Internet explorer 11 and even Edge seem to freeze a lot. Sometimes I when a tab freezes I it flickers quickly,
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-11-2015 02
Ran by patri_000 (administrator) on TOUCHOFGREY (25-11-2015 17:59:21)
Running from C:\Users\patri_000\Downloads
Loaded Profiles: patri_000 (Available Profiles: patri_000 & Administrator)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Contour Design, Inc.) C:\Program Files (x86)\Contour Shuttle\ShuttleEngine.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BitTorrent Inc.) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Contour Design, Inc.) C:\Program Files (x86)\Contour Shuttle\ShuttleHelper.exe
(BitTorrent Inc.) C:\Users\patri_000\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(BitTorrent Inc.) C:\Users\patri_000\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6416.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6418.23501.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 2012-09-07] (Synaptics Incorporated)
HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285680 2013-03-05] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Contour Shuttle Device Helper] => C:\Program Files (x86)\Contour Shuttle\ShuttleHelper.exe [128000 2013-08-26] (Contour Design, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation)
HKLM-x32\...\Run: [ospd_us_014010123] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [Google Update] => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc.)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-04] (PeerBlock, LLC)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [EPSON Stylus Photo R280 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATICKA.EXE [213504 2007-04-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [uTorrent] => C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [WindApp] => "C:\Users\patri_000\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [Selection Tools] => "C:\Users\patri_000\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\RunOnce: [Uninstall C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\MountPoints2: {6adfeada-4a42-11e5-bebb-681729f16340} - "G:\DTVP_Launcher.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-29] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2015-07-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2015-07-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Startup: C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-09-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{63155eb5-97b5-4064-ba12-b9aa9cbb2a40}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{95b8d7f3-d84b-4228-a7e8-0d2c896bb31b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001 -> DefaultScope {98CA42E9-1562-4F0E-868F-878FE766C7A8} URL =
SearchScopes: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001 -> {98CA42E9-1562-4F0E-868F-878FE766C7A8} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-29] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-08] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-29] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://rsvpn.raytheon.com/dana-cached/sc/JuniperSetupClient.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-08-12] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2014-11-08] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1294961462-4170339457-2841224387-1001: @tools.google.com/Google Update;version=3 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1294961462-4170339457-2841224387-1001: @tools.google.com/Google Update;version=9 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [jid1-xNAj4KGyf5wyhg@jetpack] - C:\Program Files (x86)\Faster Web\faster-web.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-29] [not signed]
Chrome:
=======
CHR Profile: C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-05]
CHR Extension: (Google Drive) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-05]
CHR Extension: (YouTube) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-05]
CHR Extension: (Google Cast) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-06-05]
CHR Extension: (Google Search) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-05]
CHR Extension: (Google Wallet) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-05]
CHR Extension: (Gmail) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-10-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-29]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-29] (AVAST Software)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-08] (Realsil Microelectronics Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-17] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 nlsX86cc; C:\WINDOWS\system32\nlssrv32.exe [66560 2010-11-22] (Nalpeiron Ltd.) [File not signed]
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2010-11-22] (Nalpeiron Ltd.) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 ShuttleEngine; C:\Program Files (x86)\Contour Shuttle\ShuttleEngine.exe [99840 2013-08-26] (Contour Design, Inc.) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-09] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-09] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-29] (AVAST Software)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-09] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-09] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-09] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-06-17] (Intel Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-04] ()
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-11-11] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-07] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-07] (Synaptics Incorporated)
R1 swsedrvr_vw_1_10_0_25; C:\Windows\System32\drivers\swsedrvr_vw_1_10_0_25.sys [57720 2015-09-22] (SS)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-09] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-09] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows ® Win 7 DDK provider)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-25 17:59 - 2015-11-25 17:59 - 00022372 _____ C:\Users\patri_000\Downloads\FRST.txt
2015-11-25 17:59 - 2015-11-25 17:59 - 00000000 ____D C:\FRST
2015-11-25 17:58 - 2015-11-25 17:58 - 02348544 _____ (Farbar) C:\Users\patri_000\Downloads\FRST64.exe
2015-11-25 17:45 - 2015-11-25 17:45 - 00016148 _____ C:\WINDOWS\system32\TOUCHOFGREY_patri_000_HistoryPrediction.bin
2015-11-21 19:15 - 2015-11-21 19:15 - 00000000 ____D C:\Users\patri_000\Downloads\Burnt 2015 English Movies HDCam XviD AAC Audio Cleaned New Source with sample ~ ☻rDX☻
2015-11-18 18:27 - 2015-11-18 18:27 - 00127108 _____ C:\Users\patri_000\Documents\chrysler sale vadmv record.pdf
2015-11-16 04:44 - 2015-11-16 04:44 - 00004530 _____ C:\Users\patri_000\Documents\pivotcode.txt
2015-11-14 11:52 - 2015-11-14 12:12 - 00000000 ____D C:\Users\patri_000\Downloads\Calendar Girls (2015) x264 2CD WEBHD AAC M-SubS[HDMaN ExCluSive]
2015-11-14 11:52 - 2015-11-14 12:12 - 00000000 ____D C:\Users\patri_000\Downloads\Burnt 2015 CAM ENG READNFO XviD-CPG
2015-11-14 11:46 - 2015-11-14 11:53 - 838842143 _____ C:\Users\patri_000\Downloads\Entertainment.2015.720p.WEB-DL.800MB.ShAaNiG.mkv
2015-11-12 03:10 - 2015-11-12 03:10 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-11-11 18:56 - 2015-11-11 18:56 - 09898720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2015-11-11 06:39 - 2015-11-05 00:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 06:39 - 2015-11-05 00:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 06:39 - 2015-11-05 00:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 06:39 - 2015-11-05 00:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 06:39 - 2015-11-05 00:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 06:39 - 2015-11-05 00:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 06:39 - 2015-11-05 00:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 06:39 - 2015-11-05 00:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 06:39 - 2015-11-04 23:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 06:39 - 2015-11-04 23:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 06:39 - 2015-11-04 23:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 06:39 - 2015-11-04 23:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 06:39 - 2015-11-04 23:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 06:39 - 2015-11-04 23:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 06:39 - 2015-11-04 23:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 06:39 - 2015-11-04 23:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 06:39 - 2015-11-04 23:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 06:39 - 2015-11-04 23:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 06:39 - 2015-11-04 23:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 06:39 - 2015-11-04 23:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 06:39 - 2015-11-04 23:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 06:39 - 2015-11-04 23:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 06:39 - 2015-11-04 23:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 06:39 - 2015-11-04 23:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 06:39 - 2015-11-04 23:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 06:39 - 2015-11-04 23:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 06:39 - 2015-11-04 23:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 06:39 - 2015-11-04 23:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 06:39 - 2015-11-04 23:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 06:39 - 2015-11-04 23:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 06:39 - 2015-11-04 23:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 06:39 - 2015-11-04 23:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 06:39 - 2015-11-04 23:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 06:39 - 2015-11-04 22:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 06:39 - 2015-11-04 22:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 06:39 - 2015-11-04 22:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 06:39 - 2015-11-04 22:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 06:39 - 2015-11-04 22:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 06:39 - 2015-11-04 22:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 06:39 - 2015-11-04 22:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 06:39 - 2015-11-04 22:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 06:39 - 2015-11-04 22:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 06:39 - 2015-11-04 22:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 06:39 - 2015-11-04 22:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 06:39 - 2015-11-04 22:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 06:39 - 2015-11-04 22:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 06:39 - 2015-11-04 22:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 06:39 - 2015-11-04 22:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 06:39 - 2015-11-04 22:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 06:39 - 2015-11-04 22:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 06:39 - 2015-11-04 22:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 06:39 - 2015-11-04 22:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 06:39 - 2015-11-04 22:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-09 16:29 - 2015-11-09 16:29 - 00000000 ____D C:\Users\patri_000\Downloads\Mistress.America.2015.HDRip.XviD.AC3-EVO
2015-11-04 04:08 - 2015-11-04 04:08 - 03530042 _____ C:\Users\patri_000\Documents\Excel Pivot Tables Recipe Book - A Problem-Solution Approach (2006).pdf
2015-11-04 04:07 - 2015-11-04 04:07 - 13185386 _____ C:\Users\patri_000\Documents\Pivot Table Datta Crunching for MS Excel 2007.pdf
2015-10-31 04:40 - 2015-10-31 04:43 - 11519036 _____ C:\Users\patri_000\Downloads\Pivot Table Datta Crunching for MS Excel 2007.pdf
2015-10-31 04:25 - 2015-10-31 04:37 - 00000000 ____D C:\Users\patri_000\Downloads\Excel Pivot Tables Recipe Book - A Problem-Solution Approach (2006) & Excel Programming Weekend Crash Course (2003)
2015-10-31 04:03 - 2015-10-31 04:14 - 00000000 ____D C:\Users\patri_000\Downloads\VBA
2015-10-31 03:58 - 2015-10-31 04:08 - 00000000 ____D C:\Users\patri_000\Downloads\Raspberry Pi
2015-10-29 12:59 - 2015-10-29 12:59 - 00000000 ____D C:\Users\patri_000\AppData\Roaming\AVAST Software
2015-10-29 12:58 - 2015-11-06 12:58 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-10-29 12:58 - 2015-11-06 12:58 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-10-29 12:58 - 2015-10-29 12:58 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-29 12:58 - 2015-10-29 12:58 - 00001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-29 12:58 - 2015-10-29 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-29 12:57 - 2015-10-29 12:57 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-10-29 12:56 - 2015-10-29 12:56 - 00000000 ____D C:\Program Files\AVAST Software
2015-10-29 12:55 - 2015-10-29 12:55 - 05693032 _____ (AVAST Software) C:\Users\patri_000\Downloads\avast_free_antivirus_setup_online.exe
2015-10-29 12:55 - 2015-10-29 12:55 - 00000000 ____D C:\ProgramData\AVAST Software
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-25 17:59 - 2015-07-10 04:47 - 00000000 ____D C:\Windows
2015-11-25 17:58 - 2013-12-24 14:33 - 00000000 ____D C:\Users\patri_000\AppData\Roaming\uTorrent
2015-11-25 14:32 - 2015-10-17 11:57 - 00876942 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-25 14:32 - 2015-07-30 17:40 - 00000000 ____D C:\WINDOWS\INF
2015-11-25 14:27 - 2015-09-18 16:26 - 00000000 ____D C:\Users\patri_000\AppData\LocalLow\uTorrent
2015-11-25 14:26 - 2014-11-24 17:59 - 00000000 __SHD C:\Users\patri_000\IntelGraphicsProfiles
2015-11-25 14:25 - 2015-07-30 16:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-25 14:22 - 2013-12-21 17:13 - 00000948 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001UA.job
2015-11-25 14:20 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-25 14:17 - 2015-10-17 12:44 - 00003338 _____ C:\WINDOWS\System32\Tasks\Intel® Rapid Start Technology Manager
2015-11-25 13:57 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-25 07:30 - 2015-07-30 17:42 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-11-25 07:25 - 2015-03-15 21:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-24 18:21 - 2013-12-21 17:13 - 00000896 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001Core.job
2015-11-24 10:48 - 2015-07-30 17:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-21 19:15 - 2013-12-24 14:37 - 00000000 ____D C:\Program Files\PeerBlock
2015-11-18 18:27 - 2015-07-23 08:22 - 00000000 ____D C:\Users\patri_000\AppData\Local\CutePDF Writer
2015-11-16 14:57 - 2015-10-17 11:42 - 00000000 ____D C:\Users\patri_000
2015-11-15 03:52 - 2013-12-29 14:20 - 00000000 ____D C:\Users\patri_000\AppData\Roaming\vlc
2015-11-14 16:50 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-12 05:16 - 2015-07-10 04:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-12 05:15 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-12 03:26 - 2015-09-10 08:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-12 03:26 - 2015-09-10 08:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-12 03:23 - 2015-07-30 17:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-12 03:09 - 2013-12-23 21:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 03:09 - 2013-08-22 08:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-11-12 03:04 - 2013-12-23 21:27 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 19:23 - 2013-12-21 17:16 - 00002518 _____ C:\Users\patri_000\Desktop\Google Chrome.lnk
2015-11-11 18:56 - 2015-05-14 11:10 - 00410848 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2015-11-11 18:56 - 2015-05-14 11:10 - 00091872 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2015-11-11 18:56 - 2013-11-06 08:26 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-11-11 12:25 - 2015-03-15 21:18 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-03 13:20 - 2015-07-30 17:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 13:20 - 2015-07-30 17:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-01 21:50 - 2015-09-26 06:36 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
==================== Files in the root of some directories =======
2015-10-25 05:21 - 2015-10-25 05:22 - 0001281 _____ () C:\Users\patri_000\AppData\Roaming\Bubble Dock.boostrap.log
2015-10-25 05:22 - 2015-10-25 05:22 - 0005737 _____ () C:\Users\patri_000\AppData\Roaming\Bubble Dock.installation.log
2015-10-25 05:22 - 2015-10-25 05:22 - 0000078 _____ () C:\Users\patri_000\AppData\Roaming\Selection Tools.installation.log
2015-10-25 05:21 - 2015-10-25 05:21 - 0000097 _____ () C:\Users\patri_000\AppData\Roaming\WindApp.boostrap.log
2015-10-25 05:22 - 2015-10-25 05:22 - 0000078 _____ () C:\Users\patri_000\AppData\Roaming\WindApp.installation.log
2013-11-06 08:41 - 2013-11-06 08:42 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-11-06 08:37 - 2013-11-06 08:38 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-11-06 08:38 - 2013-11-06 08:39 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-11-06 08:36 - 2013-11-06 08:37 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-11-06 08:39 - 2013-11-06 08:41 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Some files in TEMP:
====================
C:\Users\patri_000\AppData\Local\Temp\netstream.exe
C:\Users\patri_000\AppData\Local\Temp\The+Dead+End+2015+HD1080P+X264+AAC+Mandarin+CHS+Mp4Ba__15022_i1722736069_il1854021.exe
C:\Users\patri_000\AppData\Local\Temp\vlc-2.2.1-win32.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-18 15:16
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:25-11-2015 02
Ran by patri_000 (administrator) on TOUCHOFGREY (25-11-2015 17:59:21)
Running from C:\Users\patri_000\Downloads
Loaded Profiles: patri_000 (Available Profiles: patri_000 & Administrator)
Platform: Windows 10 Home (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Contour Design, Inc.) C:\Program Files (x86)\Contour Shuttle\ShuttleEngine.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel) C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel® Corporation) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(BitTorrent Inc.) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Contour Design, Inc.) C:\Program Files (x86)\Contour Shuttle\ShuttleHelper.exe
(BitTorrent Inc.) C:\Users\patri_000\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(BitTorrent Inc.) C:\Users\patri_000\AppData\Roaming\uTorrent\updates\3.4.5_41202\utorrentie.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6416.42001.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\BackgroundTransferHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.6418.23501.0_x64__8wekyb3d8bbwe\HubTaskHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3759504 2012-07-20] (Dell Inc.)
HKLM\...\Run: [IntelMyWiFiDashboard] => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [5010224 2012-07-13] (Intel® Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-24] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2917688 2012-09-07] (Synaptics Incorporated)
HKLM\...\Run: [3D BubbleSound] => "C:\Program Files\BubbleSound\3D BubbleSound.exe"
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285680 2013-03-05] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [102928 2012-10-23] (CyberLink Corp.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Contour Shuttle Device Helper] => C:\Program Files (x86)\Contour Shuttle\ShuttleHelper.exe [128000 2013-08-26] (Contour Design, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2013-10-23] (Power Software Ltd)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2548248 2014-04-23] (Sony Corporation)
HKLM-x32\...\Run: [ospd_us_014010123] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-06] (AVAST Software)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [Google Update] => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-09-10] (Google Inc.)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-04] (PeerBlock, LLC)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [EPSON Stylus Photo R280 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATICKA.EXE [213504 2007-04-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [uTorrent] => C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785792 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [WindApp] => "C:\Users\patri_000\AppData\Roaming\Store\WindApp\WindApp.exe" /winstartup
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Run: [Selection Tools] => "C:\Users\patri_000\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe" /winstartup
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\RunOnce: [Uninstall C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\MountPoints2: {6adfeada-4a42-11e5-bebb-681729f16340} - "G:\DTVP_Launcher.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64\FileSyncShell64.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-29] (AVAST Software)
ShellIconOverlayIdentifiers: [DBARFileBackuped] -> {831cebdd-6baf-4432-be76-9e0989c14aef} => C:\WINDOWS\system32\mscoree.dll [2015-07-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DBARFileNotBackuped] -> {275e4fd7-21ef-45cf-a836-832e5d2cc1b3} => C:\WINDOWS\system32\mscoree.dll [2015-07-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\patri_000\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\FileSyncShell.dll [2015-10-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Startup: C:\Users\patri_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2015-09-19]
ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{63155eb5-97b5-4064-ba12-b9aa9cbb2a40}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{95b8d7f3-d84b-4228-a7e8-0d2c896bb31b}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com/?pc=DCJB
SearchScopes: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001 -> DefaultScope {98CA42E9-1562-4F0E-868F-878FE766C7A8} URL =
SearchScopes: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001 -> {98CA42E9-1562-4F0E-868F-878FE766C7A8} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-29] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-11-08] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-10-20] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-29] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-10-13] (Microsoft Corporation)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://rsvpn.raytheon.com/dana-cached/sc/JuniperSetupClient.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-08-12] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll [2014-11-08] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1294961462-4170339457-2841224387-1001: @tools.google.com/Google Update;version=3 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-1294961462-4170339457-2841224387-1001: @tools.google.com/Google Update;version=9 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [jid1-xNAj4KGyf5wyhg@jetpack] - C:\Program Files (x86)\Faster Web\faster-web.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-29] [not signed]
Chrome:
=======
CHR Profile: C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-05]
CHR Extension: (Google Drive) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-05]
CHR Extension: (YouTube) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-05]
CHR Extension: (Google Cast) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-06-05]
CHR Extension: (Google Search) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-05]
CHR Extension: (Google Wallet) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-05]
CHR Extension: (Gmail) - C:\Users\patri_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-05]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-10-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-29]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-29] (AVAST Software)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2464400 2012-09-08] (Realsil Microelectronics Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-17] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [193576 2012-07-20] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 nlsX86cc; C:\WINDOWS\system32\nlssrv32.exe [66560 2010-11-22] (Nalpeiron Ltd.) [File not signed]
R2 nlsX86cc; C:\WINDOWS\SysWOW64\nlssrv32.exe [66560 2010-11-22] (Nalpeiron Ltd.) [File not signed]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481816 2014-04-23] (Sony Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R2 ShuttleEngine; C:\Program Files (x86)\Contour Shuttle\ShuttleEngine.exe [99840 2013-08-26] (Contour Design, Inc.) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [321536 2012-07-24] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-09] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-09] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\Windows\System32\drivers\lgandnetbus64.sys [20992 2014-10-10] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [30720 2014-10-10] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [37376 2014-10-10] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-29] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-06] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-29] (AVAST Software)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [165376 2015-07-09] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [36864 2015-07-09] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-09] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 irstrtdv; C:\Windows\System32\drivers\irstrtdv.sys [43800 2012-07-20] (Intel Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-06-17] (Intel Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-04] ()
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410848 2015-11-11] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-09-07] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-09-07] (Synaptics Incorporated)
R1 swsedrvr_vw_1_10_0_25; C:\Windows\System32\drivers\swsedrvr_vw_1_10_0_25.sys [57720 2015-09-22] (SS)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-09] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [47072 2012-10-09] (Windows ® Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-09] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188896 2012-10-09] (Windows ® Win 7 DDK provider)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-25 17:59 - 2015-11-25 17:59 - 00022372 _____ C:\Users\patri_000\Downloads\FRST.txt
2015-11-25 17:59 - 2015-11-25 17:59 - 00000000 ____D C:\FRST
2015-11-25 17:58 - 2015-11-25 17:58 - 02348544 _____ (Farbar) C:\Users\patri_000\Downloads\FRST64.exe
2015-11-25 17:45 - 2015-11-25 17:45 - 00016148 _____ C:\WINDOWS\system32\TOUCHOFGREY_patri_000_HistoryPrediction.bin
2015-11-21 19:15 - 2015-11-21 19:15 - 00000000 ____D C:\Users\patri_000\Downloads\Burnt 2015 English Movies HDCam XviD AAC Audio Cleaned New Source with sample ~ ☻rDX☻
2015-11-18 18:27 - 2015-11-18 18:27 - 00127108 _____ C:\Users\patri_000\Documents\chrysler sale vadmv record.pdf
2015-11-16 04:44 - 2015-11-16 04:44 - 00004530 _____ C:\Users\patri_000\Documents\pivotcode.txt
2015-11-14 11:52 - 2015-11-14 12:12 - 00000000 ____D C:\Users\patri_000\Downloads\Calendar Girls (2015) x264 2CD WEBHD AAC M-SubS[HDMaN ExCluSive]
2015-11-14 11:52 - 2015-11-14 12:12 - 00000000 ____D C:\Users\patri_000\Downloads\Burnt 2015 CAM ENG READNFO XviD-CPG
2015-11-14 11:46 - 2015-11-14 11:53 - 838842143 _____ C:\Users\patri_000\Downloads\Entertainment.2015.720p.WEB-DL.800MB.ShAaNiG.mkv
2015-11-12 03:10 - 2015-11-12 03:10 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-11-11 18:56 - 2015-11-11 18:56 - 09898720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2015-11-11 06:39 - 2015-11-05 00:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 06:39 - 2015-11-05 00:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 06:39 - 2015-11-05 00:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 06:39 - 2015-11-05 00:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 06:39 - 2015-11-05 00:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 06:39 - 2015-11-05 00:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 06:39 - 2015-11-05 00:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 06:39 - 2015-11-05 00:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 06:39 - 2015-11-04 23:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 06:39 - 2015-11-04 23:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 06:39 - 2015-11-04 23:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 06:39 - 2015-11-04 23:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 06:39 - 2015-11-04 23:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 06:39 - 2015-11-04 23:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 06:39 - 2015-11-04 23:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 06:39 - 2015-11-04 23:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 06:39 - 2015-11-04 23:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 06:39 - 2015-11-04 23:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 06:39 - 2015-11-04 23:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 06:39 - 2015-11-04 23:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 06:39 - 2015-11-04 23:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 06:39 - 2015-11-04 23:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 06:39 - 2015-11-04 23:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 06:39 - 2015-11-04 23:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 06:39 - 2015-11-04 23:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 06:39 - 2015-11-04 23:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 06:39 - 2015-11-04 23:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 06:39 - 2015-11-04 23:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 06:39 - 2015-11-04 23:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 06:39 - 2015-11-04 23:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 06:39 - 2015-11-04 23:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 06:39 - 2015-11-04 23:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 06:39 - 2015-11-04 23:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 06:39 - 2015-11-04 22:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 06:39 - 2015-11-04 22:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 06:39 - 2015-11-04 22:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 06:39 - 2015-11-04 22:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 06:39 - 2015-11-04 22:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 06:39 - 2015-11-04 22:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 06:39 - 2015-11-04 22:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 06:39 - 2015-11-04 22:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 06:39 - 2015-11-04 22:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 06:39 - 2015-11-04 22:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 06:39 - 2015-11-04 22:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 06:39 - 2015-11-04 22:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 06:39 - 2015-11-04 22:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 06:39 - 2015-11-04 22:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 06:39 - 2015-11-04 22:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 06:39 - 2015-11-04 22:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 06:39 - 2015-11-04 22:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 06:39 - 2015-11-04 22:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 06:39 - 2015-11-04 22:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 06:39 - 2015-11-04 22:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2015-11-09 16:29 - 2015-11-09 16:29 - 00000000 ____D C:\Users\patri_000\Downloads\Mistress.America.2015.HDRip.XviD.AC3-EVO
2015-11-04 04:08 - 2015-11-04 04:08 - 03530042 _____ C:\Users\patri_000\Documents\Excel Pivot Tables Recipe Book - A Problem-Solution Approach (2006).pdf
2015-11-04 04:07 - 2015-11-04 04:07 - 13185386 _____ C:\Users\patri_000\Documents\Pivot Table Datta Crunching for MS Excel 2007.pdf
2015-10-31 04:40 - 2015-10-31 04:43 - 11519036 _____ C:\Users\patri_000\Downloads\Pivot Table Datta Crunching for MS Excel 2007.pdf
2015-10-31 04:25 - 2015-10-31 04:37 - 00000000 ____D C:\Users\patri_000\Downloads\Excel Pivot Tables Recipe Book - A Problem-Solution Approach (2006) & Excel Programming Weekend Crash Course (2003)
2015-10-31 04:03 - 2015-10-31 04:14 - 00000000 ____D C:\Users\patri_000\Downloads\VBA
2015-10-31 03:58 - 2015-10-31 04:08 - 00000000 ____D C:\Users\patri_000\Downloads\Raspberry Pi
2015-10-29 12:59 - 2015-10-29 12:59 - 00000000 ____D C:\Users\patri_000\AppData\Roaming\AVAST Software
2015-10-29 12:58 - 2015-11-06 12:58 - 01059656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2015-10-29 12:58 - 2015-11-06 12:58 - 00449992 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00378880 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-10-29 12:58 - 2015-10-29 12:58 - 00274808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00153744 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00090968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-10-29 12:58 - 2015-10-29 12:58 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-10-29 12:58 - 2015-10-29 12:58 - 00001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-10-29 12:58 - 2015-10-29 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-10-29 12:57 - 2015-10-29 12:57 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-10-29 12:56 - 2015-10-29 12:56 - 00000000 ____D C:\Program Files\AVAST Software
2015-10-29 12:55 - 2015-10-29 12:55 - 05693032 _____ (AVAST Software) C:\Users\patri_000\Downloads\avast_free_antivirus_setup_online.exe
2015-10-29 12:55 - 2015-10-29 12:55 - 00000000 ____D C:\ProgramData\AVAST Software
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-11-25 17:59 - 2015-07-10 04:47 - 00000000 ____D C:\Windows
2015-11-25 17:58 - 2013-12-24 14:33 - 00000000 ____D C:\Users\patri_000\AppData\Roaming\uTorrent
2015-11-25 14:32 - 2015-10-17 11:57 - 00876942 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-25 14:32 - 2015-07-30 17:40 - 00000000 ____D C:\WINDOWS\INF
2015-11-25 14:27 - 2015-09-18 16:26 - 00000000 ____D C:\Users\patri_000\AppData\LocalLow\uTorrent
2015-11-25 14:26 - 2014-11-24 17:59 - 00000000 __SHD C:\Users\patri_000\IntelGraphicsProfiles
2015-11-25 14:25 - 2015-07-30 16:52 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-25 14:22 - 2013-12-21 17:13 - 00000948 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001UA.job
2015-11-25 14:20 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-11-25 14:17 - 2015-10-17 12:44 - 00003338 _____ C:\WINDOWS\System32\Tasks\Intel® Rapid Start Technology Manager
2015-11-25 13:57 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-11-25 07:30 - 2015-07-30 17:42 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-11-25 07:25 - 2015-03-15 21:18 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-11-24 18:21 - 2013-12-21 17:13 - 00000896 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001Core.job
2015-11-24 10:48 - 2015-07-30 17:42 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-21 19:15 - 2013-12-24 14:37 - 00000000 ____D C:\Program Files\PeerBlock
2015-11-18 18:27 - 2015-07-23 08:22 - 00000000 ____D C:\Users\patri_000\AppData\Local\CutePDF Writer
2015-11-16 14:57 - 2015-10-17 11:42 - 00000000 ____D C:\Users\patri_000
2015-11-15 03:52 - 2013-12-29 14:20 - 00000000 ____D C:\Users\patri_000\AppData\Roaming\vlc
2015-11-14 16:50 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\rescache
2015-11-12 05:16 - 2015-07-10 04:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-11-12 05:15 - 2015-07-30 17:42 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-12 03:26 - 2015-09-10 08:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-11-12 03:26 - 2015-09-10 08:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-12 03:23 - 2015-07-30 17:25 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-12 03:09 - 2013-12-23 21:27 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 03:09 - 2013-08-22 08:25 - 00000167 _____ C:\WINDOWS\win.ini
2015-11-12 03:04 - 2013-12-23 21:27 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 19:23 - 2013-12-21 17:16 - 00002518 _____ C:\Users\patri_000\Desktop\Google Chrome.lnk
2015-11-11 18:56 - 2015-05-14 11:10 - 00410848 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2015-11-11 18:56 - 2015-05-14 11:10 - 00091872 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2015-11-11 18:56 - 2013-11-06 08:26 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-11-11 12:25 - 2015-03-15 21:18 - 00003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-11-03 13:20 - 2015-07-30 17:43 - 00810488 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-11-03 13:20 - 2015-07-30 17:43 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-01 21:50 - 2015-09-26 06:36 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
==================== Files in the root of some directories =======
2015-10-25 05:21 - 2015-10-25 05:22 - 0001281 _____ () C:\Users\patri_000\AppData\Roaming\Bubble Dock.boostrap.log
2015-10-25 05:22 - 2015-10-25 05:22 - 0005737 _____ () C:\Users\patri_000\AppData\Roaming\Bubble Dock.installation.log
2015-10-25 05:22 - 2015-10-25 05:22 - 0000078 _____ () C:\Users\patri_000\AppData\Roaming\Selection Tools.installation.log
2015-10-25 05:21 - 2015-10-25 05:21 - 0000097 _____ () C:\Users\patri_000\AppData\Roaming\WindApp.boostrap.log
2015-10-25 05:22 - 2015-10-25 05:22 - 0000078 _____ () C:\Users\patri_000\AppData\Roaming\WindApp.installation.log
2013-11-06 08:41 - 2013-11-06 08:42 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2013-11-06 08:37 - 2013-11-06 08:38 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2013-11-06 08:38 - 2013-11-06 08:39 - 0000111 _____ () C:\ProgramData\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}.log
2013-11-06 08:36 - 2013-11-06 08:37 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2013-11-06 08:39 - 2013-11-06 08:41 - 0000108 _____ () C:\ProgramData\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}.log
Some files in TEMP:
====================
C:\Users\patri_000\AppData\Local\Temp\netstream.exe
C:\Users\patri_000\AppData\Local\Temp\The+Dead+End+2015+HD1080P+X264+AAC+Mandarin+CHS+Mp4Ba__15022_i1722736069_il1854021.exe
C:\Users\patri_000\AppData\Local\Temp\vlc-2.2.1-win32.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-11-18 15:16
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-11-2015 02
Ran by patri_000 (2015-11-25 18:01:49)
Running from C:\Users\patri_000\Downloads
Windows 10 Home (X64) (2015-10-17 17:41:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1294961462-4170339457-2841224387-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1294961462-4170339457-2841224387-503 - Limited - Disabled)
Guest (S-1-5-21-1294961462-4170339457-2841224387-501 - Limited - Disabled)
patri_000 (S-1-5-21-1294961462-4170339457-2841224387-1001 - Administrator - Enabled) => C:\Users\patri_000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
4Card Recovery (HKLM-x32\...\{6FE4072A-E968-438D-967A-F641BE28B279}_is1) (Version: 2.0 - 4CardRecovery)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
calibre (HKLM-x32\...\{7D69BF2B-6C60-4D0A-8A6C-BCFD025D5D84}) (Version: 1.17.0 - Kovid Goyal)
ChromecastApp (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Contour Shuttle (HKLM-x32\...\{51ADFD15-6B63-4F8E-8076-F4E31FFEE32A}) (Version: 2.10 - Contour Design, Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.13 - Synaptics Incorporated)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
DVD Architect Pro 6.0 (HKLM-x32\...\{E0E531A2-17C1-11E2-984D-1040F3E7010F}) (Version: 6.0.237 - Sony)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.4.1001 - Intel Corporation)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
iStonsoft Free YouTube Downloader (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\iStonsoft Free YouTube Downloader) (Version: 2.1.56 - iStonsoft)
Java 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Excel 2013 XLL Software Development Kit (HKLM-x32\...\{90150000-00D2-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio SDK 2013 (HKLM\...\{95150000-0050-0409-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1+ (r691) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.691 - PeerBlock, LLC)
PlayMemories Home (HKLM-x32\...\{7EA1A4E8-A5CE-4626-87DC-6DEF99BAE931}) (Version: 3.1.11.04230 - Sony Corporation)
PluralEyes for Vegas Pro (HKLM\...\{173D1F6B-87A2-4192-9943-392FEAAFDFFE}_is1) (Version: 2.0.3 - Singular Software Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Pulse Secure Setup Client (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Juniper_Setup_Client) (Version: 8.1.4.60057 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Terminal Services Client (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Juniper_Term_Services) (Version: 8.1.4.37085 - Pulse Secure, LLC)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
SimpleOCR 3.1 (HKLM-x32\...\SimpleOCR 3.1) (Version: - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Sound Forge Pro 11.0 (HKLM-x32\...\{437C8730-3505-11E3-9509-F04DA23A5C58}) (Version: 11.0.272 - Sony)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Video Converter version 6.0.0 (HKLM-x32\...\Video Converter_is1) (Version: 6.0.0 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wondershare PDF Editor OCR (HKLM-x32\...\{408133BA-3665-4EF5-9DC4-E6A475DA8119}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.)
Wondershare PDFelement(Build 4.0.0) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 4.0.0.3 - Wondershare Software Co.,Ltd.)
Засоби перевірки правопису Microsoft Office 2013 – українська мова (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Restore Points =========================
06-11-2015 03:09:43 Scheduled Checkpoint
12-11-2015 02:58:31 Windows Update
21-11-2015 07:21:47 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09B0FE3C-9F71-43BF-BE31-A8A398E1844D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {10E75F69-78CF-4514-96D1-C51BEFD085A5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1119CBB2-F0C7-4011-81DF-A8758CBA74CC} - System32\Tasks\{93F2DB5A-6B71-45A3-8702-98954E1BDB93} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.20.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {1F9AC970-25AF-48A6-9F63-B6F158D48115} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {2D7AE34B-40C9-40BD-862C-DAC7852B3FF4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-29] (AVAST Software)
Task: {2FD69FF5-CB5A-4E1A-ACE1-764E8CF2E92C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {30EDFB61-F544-4E5E-B8F5-2ECCFDC8B839} - System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Pending Update => C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== ATTENTION
Task: {37063F22-F2A5-42F9-9CC5-EC21FAA6D881} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3D72F90F-C0B3-45E5-A0F1-B84DD7739254} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {430F935D-C653-41C3-A4DE-C7050D4A3DB8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {453C8FA7-80C7-4AA3-AFD4-3BE4EDF32F77} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {4E1730B4-F696-4453-80F6-C9B6743835FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {58385222-8C18-47D2-94B7-9A6DDA8BF797} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {589A5DB3-4905-4363-B7C8-B9FD12934F8C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {59E25824-46D9-473D-BAB1-2915889B53AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5C9248EF-0B06-41ED-B62C-898242678199} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {6EBD7945-471E-437C-9281-0BAB939F8D22} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001UA => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-10] (Google Inc.)
Task: {70D1C8C1-AD15-4C4D-AF81-EC8BAEC9C990} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {75F47BE2-F6BE-4EAB-85EE-1D32FF77550F} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
Task: {7B9E805C-AEAE-46D6-8CB9-0D6295FD3CFB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {80161CE3-FD5D-4483-B25E-F2B6B22493AA} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {80FF3D51-9771-4C09-A17C-379FB161A6FF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {844D17E6-0BE9-4C04-BDF8-B30D05866451} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {86CADDF1-1C26-436F-B921-05BC4C599C42} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {86D0EAFD-511C-47EF-A349-F864996D5435} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {A7428B34-211F-4B11-A84E-87EBBC68C465} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AC0CF069-CBE3-4504-AEC4-6AD7FD559596} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {AFFBB1E4-C357-4A1A-B866-945C585498A2} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {B8491981-3182-4331-96CD-154BABD3A5FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C00E0E6C-CA37-4B06-A685-2061C462E6EA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C03743CB-4E80-46DF-B876-E09195D66050} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {C0579B56-9F6A-46E1-94BD-4DB74577905B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CB7785F3-543A-460B-8582-3CA02FE73439} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {CEF52B14-1D34-4A16-9C76-262BB1C4BF3B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E37F6728-4A25-4ED7-BAA9-E78540B324F4} - System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core => C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== ATTENTION
Task: {E511C9C6-61BA-4107-BC01-B8BA0239AE07} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {F4FA4FF8-CC22-47E9-9D2C-BF683FA6BE9B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001Core => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-10] (Google Inc.)
Task: {FEE399C7-970A-40D3-8087-F437BD0B05B8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001Core.job => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001UA.job => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-07-09 22:33 - 2015-07-09 22:33 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-09-10 00:08 - 2015-09-10 00:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-23 08:19 - 2013-10-23 14:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
2014-03-25 16:26 - 2011-04-11 00:26 - 00034304 _____ () C:\WINDOWS\System32\spe__l.dll
2015-09-10 00:08 - 2015-09-10 00:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-11-06 08:39 - 2012-04-24 21:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-10-17 15:31 - 2015-10-17 15:31 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-15 13:58 - 2015-09-15 13:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-09 22:13 - 2015-07-09 22:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-10 00:08 - 2015-09-10 00:08 - 02641760 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-09-10 00:08 - 2015-09-10 00:08 - 02108256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2015-10-29 12:57 - 2015-10-29 12:57 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-29 12:57 - 2015-10-29 12:57 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-24 15:45 - 2015-11-24 15:45 - 02994688 _____ () C:\Program Files\AVAST Software\Avast\defs\15112402\algo.dll
2015-11-25 14:31 - 2015-11-25 14:31 - 02995712 _____ () C:\Program Files\AVAST Software\Avast\defs\15112501\algo.dll
2015-10-29 12:58 - 2015-10-29 12:58 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-06 08:38 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-11-01 03:54 - 2015-11-01 03:54 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\c986c6671c3c54888ead5b238ef40475\PSIClient.ni.dll
2013-11-06 08:24 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1374505D-E345-40C7-A812-2A513F0F91AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B7B647A1-1EAD-4E0F-85CA-8943FA0BBCB5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6FA4DC2F-FD83-4F85-8E02-231AB55111A9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D55706A4-B5ED-4CC0-BA28-7D02BE2ED5F8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D9247E77-2B17-42BF-9D72-A6153A1B9F6D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{64B73AEC-94AA-42F0-BD6B-06C093EFAF1A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{39C4EDF2-6C34-44C5-B739-866D8E56FF4B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AB769E3C-6BF7-4A36-94D5-8B6B0435F310}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{101D150D-A79C-41EE-8951-70187C4A16B1}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{B546D163-FF5E-490A-8572-60D2213A3143}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{37FF098C-9300-4544-994B-0A00C6A1B18C}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{82535045-8407-43F1-B4CC-27817EE5DA1D}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{601990E4-F5D3-4BCC-8D21-11073A1836CA}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{94E2736A-2741-43B3-9EC7-76BA2A4C9996}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{481B07EE-FA39-4837-9CF4-9C7BC4D81E77}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{4E335B77-3A31-45DC-BB83-0054420B93C7}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{3323D84C-6EA8-4FB7-AE3F-96DBA97A3C93}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{70C87FE4-52C8-48DD-BA54-6E628658882F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{95E42DFA-64D9-4345-AD19-F549C8F268E0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{DB02B69D-EFEF-40CF-BB9D-A1869D118B6F}] => (Allow) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{28502CF3-4CA1-49CE-9AC9-E09CAFCEDD35}] => (Allow) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F40CBA17-CF9F-428E-8D25-660C6CC0AF96}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E2B64BB9-59F0-4FA4-9446-FBF28B750585}] => (Allow) C:\Users\patri_000\AppData\Local\Temp\Ins59C\Setup.exe
FirewallRules: [{DCB3C96D-7BFF-4C64-BDF4-66EFB6BC980D}] => (Allow) C:\Users\patri_000\AppData\Local\Temp\Ins59C\Setup.exe
FirewallRules: [{B011ABDB-0252-49C7-B62E-6E36E5CB53F0}] => (Allow) C:\Users\patri_000\AppData\Local\Temp\Ins59C\Setup.exe
FirewallRules: [{7B248379-E510-4A66-A783-CACE2900FCFC}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{3FE6CB23-805F-4937-9370-DD15782D1449}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{117A4915-0453-4586-A16B-F27E3EFF9312}] => (Allow) LPort=2869
FirewallRules: [{C42911B1-092F-4793-B353-8D6D42F579A6}] => (Allow) LPort=1900
FirewallRules: [{4FBE19AC-7A10-4BD5-8548-614046AC03D2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7B6B0A61-5DC2-451F-A729-D9905A83907C}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{C54D1572-3713-42A6-93E5-B1ADB28317A7}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{2AD1862A-3946-41B7-AE73-A8AA66CA96DA}] => (Allow) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{35428C8B-6491-4CD4-AFEF-94E759D21AFB}] => (Allow) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{7A66CE37-14B8-4398-87F8-FB28792AC2E7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A95ADF5E-81A9-451D-8805-F2E52263F5E2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0832A76B-8DED-4145-9A9A-58FA8374C841}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{659DF796-7959-483D-B0E5-CFE5E599AD9F}] => (Block) C:\program files (x86)\skype\phone\skype.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/25/2015 05:47:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.10240.16412 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 624
Start Time: 01d127b798cb6d60
Termination Time: 54
Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Report Id: 8acdbf60-93c6-11e5-becf-681729f16340
Faulting package full name:
Faulting package-relative application ID:
Error: (11/25/2015 02:29:50 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (11/25/2015 02:29:50 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7084) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (11/25/2015 02:29:39 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (11/25/2015 02:29:39 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7084) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (11/25/2015 02:29:29 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (11/25/2015 02:29:29 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7084) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (11/25/2015 02:29:19 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (11/25/2015 02:29:19 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7084) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (11/25/2015 02:29:08 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
System errors:
=============
Error: (11/25/2015 05:47:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/25/2015 05:45:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application User Notification Service service hung on starting.
Error: (11/25/2015 02:29:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 8 0x0 0x0
Error: (11/25/2015 02:29:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 4 0x0 0x0
Error: (11/25/2015 02:29:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 1 0xc 0x4
Error: (11/25/2015 02:25:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:03:36 PM on 11/25/2015 was unexpected.
Error: (11/25/2015 02:17:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 4 0x0 0x0
Error: (11/25/2015 02:17:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 1 0xc 0x4
Error: (11/25/2015 02:13:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 8 0x0 0x0
Error: (11/25/2015 02:13:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 4 0x0 0x0
CodeIntegrity:
===================================
Date: 2015-10-26 06:07:14.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-25 07:24:15.457
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:24:15.441
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:20:37.348
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:20:37.329
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:20:36.849
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:20:36.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:19:26.912
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:19:26.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:17:32.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 57%
Total physical RAM: 6010.51 MB
Available physical RAM: 2532.34 MB
Total Virtual: 7738.51 MB
Available Virtual: 4269.2 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:453.58 GB) (Free:192.93 GB) NTFS
Drive d: (Win8) (CDROM) (Total:2.14 GB) (Free:0 GB) UDF
Drive g: () (Removable) (Total:58.08 GB) (Free:58.08 GB) exFAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 76793D4F)
Partition: GPT.
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: CA279B91)
Partition: GPT.
========================================================
Disk: 2 (Size: 58.1 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:25-11-2015 02
Ran by patri_000 (2015-11-25 18:01:49)
Running from C:\Users\patri_000\Downloads
Windows 10 Home (X64) (2015-10-17 17:41:57)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1294961462-4170339457-2841224387-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-1294961462-4170339457-2841224387-503 - Limited - Disabled)
Guest (S-1-5-21-1294961462-4170339457-2841224387-501 - Limited - Disabled)
patri_000 (S-1-5-21-1294961462-4170339457-2841224387-1001 - Administrator - Enabled) => C:\Users\patri_000
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
4Card Recovery (HKLM-x32\...\{6FE4072A-E968-438D-967A-F641BE28B279}_is1) (Version: 2.0 - 4CardRecovery)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
calibre (HKLM-x32\...\{7D69BF2B-6C60-4D0A-8A6C-BCFD025D5D84}) (Version: 1.17.0 - Kovid Goyal)
ChromecastApp (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1693.0 - Google Inc.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
Contour Shuttle (HKLM-x32\...\{51ADFD15-6B63-4F8E-8076-F4E31FFEE32A}) (Version: 2.10 - Contour Design, Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.5.0.0 - Dell Inc.)
Dell Backup and Recovery (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.5.0.0 - Dell Inc.)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.16.1 - Dell Inc.)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 16.2.12.13 - Synaptics Incorporated)
DSC/AA Factory Installer (Version: 3.4.6299.48 - PC-Doctor, Inc.) Hidden
DVD Architect Pro 6.0 (HKLM-x32\...\{E0E531A2-17C1-11E2-984D-1040F3E7010F}) (Version: 6.0.237 - Sony)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Google Chrome (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® My WiFi Dashboard (HKLM\...\{1E741267-F54B-4b3a-A7B6-1D1A156E385E}) (Version: 15.05.5000.0219 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel® Rapid Start Technology (HKLM-x32\...\3D073343-CEEB-4ce7-85AC-A69A7631B5D6) (Version: 2.1.0.1002 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.4.1001 - Intel Corporation)
Intel® WiDi (HKLM\...\{6097158B-0184-4140-BEC3-7885794D2571}) (Version: 3.5.40.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
iStonsoft Free YouTube Downloader (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\iStonsoft Free YouTube Downloader) (Version: 2.1.56 - iStonsoft)
Java 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417000FF}) (Version: 7.0.0 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
LG United Mobile Drivers (HKLM-x32\...\{2D5218EB-6992-46E3-8ECE-76C79AB955CE}) (Version: 3.13.2.0 - LG Electronics)
MergeModule_x64 (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Excel 2013 XLL Software Development Kit (HKLM-x32\...\{90150000-00D2-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visio SDK 2013 (HKLM\...\{95150000-0050-0409-1000-0000000FF1CE}) (Version: 15.0.4454.1509 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.4.6299.48 - PC-Doctor, Inc.)
Noise Reduction Plug-In 2.0 (HKLM-x32\...\{847C6940-D852-11E2-81D2-F04DA23A5C58}) (Version: 2.0.596 - Sony)
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1+ (r691) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.691 - PeerBlock, LLC)
PlayMemories Home (HKLM-x32\...\{7EA1A4E8-A5CE-4626-87DC-6DEF99BAE931}) (Version: 3.1.11.04230 - Sony Corporation)
PluralEyes for Vegas Pro (HKLM\...\{173D1F6B-87A2-4192-9943-392FEAAFDFFE}_is1) (Version: 2.0.3 - Singular Software Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Pulse Secure Setup Client (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Juniper_Setup_Client) (Version: 8.1.4.60057 - Pulse Secure, LLC)
Pulse Secure Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Pulse Secure, LLC)
Pulse Secure Terminal Services Client (HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\Juniper_Term_Services) (Version: 8.1.4.37085 - Pulse Secure, LLC)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.1.003 - Dell Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.2.8400.39034 - Realtek Semiconductor Corp.)
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - )
SimpleOCR 3.1 (HKLM-x32\...\SimpleOCR 3.1) (Version: - )
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
Sound Forge Pro 11.0 (HKLM-x32\...\{437C8730-3505-11E3-9509-F04DA23A5C58}) (Version: 11.0.272 - Sony)
Trader's Little Helper 2.7.0 (HKLM-x32\...\TradersLittleHelper_is1) (Version: 2.7.0 - Robert Hoffmann)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7500970-FE98-11E1-B560-F04DA23A5C58}) (Version: 12.0.367 - Sony)
Video Converter version 6.0.0 (HKLM-x32\...\Video Converter_is1) (Version: 6.0.0 - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wondershare PDF Editor OCR (HKLM-x32\...\{408133BA-3665-4EF5-9DC4-E6A475DA8119}_is1) (Version: 3.6.0.9 - Wondershare Software Co.,Ltd.)
Wondershare PDFelement(Build 4.0.0) (HKLM-x32\...\{75BAE677-F65A-45A4-9931-363FE0CF5E58}_is1) (Version: 4.0.0.3 - Wondershare Software Co.,Ltd.)
Засоби перевірки правопису Microsoft Office 2013 – українська мова (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2013 — русский (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\patri_000\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Restore Points =========================
06-11-2015 03:09:43 Scheduled Checkpoint
12-11-2015 02:58:31 Windows Update
21-11-2015 07:21:47 Scheduled Checkpoint
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {09B0FE3C-9F71-43BF-BE31-A8A398E1844D} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {10E75F69-78CF-4514-96D1-C51BEFD085A5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1119CBB2-F0C7-4011-81DF-A8758CBA74CC} - System32\Tasks\{93F2DB5A-6B71-45A3-8702-98954E1BDB93} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.20.0.104/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {1F9AC970-25AF-48A6-9F63-B6F158D48115} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {2D7AE34B-40C9-40BD-862C-DAC7852B3FF4} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-29] (AVAST Software)
Task: {2FD69FF5-CB5A-4E1A-ACE1-764E8CF2E92C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {30EDFB61-F544-4E5E-B8F5-2ECCFDC8B839} - System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Pending Update => C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== ATTENTION
Task: {37063F22-F2A5-42F9-9CC5-EC21FAA6D881} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {3D72F90F-C0B3-45E5-A0F1-B84DD7739254} - \PCDoctorBackgroundMonitorTask -> No File <==== ATTENTION
Task: {430F935D-C653-41C3-A4DE-C7050D4A3DB8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {453C8FA7-80C7-4AA3-AFD4-3BE4EDF32F77} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {4E1730B4-F696-4453-80F6-C9B6743835FE} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {58385222-8C18-47D2-94B7-9A6DDA8BF797} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-12-03] (CyberLink Corp.)
Task: {589A5DB3-4905-4363-B7C8-B9FD12934F8C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {59E25824-46D9-473D-BAB1-2915889B53AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {5C9248EF-0B06-41ED-B62C-898242678199} - System32\Tasks\Synaptics TouchPad Enhancements => Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {6EBD7945-471E-437C-9281-0BAB939F8D22} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001UA => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-10] (Google Inc.)
Task: {70D1C8C1-AD15-4C4D-AF81-EC8BAEC9C990} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {75F47BE2-F6BE-4EAB-85EE-1D32FF77550F} - System32\Tasks\IntelBootstrapCCDashServer => C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe [2012-07-13] (Intel® Corporation)
Task: {7B9E805C-AEAE-46D6-8CB9-0D6295FD3CFB} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {80161CE3-FD5D-4483-B25E-F2B6B22493AA} - System32\Tasks\Intel® Rapid Start Technology Manager => C:\Program Files (x86)\Intel\irstrt\RapidStartConfig.exe [2012-07-20] (Intel)
Task: {80FF3D51-9771-4C09-A17C-379FB161A6FF} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {844D17E6-0BE9-4C04-BDF8-B30D05866451} - \SystemToolsDailyTest -> No File <==== ATTENTION
Task: {86CADDF1-1C26-436F-B921-05BC4C599C42} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {86D0EAFD-511C-47EF-A349-F864996D5435} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {A7428B34-211F-4B11-A84E-87EBBC68C465} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {AC0CF069-CBE3-4504-AEC4-6AD7FD559596} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {AFFBB1E4-C357-4A1A-B866-945C585498A2} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-12-03] (CyberLink)
Task: {B8491981-3182-4331-96CD-154BABD3A5FB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {C00E0E6C-CA37-4B06-A685-2061C462E6EA} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {C03743CB-4E80-46DF-B876-E09195D66050} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {C0579B56-9F6A-46E1-94BD-4DB74577905B} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CB7785F3-543A-460B-8582-3CA02FE73439} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {CEF52B14-1D34-4A16-9C76-262BB1C4BF3B} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E37F6728-4A25-4ED7-BAA9-E78540B324F4} - System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core => C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== ATTENTION
Task: {E511C9C6-61BA-4107-BC01-B8BA0239AE07} - System32\Tasks\Dell\Dell System Registration => C:\Program Files (x86)\System Registration\prodreg.exe [2012-07-09] (Dell, Inc.)
Task: {F4FA4FF8-CC22-47E9-9D2C-BF683FA6BE9B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001Core => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-10] (Google Inc.)
Task: {FEE399C7-970A-40D3-8087-F437BD0B05B8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001Core.job => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1294961462-4170339457-2841224387-1001UA.job => C:\Users\patri_000\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-07-09 22:33 - 2015-07-09 22:33 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-09-10 00:08 - 2015-09-10 00:08 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-07-23 08:19 - 2013-10-23 14:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll
2014-03-25 16:26 - 2011-04-11 00:26 - 00034304 _____ () C:\WINDOWS\System32\spe__l.dll
2015-09-10 00:08 - 2015-09-10 00:08 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-11-06 08:39 - 2012-04-24 21:43 - 00254512 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-10-17 15:31 - 2015-10-17 15:31 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-15 13:58 - 2015-09-15 13:58 - 08901184 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-09 22:13 - 2015-07-09 22:13 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-17 15:31 - 2015-10-17 15:31 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-09-10 00:08 - 2015-09-10 00:08 - 02641760 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2015-09-10 00:08 - 2015-09-10 00:08 - 02108256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2015-10-29 12:57 - 2015-10-29 12:57 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-10-29 12:57 - 2015-10-29 12:57 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-11-24 15:45 - 2015-11-24 15:45 - 02994688 _____ () C:\Program Files\AVAST Software\Avast\defs\15112402\algo.dll
2015-11-25 14:31 - 2015-11-25 14:31 - 02995712 _____ () C:\Program Files\AVAST Software\Avast\defs\15112501\algo.dll
2015-10-29 12:58 - 2015-10-29 12:58 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-11-06 08:38 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-11-01 03:54 - 2015-11-01 03:54 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\c986c6671c3c54888ead5b238ef40475\PSIClient.ni.dll
2013-11-06 08:24 - 2012-06-25 13:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\samsungsetup.com -> hxxp://www.samsungsetup.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1294961462-4170339457-2841224387-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1374505D-E345-40C7-A812-2A513F0F91AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{B7B647A1-1EAD-4E0F-85CA-8943FA0BBCB5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{6FA4DC2F-FD83-4F85-8E02-231AB55111A9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D55706A4-B5ED-4CC0-BA28-7D02BE2ED5F8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D9247E77-2B17-42BF-9D72-A6153A1B9F6D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{64B73AEC-94AA-42F0-BD6B-06C093EFAF1A}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{39C4EDF2-6C34-44C5-B739-866D8E56FF4B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AB769E3C-6BF7-4A36-94D5-8B6B0435F310}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{101D150D-A79C-41EE-8951-70187C4A16B1}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{B546D163-FF5E-490A-8572-60D2213A3143}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{37FF098C-9300-4544-994B-0A00C6A1B18C}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{82535045-8407-43F1-B4CC-27817EE5DA1D}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{601990E4-F5D3-4BCC-8D21-11073A1836CA}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDashServer.exe
FirewallRules: [{94E2736A-2741-43B3-9EC7-76BA2A4C9996}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{481B07EE-FA39-4837-9CF4-9C7BC4D81E77}] => (Allow) C:\Program Files\Intel\CCDashboard\bin\CCDash.exe
FirewallRules: [{4E335B77-3A31-45DC-BB83-0054420B93C7}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{3323D84C-6EA8-4FB7-AE3F-96DBA97A3C93}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{70C87FE4-52C8-48DD-BA54-6E628658882F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{95E42DFA-64D9-4345-AD19-F549C8F268E0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{DB02B69D-EFEF-40CF-BB9D-A1869D118B6F}] => (Allow) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{28502CF3-4CA1-49CE-9AC9-E09CAFCEDD35}] => (Allow) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F40CBA17-CF9F-428E-8D25-660C6CC0AF96}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{E2B64BB9-59F0-4FA4-9446-FBF28B750585}] => (Allow) C:\Users\patri_000\AppData\Local\Temp\Ins59C\Setup.exe
FirewallRules: [{DCB3C96D-7BFF-4C64-BDF4-66EFB6BC980D}] => (Allow) C:\Users\patri_000\AppData\Local\Temp\Ins59C\Setup.exe
FirewallRules: [{B011ABDB-0252-49C7-B62E-6E36E5CB53F0}] => (Allow) C:\Users\patri_000\AppData\Local\Temp\Ins59C\Setup.exe
FirewallRules: [{7B248379-E510-4A66-A783-CACE2900FCFC}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{3FE6CB23-805F-4937-9370-DD15782D1449}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{117A4915-0453-4586-A16B-F27E3EFF9312}] => (Allow) LPort=2869
FirewallRules: [{C42911B1-092F-4793-B353-8D6D42F579A6}] => (Allow) LPort=1900
FirewallRules: [{4FBE19AC-7A10-4BD5-8548-614046AC03D2}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7B6B0A61-5DC2-451F-A729-D9905A83907C}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{C54D1572-3713-42A6-93E5-B1ADB28317A7}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{2AD1862A-3946-41B7-AE73-A8AA66CA96DA}] => (Allow) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{35428C8B-6491-4CD4-AFEF-94E759D21AFB}] => (Allow) C:\Users\patri_000\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{7A66CE37-14B8-4398-87F8-FB28792AC2E7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A95ADF5E-81A9-451D-8805-F2E52263F5E2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0832A76B-8DED-4145-9A9A-58FA8374C841}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{659DF796-7959-483D-B0E5-CFE5E599AD9F}] => (Block) C:\program files (x86)\skype\phone\skype.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/25/2015 05:47:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program iexplore.exe version 11.0.10240.16412 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 624
Start Time: 01d127b798cb6d60
Termination Time: 54
Application Path: C:\Program Files (x86)\Internet Explorer\iexplore.exe
Report Id: 8acdbf60-93c6-11e5-becf-681729f16340
Faulting package full name:
Faulting package-relative application ID:
Error: (11/25/2015 02:29:50 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (11/25/2015 02:29:50 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7084) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (11/25/2015 02:29:39 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (11/25/2015 02:29:39 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7084) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (11/25/2015 02:29:29 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (11/25/2015 02:29:29 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7084) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (11/25/2015 02:29:19 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Error: (11/25/2015 02:29:19 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (7084) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
Error: (11/25/2015 02:29:08 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (7084) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
System errors:
=============
Error: (11/25/2015 05:47:45 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
Error: (11/25/2015 05:45:34 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application User Notification Service service hung on starting.
Error: (11/25/2015 02:29:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 8 0x0 0x0
Error: (11/25/2015 02:29:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 4 0x0 0x0
Error: (11/25/2015 02:29:31 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 1 0xc 0x4
Error: (11/25/2015 02:25:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 2:03:36 PM on 11/25/2015 was unexpected.
Error: (11/25/2015 02:17:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 4 0x0 0x0
Error: (11/25/2015 02:17:11 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 1 0xc 0x4
Error: (11/25/2015 02:13:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 8 0x0 0x0
Error: (11/25/2015 02:13:26 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
Code: 4 0x0 0x0
CodeIntegrity:
===================================
Date: 2015-10-26 06:07:14.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-25 07:24:15.457
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:24:15.441
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\BubbleSound\BubbleSound.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:20:37.348
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:20:37.329
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:20:36.849
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:20:36.835
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:19:26.912
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:19:26.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imapo64.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-25 07:17:32.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\imthx64.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-3337U CPU @ 1.80GHz
Percentage of memory in use: 57%
Total physical RAM: 6010.51 MB
Available physical RAM: 2532.34 MB
Total Virtual: 7738.51 MB
Available Virtual: 4269.2 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:453.58 GB) (Free:192.93 GB) NTFS
Drive d: (Win8) (CDROM) (Total:2.14 GB) (Free:0 GB) UDF
Drive g: () (Removable) (Total:58.08 GB) (Free:58.08 GB) exFAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 76793D4F)
Partition: GPT.
========================================================
Disk: 1 (Size: 8 GB) (Disk ID: CA279B91)
Partition: GPT.
========================================================
Disk: 2 (Size: 58.1 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================