Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-12-2015 Ran by ronni (2015-12-05 10:28:28) Running from C:\Users\ronni\Desktop Windows 10 Pro (X64) (2015-11-30 01:45:20) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2076635440-3871483252-621631334-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2076635440-3871483252-621631334-503 - Limited - Disabled) Guest (S-1-5-21-2076635440-3871483252-621631334-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2076635440-3871483252-621631334-1004 - Limited - Enabled) ronni (S-1-5-21-2076635440-3871483252-621631334-1001 - Administrator - Enabled) => C:\Users\ronni ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Symantec Endpoint Protection.cloud (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Symantec Endpoint Protection.cloud (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Symantec Endpoint Protection.cloud (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1Password 4.6.0.592 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits) Acronis True Image 2016 (HKLM-x32\...\{64AB919C-28AA-4260-A147-1A88E53EE978}Visible) (Version: 19.0.6027 - Acronis) Acronis True Image 2016 (x32 Version: 19.0.6027 - Acronis) Hidden Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1 - Adobe Systems Incorporated) AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.) AirServer Universal (x64) (Version: 4.0.31 - App Dynamic) Hidden AirServer Universal (x64) 4.0.31 (HKLM-x32\...\{73d28dd8-64ca-4c40-970e-62004f8767d0}) (Version: 4.0.31 - AppDynamic ehf) Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Articulate Storyline 3 (HKLM-x32\...\{1b3fe3b3-ac80-44d7-afb1-85b749fe5cc7}) (Version: 3.0.40.0 - Articulate) Articulate Studio (HKLM-x32\...\{ed13b7e7-cb58-4627-946a-8c1fe92f82f3}) (Version: 5.0.40.0 - Articulate) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Chrome Remote Desktop Host (HKLM-x32\...\{CDF9E1C8-4B97-4F8B-A848-7DD0E8BEB89F}) (Version: 47.0.2526.18 - Google Inc.) Dell Command | Configure (HKLM-x32\...\{DF3680A9-B4C6-48D1-ACEF-0FF004446314}) (Version: 3.1.0.250 - Dell Inc.) Dell Command | Monitor (HKLM\...\{DF0B9A53-C87D-49F9-95E3-AEAAC8C4D77B}) (Version: 9.1.0.98 - Dell Inc.) Dell Command | Update (HKLM-x32\...\{EC542D5D-B608-4145-A8F7-749C02BE6D94}) (Version: 2.1.1 - Dell Inc.) Dell Precision Optimizer (HKLM-x32\...\{D66A3355-FEA4-4F60-8BAF-D6CBEDB396D8}) (Version: 03.00.06 - Dell Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden Droplr for Windows (HKLM\...\{910F803C-E7A2-4CFB-B516-07E57B459333}_is1) (Version: 3.0.4 - Droplr) f.lux (HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\Flux) (Version: - ) FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse) GitHub (HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\5f7eb300e2ea4ebf) (Version: 3.0.6.4 - GitHub, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.73 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HP Officejet Pro 8600 Basic Device Software (HKLM\...\{791A06E2-340F-43B0-8FAB-62D151339362}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Support Solutions Framework (HKLM-x32\...\{F6A11738-3EE4-4573-AEA5-6CD5D491C167}) (Version: 12.0.30.219 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.) Intel(R) Chipset Device Software (x32 Version: 10.1.2.8 - Intel(R) Corporation) Hidden Intel(R) Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden L8 Control Center Lite (HKLM-x32\...\{F055953B-0F13-4120-9933-6F858AED1C82}) (Version: 1.0.0 - SmartLight Inc.) L8 DFU Lite (HKLM-x32\...\{DCE54CCA-9BEA-489B-B17F-2B8ACE366692}) (Version: 1.1 - SmartLight Inc.) Maxx Audio Installer (x64) (Version: 2.6.6005.4 - Waves Audio Ltd.) Hidden Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Office Standard 2016 (HKLM\...\Office16.STANDARD) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Online Services Sign-in Assistant (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.60715 - Microsoft Corporation) Mozilla Firefox 41.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 en-US)) (Version: 41.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla) MyHarmony - 1 (HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech) NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation) NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA nView 146.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView) (Version: 146.33 - NVIDIA Corporation) NVIDIA WMI 2.22.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVWMI) (Version: 2.22.0 - NVIDIA Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Paprika Recipe Manager (HKLM-x32\...\{44E3DA6C-3794-4376-9DC6-6E3B9EF5300B}) (Version: 1.0.6 - Hindsight Labs LLC) Password Safe (HKLM-x32\...\Password Safe) (Version: - ) Pericom PI7C9X795x PCI Express UART Device (HKLM-x32\...\{3003CF95-F9AA-4999-8829-F0C253FDDE76}) (Version: 1.02.0426.2014 - Pericom Semiconductor Corporation) Postbox (4.0.8) (HKLM-x32\...\Postbox (4.0.8)) (Version: 4.0.8 (en-US) - Postbox, Inc.) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6075 - Realtek Semiconductor Corp.) ShellExtensionx64 (Version: 5.0.40.0 - Articulate) Hidden Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.) Slack (HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\slack) (Version: 1.2.7 - Slack Technologies) Snagit 9.1.3 (HKLM-x32\...\{5C47C8B6-77FF-4FC7-A388-66FCF9CFC24C}) (Version: 9.1.3.19 - TechSmith Corporation) Storyline (x32 Version: 3.0.40.0 - Articulate) Hidden Studio (x32 Version: 5.0.40.0 - Articulate) Hidden Symantec Endpoint Protection.cloud (x32 Version: 22.5.2.15 - Symantec Corporation) Hidden Symantec.cloud - Cloud Agent (Version: 2.03.71.2618 - Symantec Corporation) Hidden Symantec.cloud - Endpoint Protection (Version: 6.00.10.704 - Symantec Corporation) Hidden Symantec.cloud (HKLM\...\Symantec Hosted Services ARP) (Version: - Symantec Corporation) Synergy (64-bit) (HKLM\...\{68C1AA13-4370-4761-B53F-1862C2CE26CB}) (Version: 1.7.5 - The Synergy Project) Thunderbolt(TM) Software (HKLM-x32\...\{E265C71F-14DA-462C-A06A-CBA776B695F1}) (Version: 15.2.32.250 - Intel Corporation) Toolkit Documentation (x32 Version: 10.0.26624 - Microsoft) Hidden VMware Workstation (HKLM\...\{1D15EBBF-9FBE-43C1-B83C-4AA154D11E12}) (Version: 12.0.1 - VMware, Inc.) WD Access (HKLM-x32\...\{b63cacc5-a0ce-427f-88c1-0db455d5ab6c}) (Version: 1.0.5627.18840 - Western Digital Technologies, Inc.) WD Access (x32 Version: 1.0.5627.18840 - Western Digital Technologies, Inc) Hidden WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{CF54EA13-0BA9-426A-A296-D108C9DBEFF3}) (Version: 2.4.13.7 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{6E80972C-C76A-4CFB-AD8E-003BF777B7AA}) (Version: 2.4.13.7 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{30d59263-cfde-4ddb-9021-e280187620b2}) (Version: 2.4.13.7 - Western Digital Technologies, Inc.) Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{c09c49ab-d6a5-4543-bb31-639821977b42}) (Version: 10.0.26624 - Microsoft Corporation) Yubico Authenticator (HKLM-x32\...\yubioath-desktop) (Version: 2.3.0 - Yubico AB) Yubikey Client API (HKLM\...\{EDDC279F-4B94-4A9F-A2E9-E8421BBC2FA0}) (Version: 4.0.0 - Yubico) YubiKey Logon (HKLM\...\{75D38D93-162A-4FEA-80F2-390E8B4B1FB3}) (Version: 1.0.0.7 - Yubico AB) YubiKey NEO Manager (HKLM-x32\...\yubikey-neo-manager) (Version: 1.4.0 - Yubico AB) YubiKey Personalization Tool (HKLM-x32\...\yubikey-personalization-gui) (Version: 3.1.23 - Yubico AB) YubiKey PIV Manager (HKLM-x32\...\YubiKey PIV Manager) (Version: 1.1.1 - Yubico AB) Zoom (HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\ZoomUMX) (Version: 3.5 - Zoom Video Communications, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2076635440-3871483252-621631334-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-E5AB8EBF6D88}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-2076635440-3871483252-621631334-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\ronni\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2076635440-3871483252-621631334-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Restore Points ========================= 03-12-2015 07:47:04 Articulate Storyline 360 04-12-2015 12:07:50 Articulate Storyline 3 04-12-2015 12:09:10 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-22 17:24 - 2015-10-22 17:22 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B5CAB7E-0412-44A7-9AE5-7C5FE1EE40B5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {0E21FEFB-626B-4CB3-8B5B-0EF16DC7331F} - System32\Tasks\Endpoint Protection.cloud\Norton Error Analyzer => C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation) Task: {0FD34A41-BDD8-4798-B972-A9010347D7F9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-22] (Dropbox, Inc.) Task: {135A2E9B-D13F-4AC4-AE3E-E8788605904A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {3A531290-A9A5-4614-9D19-3238AAEC1A3C} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe Task: {3AF500A8-0A45-41CC-BF63-CE876A156745} - System32\Tasks\Dell\Command Update => C:\Program Files (x86)\Dell\CommandUpdate\DellCommandUpdate.exe [2015-11-05] (Dell Inc.) Task: {4715CD96-E41D-4065-BD31-221F0CF20BC6} - System32\Tasks\Endpoint Protection.cloud\Norton Autofix => C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation) Task: {5462AA80-41A5-441C-A6BA-FB3C2C437D67} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe Task: {54AEBAFE-F185-4F1C-BDFF-FAE7EC435DF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-09-28] (Hewlett-Packard) Task: {772E75E2-B98F-41E9-98F8-FAC44592CFCF} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-10-31] (Realtek Semiconductor) Task: {7B94207C-F729-4597-BCE6-C4057355D355} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-22] (Google Inc.) Task: {8428EBF2-D439-4D7E-9287-1BFFA403FA52} - System32\Tasks\Norton WSC Integration => C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\WSCStub.exe [2015-07-16] (Symantec Corporation) Task: {91580ABB-AFEC-43B0-8D62-D5A273574128} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-19] (Microsoft Corporation) Task: {9DFB90A5-92CD-4835-877D-F95A5886DF2B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {B8461540-1281-47B3-A470-052E106DA1CC} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => Sc.exe start ThunderboltService Task: {BF294D02-9125-465C-BDD1-A91671E5E6F3} - System32\Tasks\Dell\PPO SM Manual Update => C:\Program Files\Dell\PPO\DcsuWrap.exe [2015-09-15] (Dell Inc.) Task: {C61070A6-DE9D-4486-A7AA-F6EB87A9090A} - System32\Tasks\{C5D332FB-6D92-48CE-BFC9-5867A79EE00F} => launchwinapp.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=7.13.0.101&LastError=12002 Task: {D907C9EE-D155-44EC-9620-5AE2A6B73576} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {E0723824-728B-484A-AC0B-D641990BB814} - System32\Tasks\Endpoint Protection.cloud\Norton Error Processor => C:\Program Files\Symantec.cloud\EndpointProtectionAgent\Engine\22.5.2.15\SymErr.exe [2015-05-19] (Symantec Corporation) Task: {E20563C1-0008-4128-B444-698DB0B3C1F3} - System32\Tasks\HPCeeScheduleForronni => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: {E2500FDD-AF42-42C3-87D3-BFC13A61503D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-22] (Dropbox, Inc.) Task: {E2F6B24E-5653-4123-B0CF-C981DF5777B6} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe Task: {F36CAA42-3FE5-484C-901C-EB4C749BF2B3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-22] (Google Inc.) Task: {FBAFE34E-BC94-4F0E-B457-C1B5EB72A333} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\HPCeeScheduleForronni.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-10-22 21:03 - 2015-06-17 03:22 - 03163976 _____ () C:\WINDOWS\system32\nvwmi64.exe 2015-11-29 19:03 - 2015-07-22 19:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-10-13 04:45 - 2015-10-13 04:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-06-19 13:09 - 2015-06-19 13:09 - 01332792 _____ () C:\Program Files\Dell\Command Monitor\shared\bin\libxml2.dll 2015-11-19 20:19 - 2015-11-19 20:19 - 00311488 _____ () C:\Program Files\Synergy\synergyd.exe 2015-10-18 18:32 - 2015-10-18 18:32 - 12465856 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe 2015-10-30 01:17 - 2015-10-30 01:17 - 02652784 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-30 01:18 - 2015-10-30 03:07 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-30 01:17 - 2015-10-30 01:17 - 02652784 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-11-14 04:23 - 2015-11-14 04:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2015-10-27 03:46 - 2015-10-27 03:46 - 08901800 _____ () C:\Program Files\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2015-10-16 04:02 - 2015-10-16 04:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-10-26 09:42 - 2015-09-15 19:14 - 00076800 _____ () C:\Program Files\Droplr\extensions\DroplrShellContextMenu.dll 2015-10-22 21:03 - 2015-06-17 03:22 - 00714048 _____ () C:\Program Files\NVIDIA Corporation\nview\nvshell.dll 2015-10-30 01:17 - 2015-10-30 01:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-10-30 01:17 - 2015-10-30 01:17 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-30 01:17 - 2015-10-30 01:17 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2015-10-30 01:18 - 2015-10-30 03:07 - 08005632 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-30 01:18 - 2015-10-30 03:07 - 00936448 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2015-10-30 01:18 - 2015-10-30 03:07 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-30 01:18 - 2015-10-30 03:07 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-19 20:19 - 2015-11-19 20:19 - 00801984 _____ () C:\Program Files\Synergy\synergyc.exe 2015-11-29 22:03 - 2015-11-29 22:04 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-11-14 04:22 - 2015-11-14 04:22 - 31401120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2015-11-19 13:26 - 2015-11-19 13:27 - 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll 2015-11-19 13:26 - 2015-11-19 13:27 - 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll 2015-11-26 11:13 - 2015-11-26 11:13 - 07211112 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe 2015-12-03 18:07 - 2015-12-03 18:11 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2015-12-03 18:07 - 2015-12-03 18:11 - 11526656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2015-11-19 13:28 - 2015-11-19 13:28 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1201.10020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2015-12-03 17:57 - 2015-12-03 17:58 - 00011776 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.3350.0_x64__8wekyb3d8bbwe\PeopleApp.exe 2015-12-03 17:57 - 2015-12-03 17:58 - 08346112 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.3350.0_x64__8wekyb3d8bbwe\PeopleApp.dll 2015-12-03 17:57 - 2015-12-03 17:59 - 00125440 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.3350.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll 2015-12-03 17:57 - 2015-12-03 17:59 - 03368448 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.3350.0_x64__8wekyb3d8bbwe\PeopleShared.Windows.dll 2015-12-03 17:57 - 2015-12-03 17:57 - 01267200 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.3350.0_x64__8wekyb3d8bbwe\BackgroundTasks.Windows.dll 2015-12-03 17:57 - 2015-12-03 18:00 - 00334848 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.0.3350.0_x64__8wekyb3d8bbwe\PersonPicture.UAP.dll 2015-10-16 04:02 - 2015-10-16 04:02 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2015-10-18 18:32 - 2015-10-18 18:32 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll 2015-10-18 18:32 - 2015-10-18 18:32 - 00165056 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll 2015-10-18 18:32 - 2015-10-18 18:32 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll 2015-10-18 18:32 - 2015-10-18 18:32 - 00388800 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll 2015-10-22 19:31 - 2015-04-28 08:50 - 00376832 _____ () C:\Program Files (x86)\1Password 4\js3215R.dll 2015-11-29 22:03 - 2015-11-29 22:04 - 00152064 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-11-29 22:03 - 2015-11-29 22:05 - 18906624 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_1.11.19004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-11-25 19:35 - 2015-11-25 19:35 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2015-11-25 19:35 - 2015-11-25 19:35 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2015-11-25 19:35 - 2015-11-25 19:35 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2015-11-25 19:35 - 2015-11-25 19:35 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2015-11-25 13:22 - 2015-11-25 13:22 - 00158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll 2015-11-25 19:35 - 2015-11-25 19:35 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2015-11-25 19:48 - 2015-11-25 19:48 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node 2015-11-25 19:48 - 2015-11-25 19:48 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node 2015-11-25 19:48 - 2015-11-25 19:48 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node 2015-11-25 19:48 - 2015-11-25 19:48 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2015-11-25 13:15 - 2015-11-25 13:15 - 00158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll 2015-11-25 19:48 - 2015-11-25 19:48 - 00085504 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\bufferutil.node 2015-11-25 19:48 - 2015-11-25 19:48 - 00086016 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ws\build\Release\validation.node 2015-11-25 19:48 - 2015-11-25 19:48 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node 2015-11-26 10:40 - 2015-11-26 10:40 - 00035760 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll 2015-11-26 10:42 - 2015-11-26 10:42 - 00445872 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2015-11-26 10:36 - 2015-11-26 10:36 - 00115632 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll 2015-11-26 11:07 - 2015-11-26 11:07 - 19884832 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers.dll 2015-11-26 10:43 - 2015-11-26 10:43 - 00056752 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\rpc_client.dll 2015-08-11 14:36 - 2015-08-11 14:36 - 00024896 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\core_workers_shared_context.dll 2015-11-26 11:13 - 2015-11-26 11:13 - 04093976 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\atih_mms_addon.dll 2015-08-23 14:59 - 2015-08-23 14:59 - 00606672 _____ () C:\Program Files (x86)\Common Files\Acronis\Infrastructure\sqlite3.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\ronni\Desktop\Different Languages to test with (Ronnie's Org. Copy).docx:com.dropbox.attributes AlternateDataStreams: C:\Users\ronni\Desktop\WSS - SL1 Backup.story:com.dropbox.attributes AlternateDataStreams: C:\Users\ronni\Documents\StorylineBVT.story:com.apple.metadatakMDItemDownloadedDate AlternateDataStreams: C:\Users\ronni\Documents\StorylineBVT.story:com.apple.metadatakMDItemWhereFroms AlternateDataStreams: C:\Users\ronni\Documents\StorylineBVT.story:com.apple.quarantine ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\amikay.com -> hxxp://utm.amikay.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\amikay.com -> hxxps://utm.amikay.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\cleverreach.com -> hxxp://novastor.cleverreach.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\desk.com -> hxxp://desk.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\desk.com -> hxxps://desk.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\google-analytics.com -> hxxp://google-analytics.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\google-analytics.com -> hxxps://google-analytics.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\google.com -> hxxp://google.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\google.com -> hxxps://google.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\monitor-eqatec.com -> hxxp://monitor-eqatec.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\monitor-eqatec.com -> hxxps://monitor-eqatec.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\netsuite.com -> hxxp://netsuite.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\netsuite.com -> hxxps://netsuite.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\novabackup.com -> hxxp://novabackup.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\novabackup.com -> hxxps://novabackup.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\novabackup.de -> hxxp://novabackup.de IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\novabackup.de -> hxxps://novabackup.de IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\novastor.com -> hxxp://novastor.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\novastor.com -> hxxps://novastor.com IE trusted site: HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\novastor.de -> hxxp://novastor.de There are 3 more sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2076635440-3871483252-621631334-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: YSearchUtilSvc => 2 HKU\S-1-5-21-2076635440-3871483252-621631334-1001\...\StartupApproved\Run: => "CudaDrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{AF4E748F-28F8-4873-B9A6-DAB573258A12}] => (Allow) C:\Program Files\Synergy\synergys.exe FirewallRules: [{3608E620-7FE8-4FE8-BDC7-9D193E802D04}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{6AD3FD4E-C8FB-48FA-8F6C-DE88ED2A2FC4}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{0C67ED51-47A6-4CC7-B8D7-FCC8A5BD181C}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{3784BED8-1A5A-4254-BE0B-CADC87AF9D42}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{367381CB-D2B0-41E4-B27B-408EA0C630DD}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{49127C6E-58A9-4A47-AB5D-069D8DA47FF6}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\47.0.2526.18\remoting_host.exe FirewallRules: [{9AC218BC-1EF3-4CD9-985A-A92E3402FB28}] => (Allow) C:\Program Files\CudaDrive\CudaDrive.exe FirewallRules: [{C2C77E74-EB26-4137-AFF3-0F2BCC49514A}] => (Allow) C:\Program Files\CudaDrive\CudaDrive.exe FirewallRules: [{7C4FBE8A-C532-40CE-A128-3EAAA1097915}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{5D7F7DC8-F768-4EFA-85E7-B3EBE1FC5412}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{7B6671F8-91D3-4728-9EB4-B6E8478472DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FEE3B898-0936-46DB-BEC6-8506BEA11C53}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{74747F6B-52B8-4B3C-BC87-8FE6330A70C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{31B4B241-8390-4F46-B19C-99DDDDA50E54}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Allow) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe FirewallRules: [TCP Query User{F2F81AC9-316A-4B04-AF80-E6E3DA9E37AF}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Allow) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe FirewallRules: [{A4BC56BD-CDE6-4FD2-8AA0-49DB0CF02ABE}] => (Allow) C:\Program Files (x86)\AirPort\APAgent.exe FirewallRules: [{5A5F9B00-D748-4709-8318-A33B829C2A07}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe FirewallRules: [{07B37D65-65A7-4B47-9E19-9297C5CDD390}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe FirewallRules: [{89750EC5-DAB2-49B7-B3D6-F4DAF49D87E5}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{59BBB347-C801-45BA-B0BE-630D3B138029}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe FirewallRules: [{F7C7DE0B-7BA7-4AF6-9B66-8B6828F38ACA}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe FirewallRules: [{E1BAC570-15E5-4359-B6CF-462123A3C854}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe FirewallRules: [{762F7F3C-5E5F-4AF7-8353-D8AC9E98F90F}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe FirewallRules: [{0117124E-CFB8-44A0-BFCF-60A36311366E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe FirewallRules: [{650134A6-BAEE-4F28-9993-5E7221C0DA2C}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe FirewallRules: [{6D107773-EF07-4CB7-8BD0-CF4EC8751568}] => (Allow) C:\Program Files\App Dynamic\AirServer\AirServer.exe FirewallRules: [{60DD9BD4-1572-492D-8F97-CEB915BA443D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{91C07DF0-7979-45A6-B072-2FE6D23C68F7}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{F293A704-6105-478C-AD6D-F66FE1BDE0EC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{7D4D9510-386B-4563-8F17-9CFCE2DB5B8D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{3C1AE6E0-5AC6-4998-9F5B-A0C231352A22}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{FA82613B-5D71-49D1-B849-31915CC9848D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{DDBBEE37-666D-4A8B-B3BB-10620BB69E00}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{9DBB8E4A-3BF3-4D5E-AD67-4401F9A7AFB0}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{E67DAE4E-011D-41FD-B3A2-9796CEB948DB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B6DC5DB3-09FD-4BDA-A386-B3446EC993CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{613ED860-6DC6-48FF-A99C-B01AE48C4892}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{D193D01C-46F8-4EB7-A4C0-C10BBC462665}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4A5C8B4B-4E6E-48AD-98D2-617A0EA14990}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{C3079843-5B38-4ED7-B575-F2A7736E7383}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/05/2015 05:04:01 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418220 Error: (12/04/2015 07:04:40 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/04/2015 07:04:40 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/04/2015 07:04:40 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/04/2015 12:31:57 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/04/2015 12:31:57 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/04/2015 12:31:52 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/04/2015 12:31:52 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/04/2015 12:31:50 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (12/04/2015 12:31:49 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4"1". Dependent Assembly Articulate.Drawing.Internal,processorArchitecture="x86",type="win32",version="2.30.0.4" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (12/04/2015 05:07:34 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 10 Version 1511 for x64-based Systems (KB3122947). Error: (12/04/2015 03:28:38 AM) (Source: DCOM) (EventID: 10016) (User: DELL-PRECISION7) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}DELL-PRECISION7ronniS-1-5-21-2076635440-3871483252-621631334-1001LocalHost (Using LRPC)Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbweS-1-15-2-1609473798-1231923017-684268153-4268514328-882773646-2760585773-1760938157 Error: (12/03/2015 01:45:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Acronis Nonstop Backup Service service terminated unexpectedly. It has done this 1 time(s). Error: (12/02/2015 02:16:52 PM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (12/02/2015 01:30:50 PM) (Source: DCOM) (EventID: 10010) (User: DELL-PRECISION7) Description: {E844CD23-864D-4921-B18B-ED60A150E112} Error: (12/01/2015 05:40:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The DSM SA Data Manager service terminated unexpectedly. It has done this 1 time(s). Error: (12/01/2015 05:40:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Windows Modules Installer service terminated with the following error: %%16389 Error: (12/01/2015 05:40:00 PM) (Source: DCOM) (EventID: 10010) (User: DELL-PRECISION7) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (12/01/2015 05:39:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_5f8c08f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (12/01/2015 05:39:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_5f8c08f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2015-12-01 03:10:30.353 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-29 19:38:42.862 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-29 19:38:17.469 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2015-11-29 19:02:00.608 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Xeon(R) CPU E5-2630 v3 @ 2.40GHz Percentage of memory in use: 27% Total physical RAM: 16308.14 MB Available physical RAM: 11844.31 MB Total Virtual: 19252.14 MB Available Virtual: 14092.29 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:874.24 GB) (Free:485.84 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 559B5A2B) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=11.7 GB) - (Type=27) Partition 3: (Not Active) - (Size=874.2 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================