Incorporated

Viber.exe    4.99    199.380 K    95.852 K    6028    Viber        (Verified) Viber Media S.a.r.l

 

The first is the driver for your touchpad.  Probably the driver needs to be updated for win 10,  You might try running with an external usb mouse and disabling the touchpad - see it that helps.  The second is something that let's you talk to other people like Skpe.  I would turn it off when gaming.

 

 

Clear the Java Cache by following the instructions on
http://www.java.com/...lugin_cache.xml

You do not have the latest Java.
First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
I see:
Java 7 Update 60
JavaFX 2.1.1

Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.

If you feel you must have Java:
Get the latest Java at:
http://www.java.com/en/

Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.


Looking at your errors in the Addition I see a lot of Windows 10 errors.  Not sure how serious they are.  I would try:

 

Open an Elevated Command Prompt (see:  http://www.eightforu...indows-8-a.html) then type:

Dism  /Online  /Cleanup-Image  /RestoreHealth

Understand this takes a while to finish so be patient.

 

 

 

There are a lot of dead GWX tasks in task scheduler.  You would think they would have been removed since you now have Windows 10.  I can remove them with a FRST fixlist but I want to wait until I see a new log after Java has been removed (or updated) in case I need to clean some Java entries up too. 

 

 

Since Vino's doesn't work we will just use what FRST provides for now.                     


  • 0

#7
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Yeah, I have SpeedFan as I was using it many times to check the (pretty high) temperatures.

 

Normally, with my 'basic needs', the HDD runs at 37ºC while the other 3 temperatures (Temp1, GPU and Core) run at around 65ºC.

 

Now I tested 2 scenarios.

 

The first one was the 'fresh' one, where I tested the temperatures right after waking up the laptop from a good night sleep. It showed this:

 

speedfan-standby.png

 

The second one was a 'full load' where I played a (laggy) 720p video on YT and opened a page with a dozen of GIFs. It showed this:

 

speedfan-full-load.png

 

Regarding S.M.A.R.T. info, I see only green OKs or no color. No other colors showing errors are visible.

 

smart1.png    .    smart2.png

 

Regarding the online in-depth analysis, it looks pretty fine there, I guess. Check it for yourself HERE.

 

Regarding battery, some people advised me to remove the battery and use it plugged in only. I've tried that and didn't change anything. The videos on YT were still laggy/jerky even at 360p.

 

Regarding the 'The Process Explorer log', I might have let it work for more than a minute. I was confused with the name so I guess I tried to read your post again and then it might have been than 2-3 minutes passed in the meantime. I'll do it again (properly this time) and include the results in the next post as well as the info regarding other things like java etc.

 

I'm posting this reply now before shutting the notebook down and removing the battery.

 

I'll come back shortly.


  • 0

#8
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Alright, I'm back.

 

Shut it down. Removed the battery. Booted it up without battery.

 

The 'Interrupts' still shows almost the same value. I waited 1 minute this time.

 

Interrupts    3.41

 

Full report, without battery:

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
MpSigStub.exe    23.94    13.680 K    17.444 K    5472    Microsoft Malware Protection Signature Update Stub    Microsoft Corporation    (Verified) Microsoft Corporation
System    20.28    160 K    42.552 K    4            
procexp.exe    15.07    57.976 K    72.128 K    5712    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
firefox.exe    6.57    269.940 K    278.156 K    6064    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
svchost.exe    5.00    41.248 K    54.152 K    1100    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
RuntimeBroker.exe    3.60    12.748 K    21.512 K    4252    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
SynTPEnh.exe    3.47    6.816 K    17.648 K    4080    Synaptics TouchPad 32-bit Enhancements    Synaptics Incorporated    (Verified) Synaptics Incorporated
Interrupts    3.41    0 K    0 K    n/a    Hardware Interrupts and DPCs        
MsMpEng.exe    3.09    94.600 K    85.892 K    2808    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
dwm.exe    2.84    10.828 K    22.916 K    852    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
backgroundTaskHost.exe    2.68    3.596 K    13.692 K    600    Background Task Host    Microsoft Corporation    (Verified) Microsoft Windows
sihost.exe    2.16    3.400 K    14.908 K    832    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
raptr.exe    1.84    109.160 K    15.156 K    5860    Raptr Desktop App    Raptr, Inc    (Verified) Raptr
csrss.exe    1.53    1.152 K    5.624 K    504    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.91    2.688 K    7.004 K    752    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchIndexer.exe    0.73    19.204 K    21.848 K    676    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
SearchProtocolHost.exe    0.73    1.848 K    7.536 K    4188    Microsoft Windows Search Protocol Host    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    0.57    4.748 K    13.552 K    696    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
explorer.exe    0.31    47.780 K    66.416 K    1408    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe    0.23    5.892 K    11.560 K    3688    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe    0.20    1.696 K    6.376 K    5928    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
CodeMeter.exe    0.18    2.488 K    10.668 K    2060    CodeMeter Runtime Server    WIBU-SYSTEMS AG    (Verified) WIBU-SYSTEMS AG
svchost.exe    0.17    5.104 K    13.428 K    1224    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.17    67.448 K    89.112 K    912    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
raptr_im.exe    0.07    12.076 K    15.692 K    4816    Raptr Desktop App    Raptr, Inc    (Verified) Raptr
svchost.exe    0.07    3.508 K    10.180 K    988    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    0.06    7.248 K    21.820 K    1060    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
lsass.exe    0.03    3.288 K    11.364 K    620    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
MOM.exe    0.02    16.200 K    5.064 K    5228    Catalyst Control Center: Monitoring program    Advanced Micro Devices Inc.    (Verified) Advanced Micro Devices
System Idle Process    0.02    0 K    8 K    0            
RtWLan.exe    0.01    4.736 K    13.652 K    2620    RtWLan ( For Vista / Win7) Application(External Registrar)    Realtek Semiconductor Corp.    (No signature was present in the subject) Realtek Semiconductor Corp.
RtlService.exe    0.01    848 K    4.456 K    2564    RtlService MFC Application    Realtek    (No signature was present in the subject) Realtek
HPOSD.exe    0.01    3.124 K    11.744 K    5012    HP On Screen Display    Hewlett-Packard Development Company, L.P.    (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
YCMMirage.exe    0.01    1.284 K    612 K    4492    YouCam Mirage    CyberLink    (Verified) CyberLink
CCC.exe    < 0.01    53.032 K    6.716 K    5892    Catalyst Control Center: Host application    Advanced Micro Devices Inc.    (Verified) Advanced Micro Devices
ezSharedSvcHost.exe    < 0.01    952 K    5.496 K    1828    Shared EasyBits services for Windows    EasyBits Software AS    (Certificate expired) EasyBits Software AS
HPSA_Service.exe    < 0.01    16.512 K    19.008 K    1668    HP Support Assistant Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company
csrss.exe    < 0.01    808 K    3.544 K    396    Client Server Runtime Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
stacsv.exe    < 0.01    4.336 K    9.448 K    1252    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher
hpservice.exe    < 0.01    908 K    4.572 K    1412    HpService    Hewlett-Packard Company    (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
wuauclt.exe        1.796 K    9.104 K    3216    Windows Update    Microsoft Corporation    (Verified) Microsoft Windows
wuapihost.exe        1.212 K    6.472 K    4680    wuapihost    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        1.936 K    7.292 K    248    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
wlanext.exe        1.240 K    4.944 K    1912    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        1.548 K    8.276 K    564    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        768 K    3.972 K    496    Windows Start-Up Application    Microsoft Corporation    (Verified) Microsoft Windows Publisher
TrustedInstaller.exe        1.584 K    5.792 K    1136    Windows Modules Installer    Microsoft Corporation    (Verified) Microsoft Windows
TiWorker.exe        5.068 K    10.304 K    5956    Windows Modules Installer Worker    Microsoft Corporation    (Verified) Microsoft Windows
taskhostw.exe        3.752 K    11.420 K    2792    Host Process for Windows Tasks    Microsoft Corporation    (Verified) Microsoft Windows
SynTPHelper.exe        572 K    3.412 K    3492    Synaptics Pointing Device Helper    Synaptics Incorporated    (Verified) Synaptics Incorporated
SynTPEnhService.exe        748 K    3.528 K    2696    32-bit Synaptics Pointing Enhance Service    Synaptics Incorporated    (Verified) Synaptics Incorporated
svchost.exe        9.724 K    21.216 K    792    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        12.180 K    20.312 K    1868    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        16.264 K    26.464 K    1016    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.076 K    13.672 K    2744    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.012 K    16.660 K    104    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.516 K    8.236 K    2348    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.416 K    7.932 K    304    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        2.508 K    9.916 K    3212    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.148 K    5.272 K    2824    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
sttray.exe        7.696 K    20.104 K    5268    IDT PC Audio    IDT, Inc.    (Verified) Microsoft Windows Hardware Compatibility Publisher
spoolsv.exe        4.452 K    13.172 K    1748    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
smss.exe        248 K    952 K    272    Windows Session Manager    Microsoft Corporation    (Verified) Microsoft Windows Publisher
ShellExperienceHost.exe    Suspended    19.196 K    43.776 K    2632    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
services.exe        2.620 K    5.752 K    604    Services and Controller app    Microsoft Corporation    (Verified) Microsoft Windows Publisher
SearchUI.exe    Suspended    34.864 K    59.940 K    4244    Search and Cortana application    Microsoft Corporation    (Verified) Microsoft Windows
SearchProtocolHost.exe        1.156 K    5.956 K    4548    Microsoft Windows Search Protocol Host    Microsoft Corporation    (Verified) Microsoft Windows
SearchFilterHost.exe        988 K    5.348 K    5140    Microsoft Windows Search Filter Host    Microsoft Corporation    (Verified) Microsoft Windows
rndlresolversvc.exe        808 K    4.628 K    2496            (Verified) RealNetworks
NisSrv.exe        7.420 K    6.380 K    5636    Microsoft Network Realtime Inspection Service    Microsoft Corporation    (Verified) Microsoft Corporation
mqsvc.exe        3.304 K    10.424 K    2276    Message Queuing Service    Microsoft Corporation    (Verified) Microsoft Windows
hpqWmiEx.exe        1.396 K    7.924 K    5156    HP Software Framework WMI Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company
HPDrvMntSvc.exe        776 K    4.064 K    2112    HP Quick Synchronization Service    Hewlett-Packard Company    (Verified) Hewlett-Packard Company
HPClientServices.exe        1.612 K    7.500 K    1604    HP Client Services    Hewlett-Packard Company    (A certificate was explicitly revoked by its issuer) Hewlett-Packard Company
GrooveMonitor.exe        1.536 K    8.628 K    5064    GrooveMonitor Utility    Microsoft Corporation    (Verified) Microsoft Corporation
Fuel.Service.exe        1.228 K    5.940 K    356    AMD Fuel Service    Advanced Micro Devices, Inc.    (No signature was present in the subject) Advanced Micro Devices, Inc.
fontdrvhost.exe        604 K    2.828 K    4884    Usermode Font Driver Host    Microsoft Corporation    (Verified) Microsoft Windows
dasHost.exe        2.844 K    10.300 K    3792    Device Association Framework Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
CoolSense.exe        1.752 K    10.080 K    5032    HP CoolSense    Hewlett-Packard Development Company, L.P.    (A certificate was explicitly revoked by its issuer) Hewlett-Packard Development Company, L.P.
conhost.exe        528 K    3.168 K    1920    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
BtwRSupportService.exe        1.480 K    6.248 K    376    Bluetooth Radio Management Support    Broadcom Corporation.    (Verified) Broadcom Corporation
audiodg.exe        6.688 K    9.360 K    1496    Windows Audio Device Graph Isolation     Microsoft Corporation    (Verified) Microsoft Windows
AMDQuickStream.exe        2.216 K    10.536 K    5288    AMD Quick Stream    AppEx Networks Corporation    (Verified) AppEx Networks Corporation
AM_Delta_Patch_1.203.1304.0.exe        400 K    4.220 K    4760    AntiMalware Definition Update    Microsoft Corporation    (Verified) Microsoft Corporation
alg.exe        1.096 K    5.944 K    3772    Application Layer Gateway Service    Microsoft Corporation    (Verified) Microsoft Windows
AEstSrv.exe        456 K    2.568 K    340    Andrea filters APO access service (32-bit)    Andrea Electronics Corporation    (Verified) Microsoft Windows Hardware Compatibility Publisher

 

Since the battery is not the problem (from what I can see), I'll but into Safe Mode now and try the test again.

 

I'll include that in the next reply. If you mind having too many replies, I can merge the posts later on.


  • 0

#9
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Alright, in Safe Mode the results of 'Interrupts' were better I guess.

 

I first run it for a minute without opening anything at all (no programs opened whatsoever).

 

Interrupts    0.63

 

Full report:

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    89.43    0 K    8 K    0            
procexp.exe    5.30    49.112 K    65.544 K    1568    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
System    3.33    40 K    60 K    4            
dwm.exe    0.99    18.008 K    33.224 K    840    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
Interrupts    0.63    0 K    0 K    n/a    Hardware Interrupts and DPCs        
explorer.exe    0.17    39.584 K    68.744 K    1576    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.14    784 K    4.840 K    456            
services.exe    0.01    1.888 K    4.944 K    564            
svchost.exe    0.01    2.364 K    8.024 K    1032    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3.348 K    12.472 K    676    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WmiPrvSE.exe        3.056 K    8.624 K    1564    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        1.540 K    6.396 K    1256    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        1.688 K    6.612 K    1772    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        1.400 K    7.888 K    516    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        736 K    4.088 K    448            
svchost.exe        9.048 K    18.720 K    868    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7.132 K    10.368 K    952    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.024 K    13.772 K    1072    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        1.788 K    5.848 K    728    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        740 K    3.936 K    1024    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        880 K    4.120 K    984    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
smss.exe        240 K    956 K    280            
sihost.exe        3.196 K    15.720 K    1460    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    13.252 K    41.436 K    1896    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        8.440 K    13.800 K    2020    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
MsMpEng.exe        65.092 K    34.252 K    1124    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
lsass.exe        1.964 K    8.888 K    584    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
HelpPane.exe        3.260 K    19.324 K    476    Microsoft Help and Support    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        2.872 K    9.624 K    1044    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe        772 K    4.652 K    1644    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        748 K    3.168 K    392            
ApplicationFrameHost.exe        5.076 K    18.832 K    1436    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows

Then I just opened the Mozilla Firefox to check something (couldn't use the 'Search' in Safe Mode) and then it raised a bit but still not even close to the value before.

 

Interrupts    1.96

 

Full report:

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    76.12    0 K    8 K    0            
firefox.exe    9.99    225.972 K    248.296 K    1984    Firefox    Mozilla Corporation    (Verified) Mozilla Corporation
procexp.exe    5.81    50.700 K    67.728 K    1568    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
System    4.21    40 K    60 K    4            
Interrupts    1.96    0 K    0 K    n/a    Hardware Interrupts and DPCs        
dwm.exe    1.41    18.768 K    37.088 K    840    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
explorer.exe    0.17    39.944 K    70.564 K    1576    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
WMIADAP.exe    0.16    1.428 K    5.900 K    1652    WMI Reverse Performance Adapter Maintenance Utility    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe    0.16    788 K    5.512 K    456            
services.exe    0.01    1.888 K    4.944 K    564            
svchost.exe    < 0.01    2.392 K    8.056 K    1032    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe    < 0.01    3.336 K    12.472 K    676    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
WmiPrvSE.exe        3.140 K    8.964 K    1564    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        1.768 K    6.632 K    1772    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
WmiPrvSE.exe        1.520 K    6.376 K    1256    WMI Provider Host    Microsoft Corporation    (Verified) Microsoft Windows
winlogon.exe        1.512 K    8.224 K    516    Windows Logon Application    Microsoft Corporation    (Verified) Microsoft Windows
wininit.exe        736 K    4.088 K    448            
svchost.exe        1.800 K    5.856 K    728    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7.244 K    10.480 K    952    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        7.056 K    16.880 K    868    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        4.044 K    13.820 K    1072    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        740 K    3.936 K    1024    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
svchost.exe        880 K    4.120 K    984    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows Publisher
smss.exe        240 K    956 K    280            
sihost.exe        3.156 K    15.700 K    1460    Shell Infrastructure Host    Microsoft Corporation    (Verified) Microsoft Windows
ShellExperienceHost.exe    Suspended    13.268 K    41.192 K    1896    Windows Shell Experience Host    Microsoft Corporation    (Verified) Microsoft Windows
RuntimeBroker.exe        8.316 K    13.764 K    2020    Runtime Broker    Microsoft Corporation    (Verified) Microsoft Windows
MsMpEng.exe        65.092 K    31.152 K    1124    Antimalware Service Executable    Microsoft Corporation    (Verified) Microsoft Corporation
lsass.exe        1.964 K    8.888 K    584    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows Publisher
HelpPane.exe        3.260 K    19.324 K    476    Microsoft Help and Support    Microsoft Corporation    (Verified) Microsoft Windows
dllhost.exe        3.060 K    9.812 K    1044    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
ctfmon.exe        772 K    4.652 K    1644    CTF Loader    Microsoft Corporation    (Verified) Microsoft Windows
csrss.exe        740 K    3.164 K    392            
ApplicationFrameHost.exe        5.056 K    18.824 K    1436    Application Frame Host    Microsoft Corporation    (Verified) Microsoft Windows

Regarding Java, I have uninstalled both programs you mentioned. I'll try living without it for now, if it will make my system run faster.

 

Do you need another FRST report after doing all this?

 

Regarding the mouse, I don't have it at the moment but I'll get one later one today and test it without the touchpad. I do use Viber and that's almost the only program I use on a daily basis, besides the browser,

 

I'm gonna use the command in cmd now and wait till it finishes. So in the meantime I'll post this and get you the results after this cmd command finished.

 

P.S. If you think I'd have less problems or you could help me faster by going back to Windows 7, I can do it straight away. I'm just 'testing' Windows 10 on this machine to know if I want it on others or not.

 

 

 

EDIT: The cdm command finished successfully, I guess.

C:\WINDOWS\system32>Dism  /Online  /Cleanup-Image  /RestoreHealth

Deployment Image Servicing and Management tool
Version: 10.0.10240.16384

Image Version: 10.0.10240.16384

[==========================100.0%==========================]
The restore operation completed successfully.
The operation completed successfully.

Looking forward for further instructions.

 

I think I only owe you a test with an external mouse (disabling the touchpad) which I will do a bit later, once I get it.


Edited by Fidel Castro, 06 August 2015 - 05:57 AM.

  • 0

#10
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,012 posts
  • MVP

Win 7 would be easier.  My scripts are all written for Win 7 and I know what works and what doesn't.  I haven't got Win 10 on any PC yet.  Run a new FRST log so I can see where we are.

 

The temperature climbing to 73 is not good.  What thermal paste did you use?  Did you clean the heatsink fins?  Is the fan running?  A cooler tray might help.  You can also prop up the back of the notebook with a book (don't block the vents on the bottom).  This usually helps a bit with heat flow.  One of the problems with the heat is that the CPU is being overworked.  Normally with nothing running we see System Idle at over 90%.  Even with a few things running it should not drop to 0 as it did in the first Process Explorer log.   In the second log the biggest user is Windows Defender.  Perhaps it runs a scan right after a reboot?  The Safe Mode log isn't bad.  I would go into MSCONFIG  and uncheck everything under Startup and under Services, click on Hide Microsoft Services then uncheck everything that is left.  OK then reboot.  Then run another Process Explorer log.  What does System Idle have now for CPU %?

 

I see

 

ezSharedSvcHost.exe    < 0.01    952 K    5.496 K    1828    Shared EasyBits services for Windows    EasyBits Software AS    (Certificate expired) EasyBits Software AS

 

Supposedly part of Magic Desktop Parental Controls which doesn't seem to be installed.  I think we can remove it tho it doesn't appear to be causing any problems.
 

 

My opinion of the hard drive remains that it is not very good.  Too many errors.


  • 0

Advertisements


#11
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Since you're continuing with the instructions, I'll continue following them on the actual Win10.

 

If you want me to switch back to Win7, just tell me and I'll do it right away.

 

I've run the FRST scan again. Find attached the results.

 

Please note that I forgot to clear the Java cache before uninstalling it. Not sure how to do it now, if it's necessary.

 

Regarding the cleaning, I did it but not recently. I don't remember exactly but I believe it was beginning of this year, so almost 5-6 months ago. I did clean the heat sink, fan and everything with compressed air in spray. I used some 'ordinary' thermal paste as high quality ones are not even available on the shops around me (or anywhere in the country). I could only order on the internet but it would take almost a month to arrive and that's not the option right now.

 

I have to mention that I've cleaned it when I noticed the slow performance affecting my basic needs but the cleaning didn't help at all. The only thing I 'got' was that the bottom cover is now falling off and the battery as well. Nothing seems to be broken but it just won't fit as it should anymore. But that's another problem I don't want to annoy you with right now.

 

Most of the times I use my notebook on my lap, trying to keep the left side (where the exhaust is) off the lap, allowing the air to flow freely.

 

Regarding the 'Startup' and 'Services' in 'msconfig', I've removed everything from the 'Startup' a long time ago. It's blank there. At least that's what it shows. Regarding 'Services', I've disabled many of them (again, a long time ago). I'm not sure if I'm supposed to disable all of them. I mean I can see some things like "Windows Audio", "Computer Browser", "Power" etc. Should I disable all that? Would everything (audio etc.) work properly after disabling all those services? If so, I'll gladly disable them.

 

Let me know.

 

And also let me know if you want me to switch to Win7 before continuing working on this.

Attached Files


  • 0

#12
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,012 posts
  • MVP

OK.  Let's revert back to Win 7.  Post the FRST logs after you do.  I will hold off on the Fixlist until I get the new logs.

 

About Services in MSCONFIG.  There should be an option to Hide Microsoft Services.  Once you click it you should only see  3rd party services.  These you can all uncheck.  The idea is to have nothing but MS stuff running and then look at what process explorer says.  We don't really care if something stops working just as long as it boots.  We will go back in and recheck the items we turned off if it doesn't help.  If it does then we will only recheck half of them and reboot and run Process Explorer.  IF it goes bad again then it's something in the half we turned on and we turn off 1/2 of those we turned on and keep at it until we isolate the culprit.


  • 0

#13
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Alright, I switched back to Win7.

As soon as the system booted, it asked to restart in order to install Win10 again. (with the countdown).

I postponed it and 'force ended' the task 'Windows Update' from the Task Manager.

I hope I won't have to postpone it forever but let's focus on the main problem(s) for now...
 

 

I have checked the msconfig again and now in the 'Startup' is the driver for the touchpad only. And in 'Services' I disabled ALL when I hid the MS ones. So all but Microsoft services are disabled.

 

I do notice a red light on my volume button indicating some problems. I checked the audio and sounds fine. Not sure what's going on with that. It was blue before. Anyways... back to 'business'...

 

You will find attached the FRST scan report and the additional one.

 

I did notice that the 'FRST' report is much shorter than before (520kb on Win10 vs 47kb now on WIn7) which should be a good sign, I guess.

 

I have also run the 'procexp' tool, in case you need it. If not, just ignore it.

 

The 'interrupts' still seems higher than it should (Interrupts    2.40) and the 'System Idle' as well (System Idle Process    68.65)

 

Check out the full log:

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name
System Idle Process    68.65    0 K    24 K    0        
System    12.31    48 K    628 K    4        
procexp.exe    8.96    19.448 K    33.592 K    1076    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com
firefox.exe    3.75    370.460 K    374.464 K    2148    Firefox    Mozilla Corporation
Interrupts    2.40    0 K    0 K    n/a    Hardware Interrupts and DPCs    
SynTPEnh.exe    1.65    7.292 K    9.784 K    2656    Synaptics TouchPad Enhancements    Synaptics Incorporated
SearchIndexer.exe    0.92    30.256 K    25.012 K    2912    Microsoft Windows Search Indexer    Microsoft Corporation
csrss.exe    0.81    9.996 K    9.468 K    464    Client Server Runtime Process    Microsoft Corporation
explorer.exe    0.28    34.992 K    50.232 K    2464    Windows Explorer    Microsoft Corporation
dwm.exe    0.15    1.364 K    5.312 K    2440    Desktop Window Manager    Microsoft Corporation
svchost.exe    0.03    3.032 K    7.036 K    688    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.03    49.876 K    42.640 K    2476    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.01    571.996 K    313.256 K    988    Host Process for Windows Services    Microsoft Corporation
dllhost.exe    0.01    4.200 K    7.380 K    3048    COM Surrogate    Microsoft Corporation
svchost.exe    0.01    7.132 K    12.816 K    952    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.01    5.488 K    10.040 K    1676    Host Process for Windows Services    Microsoft Corporation
svchost.exe    0.01    8.960 K    10.356 K    3360    Host Process for Windows Services    Microsoft Corporation
wmpnetwk.exe    < 0.01    8.740 K    4.736 K    2996    Windows Media Player Network Sharing Service    Microsoft Corporation
svchost.exe    < 0.01    12.868 K    13.252 K    1272    Host Process for Windows Services    Microsoft Corporation
WLIDSVC.EXE    < 0.01    4.508 K    10.760 K    1828    Microsoft® Windows Live ID Service    Microsoft Corp.
svchost.exe    < 0.01    4.132 K    8.308 K    1608    Host Process for Windows Services    Microsoft Corporation
WmiPrvSE.exe        1.892 K    4.772 K    3752    WMI Provider Host    Microsoft Corporation
WLIDSVCM.EXE        648 K    2.376 K    748    Microsoft® Windows Live ID Service Monitor    Microsoft Corp.
wlanext.exe        1.276 K    4.008 K    1400    Windows Wireless LAN 802.11 Extensibility Framework    Microsoft Corporation
winlogon.exe        1.764 K    5.440 K    604    Windows Logon Application    Microsoft Corporation
wininit.exe        980 K    3.412 K    456    Windows Start-Up Application    Microsoft Corporation
TrustedInstaller.exe        14.372 K    20.216 K    1116    Windows Modules Installer    Microsoft Corporation
taskhost.exe        3.120 K    7.768 K    2352    Host Process for Windows Tasks    Microsoft Corporation
taskhost.exe        2.856 K    4.464 K    656    Host Process for Windows Tasks    Microsoft Corporation
taskeng.exe        1.148 K    4.180 K    644    Task Scheduler Engine    Microsoft Corporation
SynTPHelper.exe        604 K    2.492 K    2800    Synaptics Pointing Device Helper    Synaptics Incorporated
svchost.exe        65.932 K    72.908 K    904    Host Process for Windows Services    Microsoft Corporation
svchost.exe        2.816 K    5.824 K    764    Host Process for Windows Services    Microsoft Corporation
svchost.exe        21.072 K    17.316 K    824    Host Process for Windows Services    Microsoft Corporation
svchost.exe        11.164 K    11.460 K    1512    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.284 K    4.024 K    1364    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.048 K    3.852 K    2424    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.300 K    4.356 K    1760    Host Process for Windows Services    Microsoft Corporation
svchost.exe        1.780 K    4.532 K    2068    Host Process for Windows Services    Microsoft Corporation
spoolsv.exe        5.068 K    9.636 K    1476    Spooler SubSystem App    Microsoft Corporation
smss.exe        260 K    776 K    260    Windows Session Manager    Microsoft Corporation
services.exe        4.484 K    7.244 K    504    Services and Controller app    Microsoft Corporation
lsm.exe        1.320 K    3.044 K    536    Local Session Manager Service    Microsoft Corporation
lsass.exe        4.088 K    10.664 K    524    Local Security Authority Process    Microsoft Corporation
GWX.exe        2.392 K    896 K    3100    GWX    Microsoft Corporation
dllhost.exe        1.436 K    4.844 K    3872    COM Surrogate    Microsoft Corporation
csrss.exe        1.228 K    3.416 K    376    Client Server Runtime Process    Microsoft Corporation
conhost.exe        492 K    2.112 K    1408    Console Window Host    Microsoft Corporation
alg.exe        1.048 K    3.800 K    1244    Application Layer Gateway Service    Microsoft Corporation

 

Let me know what to do next.

Attached Files


  • 0

#14
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,012 posts
  • MVP

Download the attached fixlist.txt to the same location as FRST
Run FRST and press Fix
A fix log will be generated please post that.  Run FRST again, check the Additions box and then Scan.  You will get two logs.  Post them both.

 

Let's do a boot log to see if anything important is missing.

Go back into msconfig and under the Boot tab, check boot log.  OK and reboot.  This should create a log in c:\windows\ntbtlog.txt

 

Copy and paste the text from ntbtlog.txt into a Reply.

 

 

 

 

 


  • 0

#15
Fidel Castro

Fidel Castro

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 162 posts

Alright, here's the log after applying the fix:

 

Fix result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01
Ran by inFidel (2015-08-06 19:46:02) Run:1
Running from C:\Users\inFidel\Desktop\FRST
Loaded Profiles: inFidel (Available Profiles: inFidel)
Boot Mode: Normal

==============================================

fixlist content:
*****************
HKLM\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
S4 ezSharedSvc; C:\Windows\System32\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S4 Futuremark SystemInfo Service; C:\Program Files\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
S3 cpuz137; \??\C:\Windows\TEMP\cpuz137\cpuz137_x32.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 mdf16; \??\C:\Users\inFidel\AppData\Local\Temp\mdf16.sys [X]
S3 mvd23; \??\C:\Users\inFidel\AppData\Local\Temp\mvd23.sys [X]
CustomCLSIDCustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.27.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.26.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector No Task File <==== ATTENTION
Task: {492D85AB-9FD2-4716-91A7-7DC7788DC846} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask No Task File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification No Task File <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector No Task File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent No Task File <==== ATTENTION








*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\EnableShellExecuteHooks => value removed successfully.
HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar => value removed successfully.
HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar => value removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => key removed successfully.
HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully.
"HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully.
HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully.
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
"HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2" => key removed successfully.
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2" => key removed successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
ezSharedSvc => service removed successfully.
Futuremark SystemInfo Service => service removed successfully.
cpuz137 => service removed successfully.
GPUZ => service removed successfully.
mdf16 => service removed successfully.
mvd23 => service removed successfully.
CustomCLSIDHKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344} => key could not remove. ErrorCode: 0xC000003B
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{38216570-5DB1-45F8-A344-B0C4E252B14B}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => key removed successfully.
"HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{492D85AB-9FD2-4716-91A7-7DC7788DC846}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{492D85AB-9FD2-4716-91A7-7DC7788DC846}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B184694-64C3-4633-94C5-945B3FA561D6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B184694-64C3-4633-94C5-945B3FA561D6}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21F6024-191F-4454-BBBC-09A650DA2549}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F6024-191F-4454-BBBC-09A650DA2549}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => key removed successfully.

==== End of Fixlog 19:46:04 ====

 

Here is the FRST log:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-08-2015 01
Ran by inFidel (administrator) on INFIDEL-1337 (06-08-2015 19:47:20)
Running from C:\Users\inFidel\Desktop\FRST
Loaded Profiles: inFidel (Available Profiles: inFidel)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll [2015-07-24] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com?pc=HPNTDF
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://uk.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{105A5B5F-4AF5-4AF1-ABB2-C5304DF513A9}: [DhcpNameServer] 192.168.101.99 194.25.0.60
Tcpip\..\Interfaces\{179481F9-0A44-409D-9AD9-2FE55069DD52}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A17A0D3A-9613-4F2B-A3D1-28C472C7F6A8}: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw.dll [2011-02-02] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @gpac/osmozilla,version=1.0 -> C:\Program Files\GPAC\nposmozilla.dll [2014-04-25] ( )
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2013-12-13] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2013-12-13] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4041656617-1838989228-2178339868-1000: @tools.google.com/Google Update;version=3 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4041656617-1838989228-2178339868-1000: @tools.google.com/Google Update;version=9 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2013-12-13] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-11-21] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll [2013-12-13] (RealPlayer)
FF Extension: Youtube Accelerator Helper - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E} [2014-07-14]
FF Extension: iMacros for Firefox - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2015-07-29]
FF Extension: Browsec - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2015-07-31]
FF Extension: ZenMate Security & Privacy VPN - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2015-07-31]
FF Extension: TinEye Reverse Image Search - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\[email protected] [2012-06-29]
FF Extension: Search By Image (by Google) - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{ce7e73df-6a44-4028-8079-5927a588c948}.xpi [2012-06-29]
FF Extension: Adblock Plus - C:\Users\inFidel\AppData\Roaming\Mozilla\Firefox\Profiles\4ebai4f4.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-24]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: No Name - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-13]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2014-10-15]

Chrome:
=======
CHR Profile: C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Please enter your password) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2013-06-09]
CHR Extension: (YouTube) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-04-13]
CHR Extension: (Adblock Plus) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-07-19]
CHR Extension: (Pushbullet) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chlffgpmiacpedhhbkiomidkjlcfhogd [2014-01-02]
CHR Extension: (Google Search) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-04-13]
CHR Extension: (Search by Image (by Google)) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2012-12-16]
CHR Extension: (Tampermonkey) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-06-09]
CHR Extension: (Chrome Speak) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\diagnfimeecdcecjpnkjgbnlelkclcpj [2015-02-23]
CHR Extension: (Stylish) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2013-06-09]
CHR Extension: (Select and Speak - Text to Speech) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjopfpjmkcfgjpogepmdjmcnihfpokn [2015-02-23]
CHR Extension: (Notty Notes) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggbmjahbkbhakkfgjiggdclpmmpmhajn [2013-06-09]
CHR Extension: (Planetarium) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2013-06-09]
CHR Extension: (AdBlock) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-21]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-07-31]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-12-16]
CHR Extension: (TweetDeck by Twitter) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2013-06-09]
CHR Extension: (Eye Dropper) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2013-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-15]
CHR Extension: (Quick Note) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok [2013-06-09]
CHR Extension: (EXIF Reader) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki [2013-06-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-20]
CHR Extension: (YT Repeat) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\piicimoiaiblachamdicgngccadhlecl [2013-06-09]
CHR Extension: (Gmail) - C:\Users\inFidel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-04-13]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 ABBYY.Licensing.FineReader.Professional.9.0; C:\Program Files\ABBYY FineReader 9.0\NetworkLicenseServer.exe [566560 2007-11-02] (ABBYY (BIT Software)) [File not signed]
S4 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2568120 2012-07-19] (WIBU-SYSTEMS AG)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S4 Realtek87B; C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtlService.exe [40960 2009-12-07] (Realtek) [File not signed]
S4 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [282706 2011-07-01] (IDT, Inc.)
S4 TunnelBearMaintenance; C:\Program Files\TunnelBear\TBear.Maintenance.exe [26048 2014-07-05] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [66688 2011-04-16] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [33408 2011-04-16] (Advanced Micro Devices)
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [142504 2011-07-15] (Broadcom Corporation.)
R3 btwampfl; C:\Windows\system32\drivers\btwampfl.sys [551976 2011-07-15] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [76328 2011-07-15] (Broadcom Corporation.)
R2 CDRPDACC; C:\Program Files\Quintessential Player\cdrpdacc.sys [5273 2005-12-06] (Arrowkey) [File not signed]
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-03] () [File not signed]
S3 HTCAND32; C:\Windows\System32\Drivers\ANDROIDUSB.sys [25088 2009-10-26] (HTC, Corporation) [File not signed]
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [98520 2015-08-06] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-06-18] (Malwarebytes Corporation)
S3 RTL8187; C:\Windows\System32\DRIVERS\rtl8187.sys [375808 2010-01-07] (Realtek Semiconductor Corporation                           )
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-29] (Almico Software)
R3 tap-tb-0901; C:\Windows\System32\DRIVERS\tap-tb-0901.sys [33280 2014-06-17] (The OpenVPN Project)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-06 19:45 - 2015-08-06 19:47 - 00000000 ____D C:\Users\inFidel\Desktop\FRST
2015-08-06 18:11 - 2015-08-06 18:11 - 00004271 _____ C:\Users\inFidel\Desktop\Hardware Interrupts and DPCs.txt
2015-08-06 18:06 - 2015-08-06 18:07 - 00050385 _____ C:\Users\inFidel\Desktop\Addition.txt
2015-08-06 18:03 - 2015-08-06 18:07 - 00048514 _____ C:\Users\inFidel\Desktop\FRST.txt
2015-08-06 17:20 - 2015-08-06 17:20 - 00000000 ____D C:\$SysReset
2015-08-05 20:26 - 2015-08-05 21:06 - 00061440 _____ ( ) C:\Users\inFidel\Desktop\VEW.exe
2015-08-05 20:00 - 2015-08-06 17:54 - 00000326 _____ C:\Users\inFidel\Desktop\GTG reply.txt
2015-08-05 19:55 - 2015-08-05 19:57 - 05127432 _____ (Piriform Ltd) C:\Users\inFidel\Desktop\spsetup128.exe
2015-08-05 19:43 - 2015-08-05 19:43 - 02508432 _____ (Sysinternals - www.sysinternals.com) C:\Users\inFidel\Desktop\procexp.exe
2015-08-05 19:21 - 2015-08-06 19:47 - 00000000 ____D C:\FRST
2015-08-04 15:46 - 2015-08-04 16:03 - 179110784 _____ (AMD Inc.) C:\Users\inFidel\Desktop\amd-catalyst-15.7.1-win10-32bit.exe
2015-08-04 15:39 - 2015-08-04 15:40 - 05455048 _____ (Advanced Micro Devices, Inc.) C:\Users\inFidel\Desktop\autodetectutility.exe
2015-07-30 05:28 - 2015-08-07 03:34 - 00000000 __SHD C:\Recovery
2015-07-30 04:58 - 2015-07-30 04:58 - 00008192 _____ C:\Windows\system32\config\userdiff
2015-07-29 19:33 - 2015-08-04 16:03 - 00000000 ____D C:\AMD
2015-07-29 18:30 - 2015-07-29 18:31 - 00000757 _____ C:\Windows\DtcInstall.log
2015-07-29 18:23 - 2015-07-29 20:12 - 00006575 _____ C:\Windows\comsetup.log
2015-07-29 18:20 - 2015-07-29 20:14 - 00010449 _____ C:\Windows\diagerr.xml
2015-07-29 18:20 - 2015-07-29 20:14 - 00009528 _____ C:\Windows\diagwrn.xml
2015-07-29 02:33 - 2015-07-25 19:51 - 00015808 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-29 02:33 - 2015-07-25 19:47 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-29 02:33 - 2015-07-25 19:47 - 00587264 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00924160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-29 02:33 - 2015-07-25 19:46 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-29 02:33 - 2015-07-25 19:40 - 00932864 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-29 02:26 - 2015-08-07 03:26 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-07-28 20:20 - 2015-07-28 20:20 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-28 20:20 - 2015-07-28 20:20 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-07-28 20:19 - 2015-07-28 20:19 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-07-28 20:18 - 2015-07-28 20:18 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-07-28 20:18 - 2015-07-28 20:18 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-07-27 20:49 - 2015-07-27 20:49 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
2015-07-25 17:29 - 2015-08-06 17:55 - 00002423 _____ C:\Windows\setupact.log
2015-07-25 17:29 - 2015-07-29 18:20 - 00000495 _____ C:\Windows\setuperr.log
2015-07-20 21:02 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 21:02 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 21:02 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-18 04:45 - 2015-07-18 04:45 - 00000000 ____D C:\Users\inFidel\AppData\Local\GWX
2015-07-15 16:20 - 2015-07-01 22:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 16:20 - 2015-07-01 22:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 16:20 - 2015-07-01 22:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 16:20 - 2015-07-01 22:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 16:20 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 16:20 - 2015-07-01 22:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 16:20 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 16:20 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 16:20 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 16:20 - 2015-07-01 21:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 16:20 - 2015-07-01 21:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 16:20 - 2015-07-01 21:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 16:20 - 2015-06-25 10:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 16:19 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 16:19 - 2015-06-15 23:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 16:19 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 16:19 - 2015-06-15 23:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 16:19 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 16:19 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 16:17 - 2015-06-17 19:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 16:17 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 16:17 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 02057216 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 16:16 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 16:16 - 2015-07-09 19:42 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 16:16 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 16:16 - 2015-07-09 19:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 16:06 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 16:06 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 16:06 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 16:06 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 16:06 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 16:06 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 16:06 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 16:06 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 16:06 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 16:06 - 2015-06-19 20:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 16:06 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 16:06 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 16:06 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 16:06 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 16:06 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 16:06 - 2015-06-19 20:13 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 16:06 - 2015-06-19 20:06 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 16:06 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 16:06 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 16:06 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 16:06 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 16:06 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 16:06 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 16:06 - 2015-06-19 19:40 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 16:06 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 16:06 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 16:06 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 16:05 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 16:05 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 16:05 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 16:05 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 16:05 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 16:05 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-10 13:17 - 2015-08-06 17:42 - 00000000 ___HD C:\$Windows.~BT

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-07 03:27 - 2012-04-11 22:19 - 00000000 ____D C:\Users\inFidel
2015-08-07 03:27 - 2009-07-14 04:37 - 00000000 __RSD C:\Windows\Media
2015-08-07 03:27 - 2009-07-14 04:37 - 00000000 ___RD C:\Users\Public
2015-08-07 03:26 - 2015-05-09 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-07 03:26 - 2014-10-24 03:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinHTTrack
2015-08-07 03:26 - 2014-10-22 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-08-07 03:26 - 2014-08-02 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-08-07 03:26 - 2014-07-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-07 03:26 - 2014-07-14 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2015-08-07 03:26 - 2014-07-14 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Accelerator
2015-08-07 03:26 - 2014-07-03 11:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-08-07 03:26 - 2014-07-03 00:36 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-07 03:26 - 2014-07-02 20:29 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-07 03:26 - 2014-07-02 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2015-08-07 03:26 - 2014-07-02 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-07 03:26 - 2014-04-26 05:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-08-07 03:26 - 2014-04-26 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Osmo4
2015-08-07 03:26 - 2013-12-13 03:07 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recover My Files v5
2015-08-07 03:26 - 2013-11-21 10:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-08-07 03:26 - 2013-11-10 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0
2015-08-07 03:26 - 2013-04-15 05:15 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ports Of Call
2015-08-07 03:26 - 2013-04-15 05:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ports Of Call
2015-08-07 03:26 - 2013-04-14 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-07 03:26 - 2013-02-19 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2015-08-07 03:26 - 2013-01-08 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2015-08-07 03:26 - 2012-12-29 02:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-08-07 03:26 - 2012-07-10 00:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-08-07 03:26 - 2012-07-10 00:30 - 00000000 ____D C:\Program Files\Microsoft.NET
2015-08-07 03:26 - 2012-07-10 00:25 - 00000000 ____D C:\Windows\SHELLNEW
2015-08-07 03:26 - 2012-06-28 21:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ALFA Wireless LAN Utility
2015-08-07 03:26 - 2012-06-28 21:12 - 00000000 ____D C:\Windows\system32\RtlGina
2015-08-07 03:26 - 2012-04-13 20:17 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2015-08-07 03:26 - 2012-04-13 19:45 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 03:26 - 2012-04-13 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-07 03:26 - 2012-04-13 19:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Quintessential Player
2015-08-07 03:26 - 2012-04-13 19:09 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-07 03:26 - 2012-04-11 22:21 - 00000000 ____D C:\Windows\system32\%COREALLUSERPATH%
2015-08-07 03:26 - 2011-10-24 11:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Online Services
2015-08-07 03:26 - 2011-10-24 10:56 - 00000000 ____D C:\Program Files\IDT
2015-08-07 03:26 - 2011-08-12 11:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2015-08-07 03:26 - 2011-08-12 11:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-08-07 03:26 - 2011-08-12 11:04 - 00000000 ____D C:\Windows\system32\Adobe
2015-08-07 03:26 - 2011-08-12 11:03 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-08-07 03:26 - 2011-08-12 11:02 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-07 03:26 - 2011-08-12 10:55 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-08-07 03:26 - 2011-06-14 06:09 - 00000000 ____D C:\Program Files\Hewlett-Packard
2015-08-07 03:26 - 2009-07-14 06:52 - 00000000 ____D C:\Windows\twain_32
2015-08-07 03:26 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\MSBuild
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-TW
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\zh-CN
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\th-TH
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sv-SE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sl-SI
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\sk-SK
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ru-RU
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ro-RO
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\Recovery
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-PT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pt-BR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\pl-PL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nl-NL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\NDF
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\nb-NO
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\lv-LV
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\lt-LT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ko-KR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ja-JP
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\it-IT
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hu-HU
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\hr-HR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\he-IL
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fr-FR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\fi-FI
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\et-EE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\el-GR
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\de-DE
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\bg-BG
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\system32\ar-SA
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Microsoft.NET
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\LiveKernelReports
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\Help
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-07 03:26 - 2009-07-14 04:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-08-06 19:43 - 2015-06-22 22:37 - 00000926 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job
2015-08-06 19:43 - 2014-10-06 20:14 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-06 19:43 - 2012-04-13 19:06 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job
2015-08-06 19:43 - 2011-10-24 10:57 - 01820662 _____ C:\Windows\WindowsUpdate.log
2015-08-06 18:03 - 2010-11-20 23:01 - 00786558 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-06 18:03 - 2009-07-14 06:34 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-06 18:03 - 2009-07-14 06:34 - 00031472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-06 17:55 - 2009-07-14 06:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-06 17:54 - 2014-06-06 03:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-06 17:52 - 2014-07-03 15:24 - 00000000 ____D C:\Windows\pss
2015-08-06 17:44 - 2012-06-28 14:10 - 00000000 ___RD C:\Users\inFidel\Dropbox
2015-08-06 17:44 - 2012-06-28 14:09 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\Dropbox
2015-08-06 17:42 - 2014-07-02 17:17 - 00098520 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-06 17:35 - 2014-07-03 16:25 - 00123662 _____ C:\Windows\PFRO.log
2015-08-06 16:12 - 2012-04-12 18:30 - 00000052 _____ C:\Windows\system32\DOErrors.log
2015-08-06 14:03 - 2014-07-02 02:23 - 00000000 __SHD C:\Users\inFidel\AppData\Local\EmieUserList
2015-08-06 14:03 - 2014-07-02 02:23 - 00000000 __SHD C:\Users\inFidel\AppData\Local\EmieSiteList
2015-08-06 13:59 - 2014-07-30 16:17 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\ViberPC
2015-08-06 13:59 - 2014-07-30 16:16 - 00000000 ____D C:\Users\inFidel\AppData\Local\Viber
2015-08-06 12:01 - 2014-07-02 20:29 - 00000000 ____D C:\Program Files\SpeedFan
2015-08-04 17:03 - 2013-09-08 19:30 - 00000000 ____D C:\Users\inFidel\AppData\Roaming\vlc
2015-08-03 22:10 - 2013-07-20 00:02 - 00001456 _____ C:\Users\inFidel\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-08-02 22:52 - 2012-07-09 16:50 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-08-01 20:23 - 2014-10-15 23:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-30 01:55 - 2012-04-11 22:19 - 00000000 ____D C:\Users\inFidel\AppData\Local\VirtualStore
2015-07-29 20:13 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\registration
2015-07-29 19:59 - 2014-06-30 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-29 18:19 - 2007-01-02 01:53 - 00000000 ____D C:\Windows\Panther
2015-07-29 02:32 - 2015-06-22 22:37 - 00000874 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job
2015-07-29 02:23 - 2012-04-13 19:06 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job
2015-07-28 20:18 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2015-07-28 19:36 - 2014-07-02 20:29 - 00000045 _____ C:\Windows\system32\initdebug.nfo
2015-07-28 02:04 - 2015-04-18 21:35 - 00000328 _____ C:\Windows\Tasks\HPCeeScheduleForinFidel.job
2015-07-27 20:57 - 2015-04-05 15:54 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 19:15 - 2009-07-14 04:37 - 00000000 ____D C:\Windows\rescache
2015-07-25 17:25 - 2012-09-18 12:56 - 00000000 ____D C:\ProgramData\xml_param
2015-07-23 11:17 - 2012-06-28 22:19 - 00000000 ____D C:\Windows\Minidump
2015-07-23 11:00 - 2009-07-14 06:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-07-21 21:00 - 2009-07-14 06:33 - 03823832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 23:02 - 2011-08-12 11:14 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-07-18 20:10 - 2014-07-02 17:15 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-16 15:00 - 2015-05-09 18:46 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 08:23 - 2013-11-19 11:22 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 07:52 - 2012-07-10 00:24 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 12:40 - 2012-04-13 20:01 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-07-15 12:40 - 2011-08-12 10:55 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2012-07-04 14:08 - 2013-05-05 15:24 - 0001456 _____ () C:\Users\inFidel\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-07-20 00:02 - 2015-08-03 22:10 - 0001456 _____ () C:\Users\inFidel\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-02-21 07:29 - 2014-12-14 23:09 - 0007627 _____ () C:\Users\inFidel\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\inFidel\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp3futq.dll
C:\Users\inFidel\AppData\Local\Temp\sfamcc00001.dll
C:\Users\inFidel\AppData\Local\Temp\sfamcc00002.dll
C:\Users\inFidel\AppData\Local\Temp\sfareca00001.dll
C:\Users\inFidel\AppData\Local\Temp\sfextra.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-25 19:06

==================== End of log ============================

 

And the Additional FRST log:

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-08-2015 01
Ran by inFidel (2015-08-06 19:48:05)
Running from C:\Users\inFidel\Desktop\FRST
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4041656617-1838989228-2178339868-500 - Administrator - Disabled)
Guest (S-1-5-21-4041656617-1838989228-2178339868-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4041656617-1838989228-2178339868-1004 - Limited - Enabled)
inFidel (S-1-5-21-4041656617-1838989228-2178339868-1000 - Administrator - Enabled) => C:\Users\inFidel

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
ABBYY FineReader 9.0 Professional Edition (HKLM\...\{F9000000-0001-0000-0000-074957833700}) (Version: 9.00.662.5581 - ABBYY)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{941B4CE7-3F5D-443E-A8B7-56A420D2EAFD}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{A930C335-3FC8-A452-B8CA-F3998969CA3A}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
Broadcom Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.1600 - Broadcom Corporation)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.1600 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Cheat Engine 6.4 (HKLM\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4305 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.)
ESU for Microsoft Windows 7 SP1 (HKLM\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
FileZilla Client 3.7.3 (HKLM\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
Futuremark SystemInfo (HKLM\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
Google Chrome (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company)
HP CoolSense (HKLM\...\{0D8B3696-E52D-4291-B833-9F6AEB1CC4AB}) (Version: 2.1.0 - Hewlett-Packard Company)
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{226837D8-0BF8-4CBE-BAB2-8F07E2C2B4DD}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{7414C891-720D-4E86-85E5-C3AA898DA9EC}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP On Screen Display (HKLM\...\{D7670221-BF9B-4DFF-B26B-5BE55A87329F}) (Version: 1.2.2 - Hewlett-Packard Company)
HP Power Manager (HKLM\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP QuickWeb (HKLM\...\{57D8E376-0E8A-4AFD-9040-DA2D33B7FF94}) (Version: 3.1.0.9791 - Hewlett-Packard Company)
HP Setup (HKLM\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)
HP Setup Manager (HKLM\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)
HP Software Framework (HKLM\...\{31EEA563-3544-4EA1-8773-BCBF83F9627A}) (Version: 4.1.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (HKLM\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6351.0 - IDT)
Imagenomic Portraiture 2.3 Plug-in (build 2308) (HKLM\...\ImagenomicPortraiturePlugin) (Version:  - )
iSkysoft Video Converter(Build 3.1.1.0) (HKLM\...\iSkysoft Video Converter_is1) (Version:  - iSkysoft Software)
iTunes (HKLM\...\{0A37EE62-9A58-420D-90CC-4E52153112EE}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lucid Dream Preparation (HKLM\...\Lucid Dream Preparation_is1) (Version:  - )
Magic ISO Maker v5.4 (build 0239) (HKLM\...\Magic ISO Maker v5.4 (build 0239)) (Version:  - )
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 33.0 (x86 en-US) (HKLM\...\Mozilla Firefox 33.0 (x86 en-US)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
Osmo4/GPAC (remove only) (HKLM\...\Osmo4) (Version:  - )
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Ports Of Call Simulator 3d - Updater (HKLM\...\Ports Of Call Simulator 3d - Updater) (Version:  - )
Ports Of Call Simulator 3d (HKLM\...\Ports Of Call Simulator 3d) (Version:  - )
Ports Of Call XXL (HKLM\...\Ports Of Call XXL) (Version:  - )
Ports Of Call XXL WEB installer (HKLM\...\Ports Of Call XXL WEB installer) (Version: 1.0.13 - MMS Dipl.-Ing. Rolf-Dieter Klein)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Quintessential Player (HKLM\...\Quintessential Player) (Version: 4.51 - Quinnware)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.46.610.2011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver and Utility (HKLM\...\{0DF70CB6-553A-4C57-8E6D-87635EECFB78}) (Version: 1.00.0145 - ALFA NETWORK Inc..)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recover My Files (HKLM\...\Recover My Files v5_is1) (Version: 5.1.0.1824 - GetData Pty Ltd)
Recovery Manager (Version: 2.0.0 - Hewlett-Packard) Hidden
Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
Sublime Text Build 3059 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version:  - )
Topaz  InFocus (HKLM\...\Topaz  InFocus) (Version: 1.0.0 - Topaz Labs)
Topaz  InFocus (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM\...\Topaz Adjust 4) (Version: 4.1.0 - Topaz Labs)
Topaz Adjust 4 (Version: 4.1.0 - Topaz Labs) Hidden
Topaz DeNoise 5 (HKLM\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs)
Topaz DeNoise 5 (Version: 5.0.1 - Topaz Labs) Hidden
Topaz Detail 2 (HKLM\...\Topaz Detail 2) (Version: 2.0.5 - Topaz Labs)
Topaz Detail 2 (Version: 2.0.5 - Topaz Labs) Hidden
Topaz ReMask 3 (HKLM\...\Topaz ReMask 3) (Version: 3.1.0 - Topaz Labs)
Topaz ReMask 3 (Version: 3.1.0 - Topaz Labs) Hidden
TunnelBear (HKLM\...\{24ab069f-4a6a-43db-a29a-ab0daf2e8f2e}) (Version: 2.2.25.0 - TunnelBear)
TunnelBear (Version: 2.2.25.0 - TunnelBear) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Viber (HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\...\Viber) (Version: 3.0.0.134678 - Viber Media Inc)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinHTTrack Website Copier 3.48-19 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.19 - HTTrack)
Winrar 3.93 (HKLM\...\Winrar 3.93) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{219D3EAA-D5B5-9D41-67F5-C9D57885EE5A}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Chrome\Application\44.0.2403.125\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Google\Update\1.3.28.1\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\inFidel\AppData\Roaming\Dropbox\bin\DropboxExt.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4041656617-1838989228-2178339868-1000_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\inFidel\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll (Dropbox, Inc.)

==================== Restore Points =========================

06-08-2015 17:39:43 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-04-13 19:24 - 2014-08-30 00:52 - 00000924 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
google.com serena.costa.it
google.com onboardportal.serena.costa.it

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {009986E1-084C-45EA-9604-7C8FC043A1B3} - System32\Tasks\RealCreateProcessScheduledTask1255228849S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {103AAA73-BD59-4F3F-9257-15810F30E961} - System32\Tasks\HPCeeScheduleForinFidel => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {20E6881A-B853-4D82-82C7-F135398C8FCF} - System32\Tasks\{351260BE-BC63-47A8-966B-0729B8279AC5} => pcalua.exe -a C:\PROGRA~1\poc\pocxxl\UNWISE.EXE -c C:\PROGRA~1\poc\pocxxl\INSTAL~1.LOG
Task: {354FB93B-2CD8-4E84-B8F4-FB347026CEF3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4885BD6E-AB34-4F93-B1BF-6F00AC56797E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {4BEFD5F4-9E85-4068-8279-BBDB61B181CB} - System32\Tasks\AdobeAAMUpdater-1.0-inFidel-1337-inFidel => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated)
Task: {53A86098-E92D-465A-9992-5B0DE052377E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {55E475E8-CD21-4285-BC33-0BB31C3C0F3B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
Task: {5AD50DD1-F8CB-44BD-8037-C916B4487505} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-13] (Google Inc.)
Task: {5AD99B81-4044-4598-A14C-A96AA6485E44} - System32\Tasks\RealCreateProcessScheduledTask422498102S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {5E9E1543-5646-4D83-9217-C26BFFF0EB9A} - System32\Tasks\ReclaimerUpdateXML_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {6283D386-3EE5-4D2C-9649-D392BC8BD632} - System32\Tasks\ReclaimerUpdateFiles_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {6862C974-65DA-4679-BDFD-4822FAEBEF23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {70EFD96E-15A1-4F5C-9D80-C7DF43B7FE07} - System32\Tasks\RealCreateProcessScheduledTask1816915314S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {71E639F9-8720-44DC-BCB3-361CCF47B5E9} - System32\Tasks\RNUpgradeHelperResumePrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {7D6D93E2-73C2-4AC5-A718-42BE28FC0578} - System32\Tasks\RealCreateProcessScheduledTask252138895S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {7F68AF9C-4412-453D-8D6E-5416A6416BB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23] (Facebook Inc.)
Task: {82B34A9E-CDE5-485B-AB0D-18F493C00310} - System32\Tasks\RealCreateProcessScheduledTask1575878248S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {860EC9CB-A3CF-4BBB-AABD-71E1A4B14DA9} - System32\Tasks\RealCreateProcessScheduledTask3427956672S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {8F7EB076-1391-433B-8052-A4439A675A14} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {98CB750C-B919-409C-8666-BCE5246A5CB8} - System32\Tasks\RealCreateProcessScheduledTask977211496S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {9DD41417-F1DD-4A5E-AAD3-B08331EB3424} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {A069C56C-0897-4BA2-8D03-F6053EF86B9D} - System32\Tasks\RNUpgradeHelperLogonPrompt_inFidel => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe [2014-06-26] (RealNetworks, Inc.)
Task: {A5FC74E8-BD6D-4D81-9B55-F1ADB1730C4D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {B72CD943-73BF-44B2-B595-9696646795E5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {BD56AF2E-907C-44C8-897A-40C9806F3725} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {BED9992B-B1C6-4AB7-B3C5-C88E6B6520D7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C2D86B3B-2BC1-431E-8AE1-473AC64CFB88} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-15] (Adobe Systems Incorporated)
Task: {C4878030-99B3-45D1-BC5A-106549CAD895} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)
Task: {C93C598B-FEB8-4255-8540-FA81DA29185A} - System32\Tasks\{C4DE863C-94D5-40D1-9C25-152C05E4A3BC} => pcalua.exe -a C:\PROGRA~1\MagicISO\UNWISE.EXE -c C:\PROGRA~1\MagicISO\INSTALL.LOG
Task: {CC2282AC-B4DA-4915-BB90-D9CB1E511BEE} - System32\Tasks\RealCreateProcessScheduledTask3586971720S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {CFF52379-353C-4C55-9ACF-0752840AB3FE} - System32\Tasks\RealCreateProcessScheduledTask3278052768S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {D05CC1AE-6F8F-46AA-B059-78292F4FA782} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline No Task File <==== ATTENTION
Task: {D44DD388-5750-4948-BAAE-C734BB0EADE8} - System32\Tasks\MirageAgent => C:\Program Files\CyberLink\YouCam\YCMMirage.exe [2011-07-07] (CyberLink)
Task: {DC16CBDE-AA9E-4210-A986-8D68EA498A7D} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4041656617-1838989228-2178339868-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E0BA284D-66A1-45B7-81C3-26863D50B281} - System32\Tasks\RealCreateProcessScheduledTask3543218697S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {E7973815-D42D-4EDC-9FCF-88D6231943D2} - System32\Tasks\RealCreateProcessScheduledTask460272418S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {EDA8FD07-340F-4073-8D95-DB2FBBF08B12} - System32\Tasks\RealCreateProcessScheduledTask1257031909S-1-5-21-4041656617-1838989228-2178339868-1000 => c:\program files\real\realplayer\update\realsched.exe [2013-12-13] (RealNetworks, Inc.)
Task: {FA930F2A-9ECB-4043-836C-6C803C2FB6D6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-22] (Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000Core.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4041656617-1838989228-2178339868-1000UA.job => C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForinFidel.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_inFidel.job => C:\Users\inFidel\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe

==================== Loaded Modules (Whitelisted) ==============

2013-08-07 21:25 - 2013-08-07 21:25 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll
2010-03-15 11:28 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2014-05-12 11:49 - 2014-05-12 11:49 - 00260608 _____ () C:\Program Files\Notepad++\NppShell_06.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\inFidel\Desktop\NEW-LOGO-2014.png:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4041656617-1838989228-2178339868-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\inFidel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: ABBYY.Licensing.FineReader.Professional.9.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AESTFilters => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: ezSharedSvc => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: HP Support Assistant Service => 2
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPDrvMntSvc.exe => 2
MSCONFIG\Services: hpqwmiex => 3
MSCONFIG\Services: hpsrv => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: Realtek87B => 2
MSCONFIG\Services: SkypeUpdate => 3
MSCONFIG\Services: STacSV => 2
MSCONFIG\Services: TunnelBearMaintenance => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^inFidel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Dropbox Update => "C:\Users\inFidel\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
MSCONFIG\startupreg: Facebook Update => "C:\Users\inFidel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\inFidel\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP CoolSense => C:\Program Files\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NCPluginUpdater => "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
MSCONFIG\startupreg: TkBellExe => "c:\program files\real\realplayer\update\realsched.exe"  -osboot

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{13150711-637C-4B7B-B015-927C8AFD0B34}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8A11AF01-A2E1-42FE-A548-E27057A37A69}] => (Allow) LPort=2869
FirewallRules: [{8FC51FDF-9204-4114-B98C-FDE066FE7A42}] => (Allow) LPort=1900
FirewallRules: [{D7B0BF1F-5AC7-4BDE-95EA-48353153D9B2}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{6B1C6C39-989E-45C0-85C8-30E9EE046446}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{EA72AEC1-BC41-41FC-8C9B-F2CC50E56246}] => (Allow) C:\Windows\system32\ezSharedSvcHost.exe
FirewallRules: [{503748D5-04FD-4FC0-BBEF-613EACE3B0B4}] => (Allow) C:\Program Files\EasyBits For Kids\ezDesktop.exe
FirewallRules: [{25C05E15-0F88-43CA-BF88-A6699555192D}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{CDEB5FDC-6FE5-427D-970A-078496B66720}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{4ABDBE74-524E-4004-A29E-964F100DDD72}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{596B2558-52B5-43EA-9382-68F871A3FE16}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{20EDB504-9744-4606-A198-B9171F7071F8}] => (Allow) C:\Users\inFidel\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{29A5756D-6F75-4441-AEC2-96EAE6476ED7}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{D7EC3FAC-2050-402C-A6B3-BCDC169A855D}] => (Allow) C:\Program Files\Realtek\RTL8187 Wireless LAN Utility\RtWLan.exe
FirewallRules: [{BA03B495-55E6-4CE0-B8A0-5EED5450DD01}] => (Allow) LPort=1542
FirewallRules: [{9CD2D101-7391-45AF-94F1-2E464E048363}] => (Allow) LPort=1542
FirewallRules: [{1A48C6AB-4E1D-413C-9378-D793A3DAA5EB}] => (Allow) LPort=53
FirewallRules: [TCP Query User{5036818C-8EB0-4344-9929-64EF17FD885E}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{60E77581-9FF8-4C73-A6F6-31EA5EDD5B70}C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\infidel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{AEC02BD7-A6E1-421E-ADFC-D1F45C07C0FC}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [{65367420-F09D-46F0-A7A8-8E3AFF5E2386}] => (Allow) C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\USBSetup.exe
FirewallRules: [TCP Query User{B74A1F15-39F3-4CE2-8A7C-5F2E46B37A39}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe
FirewallRules: [UDP Query User{272B80D2-3BCE-42F7-B2C0-CDD78C884450}C:\program files\poc\pocxxl\bin\pocxxl.exe] => (Allow) C:\program files\poc\pocxxl\bin\pocxxl.exe
FirewallRules: [{C16841EF-920F-4323-99D5-3D3993DCD3F9}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{9CAFFCC9-9E0A-4911-809B-CA1C52D63A48}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{C4998E5E-82F4-44DB-A08C-94E5ABAFADD8}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{A2B7E03B-E010-4968-A99A-C82E2107E370}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{8C81D482-2533-4D4C-938F-E257F60AF7F2}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{18AB7373-127E-42E2-AA72-B9FBC9C3951E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C421BD34-A57C-4D92-9AA3-E92DAA163EB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F8762FD3-57FF-4E15-8A90-90F2C5B5FE14}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{795010D6-440A-4A01-803D-57EA1877225B}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F38BFF15-E50E-4187-8426-369D6AABDF6D}] => (Allow) C:\Users\inFidel\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{FFEA7936-A8B5-4B08-98AA-B3EB0A451214}] => (Allow) C:\Users\inFidel\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/06/2015 06:07:45 PM) (Source: ESENT) (EventID: 467) (User: )
Description: taskhost (2352) WebCacheLocal: Database C:\Users\inFidel\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat: Index PartitionIdIndex of table Containers is corrupted (0).

Error: (08/06/2015 05:57:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2015 05:37:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2015 06:13:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wuauclt.exe, version: 7.6.7601.18917, time stamp: 0x559eab0c
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x69770073
Faulting process id: 0x1718
Faulting application start time: 0xwuauclt.exe0
Faulting application path: wuauclt.exe1
Faulting module path: wuauclt.exe2
Report Id: wuauclt.exe3

Error: (07/28/2015 08:15:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2015 08:50:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dropbox.exe, version: 3.6.9.0, time stamp: 0x550a7723
Faulting module name: ole32.dll, version: 6.1.7601.18915, time stamp: 0x55981b9e
Exception code: 0xc0000005
Fault offset: 0x0002d7e1
Faulting process id: 0xcd4
Faulting application start time: 0xDropbox.exe0
Faulting application path: Dropbox.exe1
Faulting module path: Dropbox.exe2
Report Id: Dropbox.exe3

Error: (07/27/2015 08:47:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/25/2015 05:30:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2015 11:02:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/23/2015 10:59:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15819


System errors:
=============
Error: (08/06/2015 05:55:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/06/2015 05:54:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (08/06/2015 05:36:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (08/06/2015 05:35:10 PM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (07/29/2015 06:19:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/29/2015 12:21:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

Error: (07/29/2015 02:17:49 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/28/2015 08:14:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom

Error: (07/28/2015 08:12:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (07/27/2015 08:47:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
cdrom


Microsoft Office:
=========================

==================== Memory info ===========================

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 34%
Total physical RAM: 3578.91 MB
Available physical RAM: 2357.66 MB
Total Virtual: 7156.13 MB
Available Virtual: 5956.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:50.27 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:15.73 GB) (Free:1.73 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.1 GB) FAT32
Drive f: (Data) (Fixed) (Total:345.86 GB) (Free:152.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 6500A13B)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=365.6 GB) - (Type=OF Extended)

==================== End of log ============================

 

 

After the reboot I'll edit the post and include the boot log.


  • 0






Similar Topics


Also tagged with one or more of these keywords: slow, windows 10, hp pavilion dm1, help, problem

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP