Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-07-2016 Ran by Barbara (2016-08-02 00:10:58) Running from C:\Users\Barbara\Desktop\FIXITPC.PL\frst Windows 10 Home Version 1511 (X64) (2016-03-17 12:13:20) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-847376195-2476872231-1730056214-500 - Administrator - Disabled) ASPNET (S-1-5-21-847376195-2476872231-1730056214-1004 - Limited - Enabled) Barbara (S-1-5-21-847376195-2476872231-1730056214-1001 - Administrator - Enabled) => C:\Users\Barbara DefaultAccount (S-1-5-21-847376195-2476872231-1730056214-503 - Limited - Disabled) Guest (S-1-5-21-847376195-2476872231-1730056214-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-847376195-2476872231-1730056214-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 15.14 (HKLM-x32\...\{23170F69-40C1-2701-1514-000001000000}) (Version: 15.14.00.0 - Igor Pavlov) 7-Zip 15.14 (x64) (HKLM\...\7-Zip) (Version: 15.14 - Igor Pavlov) 7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - ) Accountants' Dataset Manager (HKLM-x32\...\InstallShield_{A4FDE0D3-49D8-4C18-95CD-CC620848B25A}) (Version: 3.00.0000 - Sage (UK) Ltd) Accountants' Dataset Manager (x32 Version: 3.00.0000 - Sage (UK) Ltd) Hidden Accounts (x32 Version: 16.0.14.147 - Sage (UK) Ltd) Hidden Accounts (x32 Version: 17.0.12.196 - Sage (UK) Ltd) Hidden Accounts (x32 Version: 18.0.10.208 - Sage (UK) Ltd) Hidden Accounts (x32 Version: 19.0.11.260 - Sage (UK) Ltd) Hidden Accounts (x32 Version: 20.0.9.320 - Sage (UK) Ltd) Hidden Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated) Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.3.0 - IObit) Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.8.1245.73583 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 4.8.1245.73583 - Alcor Micro Corp.) Hidden Andica SA800 Partnership 2015 (HKLM-x32\...\{E08B2014-C768-4D44-9B92-8EA0DA072596}) (Version: 15.00.1000 - Andica Limited) Asterisk Key 10.0 (HKLM-x32\...\asterisk key) (Version: - ) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Avast Internet Security (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software) Balabolka (HKLM-x32\...\Balabolka) (Version: 2.11.0.598 - Ilya Morozov) Basic PAYE Tools (HKLM-x32\...\Basic PAYE Tools - Real Time Information) (Version: 14.1.14168.197 - HM Revenue & Customs) BlackBerry 10 Desktop Software (Blend, Link, Drivers) (HKLM-x32\...\{c33e77db-89b5-4abf-a1d1-97f8b35347e1}) (Version: 1.2.0.52 - BlackBerry) BlackBerry Blend (x32 Version: 1.2.0.50 - BlackBerry Ltd.) Hidden BlackBerry Communication Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Device Drivers (x32 Version: 8.0.0.143 - BlackBerry Ltd.) Hidden BlackBerry Link (x32 Version: 1.2.4.39 - BlackBerry) Hidden BlackBerry Link Remover (x32 Version: 1.2.4.0 - BlackBerry Ltd.) Hidden Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.4.4 - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.7.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 5.1.0 - Canon Inc.) Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.) Canon MG5600 series On-screen Manual (HKLM-x32\...\Canon MG5600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.) Canon MG5600 series User Registration (HKLM-x32\...\Canon MG5600 series User Registration) (Version: - ‭Canon Inc.) Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.) Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.) Canon MG5700 series User Registration (HKLM-x32\...\Canon MG5700 series User Registration) (Version: - ‭Canon Inc.) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.3.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.2.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.6.1 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.20 - Piriform) Citrix Online Launcher (HKLM-x32\...\{09DA5EE2-7E46-4DC4-96F9-BFEE50D40659}) (Version: 1.0.408 - Citrix) Classic Shell (HKLM\...\{D4B3454F-7529-4F5F-851D-2C36933F7D64}) (Version: 4.2.5 - IvoSoft) Driver Booster 3.3 (HKLM-x32\...\Driver Booster_is1) (Version: 3.3 - IObit) Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.43.1 - Dropbox, Inc.) Hidden DTS Sound (HKLM-x32\...\{793B70D2-41E9-46AB-9DDC-B34C99D07DB5}) (Version: 1.02.4100 - DTS, Inc.) EBankingCoreTestInstaller (HKLM-x32\...\{76A94B09-345D-4778-AC70-AD7486466727}) (Version: 4.0.74.0 - Sage (UK) Limited) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.82 - Google Inc.) Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GoToMeeting 7.20.0.5174 (HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\GoToMeeting) (Version: 7.20.0.5174 - CitrixOnline) IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT) Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.3.0.142 - IObit) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation) K-Lite Codec Pack 10.4.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.4.5 - ) LibreOffice 5.1.4.2 (HKLM-x32\...\{D5D4AC5C-C757-4EB2-857C-B021DB22482C}) (Version: 5.1.4.2 - The Document Foundation) Malwarebytes Anti-Malware wersja 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) NVDA (HKLM-x32\...\NVDA) (Version: 2016.2.1 - NV Access) Odkurzacz (HKLM-x32\...\Odkurzacz 14.0_is1) (Version: 14.0.0.4000 - FranmoSoftware - Maciej Opaliñski) Opera Stable 36.0.2130.59 (HKLM-x32\...\Opera 36.0.2130.59) (Version: 36.0.2130.59 - Opera Software) PDF Split And Merge Basic (HKLM-x32\...\{9A40D2F8-9458-458B-95E3-B57797C574E1}) (Version: 2.2.4 - Andrea Vacondio) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.300 - Qualcomm Atheros) Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.21 - Qualcomm Atheros Inc.) QuickBooks (HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\QBWinClient) (Version: 1.3.0.168 - Intuit Inc.) QuickBooks Pro 2015 (HKLM-x32\...\{8F02EFA1-8F5E-4E47-A6B5-D99E4FE90271}) (Version: 25.0.4007.2506 - Intuit Limited) QuickBooks Runtime Redistributable (HKLM\...\{F2A4F809-2DE6-4D27-888B-4D2BB8DAF20E}) (Version: 1.00.0000 - Intuit Inc.) Rapport (x32 Version: 3.5.1507.113 - Trusteer) Hidden Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden Sage 50 Accounts 2010 (HKLM-x32\...\InstallShield_{7061F715-D782-4120-A034-2B4B4F28CC1D}) (Version: 16.0.14.147 - Sage (UK) Ltd) Sage 50 Accounts 2011 (HKLM-x32\...\InstallShield_{4D21F997-85AD-42D2-986F-D91C4836438D}) (Version: 17.0.12.196 - Sage (UK) Ltd) Sage 50 Accounts 2012 (HKLM-x32\...\InstallShield_{EFC6C877-6E77-4E3B-B350-DF4F35D66B51}) (Version: 18.0.10.208 - Sage (UK) Ltd) Sage 50 Accounts 2013 (HKLM-x32\...\InstallShield_{45ECE61A-C8EE-4847-852C-6E8A8192D424}) (Version: 19.0.11.260 - Sage (UK) Ltd) Sage 50 Accounts 2014 (HKLM-x32\...\InstallShield_{2F43F76F-8108-4F39-8DB5-C2C0FA215889}) (Version: 20.0.9.320 - Sage (UK) Ltd) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype Web Plugin (HKLM-x32\...\{D675FB66-8B6B-4950-A38E-D5BB32AF283D}) (Version: 7.15.0.49 - Skype Technologies S.A.) Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.) Smart Defrag 5 (HKLM-x32\...\Smart Defrag_is1) (Version: 5.1.0 - IObit) Software Informer 1.4.1303.0 (HKLM\...\Software Informer_is1) (Version: - Informer Technologies, Inc.) Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited) Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 2.4.0.1 - IObit) Stellar Phoenix Outlook PST Repair (HKLM\...\Stellar Phoenix Outlook PST Repair_is1) (Version: 5.0.0.0 - Stellar Information Technology Pvt Ltd.) Superb Game Boost 3.0 (HKLM-x32\...\SuperbGameBoost_is1) (Version: 3.0 - ) SupportSoft Assisted Service (HKLM-x32\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft) Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.24.9 - Synaptics Incorporated) System Mechanic (HKLM-x32\...\InstallShield_{49DCB5CB-235B-4A14-BD8E-1E9FC1B0311C}) (Version: 16.0.0.485 - iolo technologies, LLC) System Mechanic (x32 Version: 16.0.0.485 - iolo technologies, LLC) Hidden Szafir Host 1.0.4 (HKLM-x32\...\{C88DF3AC-BEDD-4264-8860-4782412B6EFE}) (Version: 1.0.4 - Krajowa Izba Rozliczeniowa S.A.) TaxCalc (HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\TaxCalcHub) (Version: 5.0.105 - Acorah Software Products) TaxCalc 2009 (HKLM-x32\...\TaxCalc 2009) (Version: - ) TOSHIBA Addendum (HKLM-x32\...\{CE0374A6-B204-4336-8293-63FBB1DADBF4}) (Version: 1.00 - TOSHIBA) TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.18.6 - Toshiba Corporation) TOSHIBA Battery Check Utility (HKLM-x32\...\{5468E297-7EF8-4CB3-A091-F8714147793F}) (Version: 1.00.01.01 - Toshiba Corporation) TOSHIBA Display Utility (HKLM\...\{0B39C39A-3ECE-4582-9C91-842D22819A24}) (Version: 2.0.1.0 - Toshiba Corporation) TOSHIBA eco Utility (HKLM\...\{72EFCFA8-3923-451D-AF52-7CE9D87BC2A1}) (Version: 3.0.0.6406 - Toshiba Corporation) TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA) TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.344 - Toshiba Corporation) TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 4.02.00.6400 - Toshiba Corporation) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation) TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation) TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0030 - Toshiba Corporation) TOSHIBA System Settings (HKLM\...\{B040D5C9-C9AA-430A-A44E-696656012E61}) (Version: 3.0.6.6401 - Toshiba Corporation) TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation) Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.2 - Toshiba Europe GmbH) TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.50.2 - Toshiba Corporation) Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.104 - Trusteer) VC12X64Redist (HKLM\...\{B573CC21-AE24-4BC5-9B0B-15CF29A3F982}) (Version: 1.00.0000 - Intuit Inc.) VC12X86Redist (HKLM-x32\...\{EA9886ED-21F8-4867-A049-CE6817291EE6}) (Version: 1.00.0000 - Intuit Inc.) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) Wondershare PDF to Word (Build 4.1.0) (HKLM-x32\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.1.0 - Wondershare Software) Wondershare PDFelement(Build 5.5.4) (HKLM-x32\...\{5CA0183F-6D90-4615-91A5-F1A8A2014E83}_is1) (Version: 5.5.4.5 - Wondershare Software Co.,Ltd.) X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.7.4 - X Codec Pack team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-847376195-2476872231-1730056214-1001_Classes\CLSID\{08664A1F-F1E4-45CD-AA12-9A8A9AC99B84}\localserver32 -> C:\Users\Barbara\AppData\Local\SkypePlugin\7.15.0.49\GatewayVersion-x64.exe (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-847376195-2476872231-1730056214-1001_Classes\CLSID\{501A1BB3-6F67-4394-8B2C-3AFAAEC7B0EB}\InprocServer32 -> C:\Users\Barbara\AppData\Local\SkypePlugin\7.15.0.49\GatewayActiveX-x64.dll (Skype Technologies S.A.) CustomCLSID: HKU\S-1-5-21-847376195-2476872231-1730056214-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Barbara\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-847376195-2476872231-1730056214-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-847376195-2476872231-1730056214-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Barbara\AppData\Local\Citrix\GoToMeeting\5102\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-847376195-2476872231-1730056214-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Barbara\AppData\Local\SkypePlugin\7.15.0.49\EdgeCalling.exe (Skype Technologies S.A.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0039BEFD-1F57-4E1B-B91C-61B48EEAB443} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {0958C831-9B5C-4B40-B20C-B66532291453} - System32\Tasks\G2MUploadTask-S-1-5-21-847376195-2476872231-1730056214-1001 => C:\Users\Barbara\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.) Task: {1524180D-2778-4DE5-A227-15D8B38617C0} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-07-18] (Toshiba Europe GmbH) Task: {15689300-F6EA-4500-A0F2-6DA28A5503F2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-15] (Dropbox, Inc.) Task: {1B40192E-A8AF-40C9-8666-09CC1F4EBEB7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {1DC02F7A-2157-4657-A9B4-D2F5B3C3158F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {2139DC8A-588A-42E1-A3EE-D189DDF30964} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {26B6292E-6E58-45B9-B357-7C86A0B72518} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation) Task: {26F7F611-5AD6-41EB-B75D-A9EB332A082F} - System32\Tasks\G2MUpdateTask-S-1-5-21-847376195-2476872231-1730056214-1001 => C:\Users\Barbara\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.) Task: {2EC2BB9B-FB44-4D57-8F49-3CF7238F77A3} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-847376195-2476872231-1730056214-1001UA => C:\Users\Barbara\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-05] (Dropbox, Inc.) Task: {30F4805B-1F6B-4AB1-AEC9-3693B8B59D92} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {31697985-E424-48FF-B52E-0117DA0CDC25} - System32\Tasks\Uninstaller_SkipUac_Barbara => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-05-12] (IObit) Task: {31D9D8A5-3534-4E05-B9C8-88140CBC19FD} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2015-06-12] (TOSHIBA Corporation) Task: {331F6719-2A83-46DB-B6EC-B0AE5C1110C5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-11] (AVAST Software) Task: {37818E9D-CFE6-4F19-942A-72C673D9E61C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated) Task: {411FEB89-4C4E-4B37-B5E4-790C372F524C} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag\SmartDefrag.exe [2016-06-13] (IObit) Task: {44B117C4-60DD-4B6F-8802-D8E37E6A02D2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-13] (Google Inc.) Task: {4DD7BB2B-5E2C-4F36-892F-B005EA0E9CD3} - System32\Tasks\SafeZone scheduled Autoupdate 1450819807 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software) Task: {52421A9B-1110-40CB-B366-7F5F73D43414} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {59D8C78A-3D76-4137-9C9B-DF8924208D7D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {6413514E-8F8E-4B56-BC02-D3A9BB82D280} - System32\Tasks\ioloToaster => C:\Program Files (x86)\iolo\System Mechanic\ioloToaster.exe [2016-07-20] (iolo technologies, LLC) Task: {66AB0BED-CC54-4B8A-8162-D76D2105061D} - System32\Tasks\iolo Process Governor => C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe [2016-06-28] (iolo technologies, LLC) Task: {68F0AE55-B512-4692-A0F5-CD7F8E4E33C4} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-03-28] (IObit) Task: {6A634026-28CF-4CE2-8555-B21A87759452} - System32\Tasks\dts_apo_service_task => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_task.exe [2015-05-27] () Task: {6F6BB055-7421-482A-A32C-7CD000CA9DB8} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {77EB5C51-E5B7-4264-BB0B-DEE849A8CD46} - System32\Tasks\budzik => C:\Users\Barbara\Desktop\Downloads\All_About_That_Bass_-_Meghan_Trainor_(Zaras_Wyss_Official_Cover)_By_ZarasWyss.mp3 [2015-07-02] () Task: {7CD870E0-95AD-49C9-909D-F8F91CF705CD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {7F1A691D-D9A7-4E57-B013-DDACC4F7029C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {8033E920-D7B1-4FB3-B553-9CF12DA082DD} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {8961C88E-6DBB-4CE0-A98B-F045EDD277F2} - System32\Tasks\ioloActiveCare => C:\Program Files (x86)\iolo\System Mechanic\SystemMechanic.exe [2016-07-20] (iolo technologies, LLC) Task: {8C00FEE1-9E9E-49A9-9A4B-16CE131DE275} - System32\Tasks\Opera scheduled Autoupdate 1411684083 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-04] (Opera Software) Task: {9AFEFCDC-11C6-4DFD-8F8B-44B8474400EE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {A38EBA28-CB87-4886-B8E7-1315F15CA245} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-13] (Google Inc.) Task: {A608B642-4619-4AAD-8300-89463F5E588F} - System32\Tasks\SmartDefrag_AutoAnalyze => C:\Program Files (x86)\IObit\Smart Defrag\AutoDefrag.exe [2016-06-06] (IObit) Task: {B0BA3E3E-BB20-490B-B9EF-692B348798BF} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-847376195-2476872231-1730056214-1001Core => C:\Users\Barbara\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-05] (Dropbox, Inc.) Task: {B8148CCF-ED84-4DC0-B997-E2B0EE95FD31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-23] (Adobe Systems Incorporated) Task: {C934A6A7-6BF1-4C02-A1C8-5B325385DFB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-07-13] (Piriform Ltd) Task: {C93F6A9F-C901-42B1-BF60-EA41C352E402} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-847376195-2476872231-1730056214-1001 Task: {CFC71A76-F39C-4779-BE9A-E60B42196AB2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {D3879419-E054-49F9-8D21-3D631D8B5A3C} - System32\Tasks\avastBCLRestartS-1-5-21-847376195-2476872231-1730056214-1001 => Chrome.exe Task: {D7366747-FA1D-4616-B5DD-A02DC5A426A1} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2016-05-06] (IObit) Task: {D79E362F-8A95-4E26-BAFF-18DD6231F342} - System32\Tasks\ASC9_SkipUac_Barbara => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2016-05-16] (IObit) Task: {D97926F2-6170-4D1D-92F5-2F893F235D68} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-04-15] (Dropbox, Inc.) Task: {DE383B94-ACFA-431A-BB28-21B6399BF5A5} - System32\Tasks\SmartDefrag_Update => C:\Program Files (x86)\IObit\Smart Defrag\AutoUpdate.exe [2016-06-01] (IObit) Task: {E58C2308-E574-4B8F-8AE3-929D94F58BF9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-07-14] (Microsoft Corporation) Task: {EA9DF03A-1AC2-45AD-9B1E-EA9BF2EB0C30} - System32\Tasks\Driver Booster SkipUAC (Barbara) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-04-01] (IObit) Task: {EC82227D-7B2A-459F-9855-74CF3AC48B57} - System32\Tasks\Driver Booster Beta SkipUAC (Barbara) => C:\Program Files (x86)\IObit\Driver Booster Beta\DriverBooster.exe Task: {F7A982F8-31B2-4224-8D67-2E0E7C56DA09} - System32\Tasks\ioloSmartUpdater => C:\Program Files (x86)\iolo\System Mechanic\ioloSmartUpdater.exe [2016-07-20] (iolo technologies, LLC) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\ASC9_SkipUac_Barbara.job => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-847376195-2476872231-1730056214-1001Core.job => C:\Users\Barbara\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-847376195-2476872231-1730056214-1001UA.job => C:\Users\Barbara\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-847376195-2476872231-1730056214-1001.job => C:\Users\Barbara\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-847376195-2476872231-1730056214-1001.job => C:\Users\Barbara\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Barbara.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/ Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum Shortcut: C:\Users\Barbara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.7.4\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/ ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-12 19:11 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-20 08:56 - 2016-04-20 08:57 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-07-12 19:11 - 2016-07-01 05:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-07-12 19:12 - 2016-07-01 04:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-12 19:11 - 2016-07-01 04:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-07-12 19:12 - 2016-07-01 04:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-12 19:12 - 2016-07-01 04:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-03-17 12:01 - 2016-03-17 12:01 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-12 19:15 - 2016-07-01 04:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-05-27 12:46 - 2015-05-27 12:46 - 00019960 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2016-05-11 15:52 - 2016-05-11 15:52 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-05-11 15:52 - 2016-05-11 15:52 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-08-01 19:11 - 2016-08-01 19:11 - 03002880 _____ () C:\Program Files\AVAST Software\Avast\defs\16080102\algo.dll 2016-05-11 15:52 - 2016-05-11 15:52 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-05-11 15:52 - 2016-05-11 15:52 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll 2016-01-26 23:16 - 2015-11-06 13:05 - 00618784 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2016-06-29 09:49 - 2016-01-11 17:03 - 00899872 _____ () C:\Program Files (x86)\IObit\Smart Defrag\webres.dll 2016-06-29 09:49 - 2016-01-11 17:02 - 00630048 _____ () C:\Program Files (x86)\IObit\Smart Defrag\ProductStatistics.dll 2016-05-26 23:19 - 2015-12-23 18:32 - 00355616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl 2016-05-26 23:19 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl 2016-05-26 23:19 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl 2016-04-20 08:56 - 2016-04-20 08:57 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-20 08:56 - 2016-04-20 08:57 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-01-26 23:16 - 2015-11-06 13:05 - 00348960 _____ () C:\Program Files (x86)\IObit\Classic Start\madExcept_.bpl 2016-01-26 23:16 - 2015-11-06 13:04 - 00183584 _____ () C:\Program Files (x86)\IObit\Classic Start\madBasic_.bpl 2016-01-26 23:16 - 2015-11-06 13:04 - 00050976 _____ () C:\Program Files (x86)\IObit\Classic Start\madDisAsm_.bpl 2016-01-26 23:16 - 2015-11-06 13:05 - 00268920 _____ () C:\Program Files (x86)\IObit\Classic Start\sqlite3.dll 2016-01-26 23:16 - 2015-11-06 13:05 - 00053024 _____ () C:\Program Files (x86)\IObit\Classic Start\parseAuto.dll 2016-01-26 23:16 - 2015-11-06 13:05 - 00618784 _____ () C:\Program Files (x86)\IObit\Classic Start\ProductStatistics.dll 2016-01-26 23:16 - 2015-11-06 13:05 - 00041248 _____ () C:\Program Files (x86)\IObit\Classic Start\winkey.dll 2016-05-26 23:19 - 2015-12-23 18:32 - 00190240 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2016-05-26 23:19 - 2015-12-23 18:32 - 00057632 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2015-12-21 19:24 - 2015-12-21 19:24 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2016-08-01 23:46 - 2016-08-01 23:46 - 00098816 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32api.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00110080 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\pywintypes27.dll 2016-08-01 23:46 - 2016-08-01 23:46 - 00364544 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\pythoncom27.dll 2016-08-01 23:46 - 2016-08-01 23:46 - 00320512 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32com.shell.shell.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00776704 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\_hashlib.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 01176576 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\wx._core_.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00806400 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\wx._gdi_.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00816128 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\wx._windows_.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 01067008 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\wx._controls_.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00733184 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\wx._misc_.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00682496 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\pysqlite2._sqlite.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00088064 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\_ctypes.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00119808 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32file.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00108544 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32security.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00007168 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\hashobjs_ext.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00017920 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\thumbnails_ext.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00088064 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\usb_ext.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00012288 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\common.time34.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00018432 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32event.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00167936 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32gui.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00046080 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\_socket.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 01208320 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\_ssl.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00128512 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\_elementtree.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00127488 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\pyexpat.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00038912 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32inet.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00036864 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\_psutil_windows.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00525208 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\windows._lib_cacheinvalidation.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00011264 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32crypt.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00077312 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\wx._html2.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00027136 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\_multiprocessing.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00020480 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\_yappi.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00035840 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32process.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00686080 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\unicodedata.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00078848 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\wx._animate.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00123392 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\wx._wizard.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00024064 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32pipe.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00010240 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\select.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00025600 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32pdh.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00017408 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32profile.pyd 2016-08-01 23:46 - 2016-08-01 23:46 - 00022528 ____R () C:\Users\Barbara\AppData\Local\Temp\_MEI47642\win32ts.pyd 2016-04-11 14:11 - 2016-04-11 14:11 - 00520464 _____ () C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\39624\RapportMS.dll 2015-07-21 17:02 - 2015-07-21 17:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\100sexlinks.com -> 100sexlinks.com There are 4789 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-847376195-2476872231-1730056214-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Barbara\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{07a0dcee-aa79-4a03-aed3-df441638cb4b}.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: CCleaner Monitoring => "c:\program files\ccleaner\ccleaner64.exe" /monitor MSCONFIG\startupreg: iolo Startup => MSCONFIG\startupreg: OneDrive => "c:\users\barbara\appdata\local\microsoft\onedrive\onedrive.exe" /background HKLM\...\StartupApproved\StartupFolder: => "QuickBooks_Standard_21.lnk" HKLM\...\StartupApproved\StartupFolder: => "QuickBooks Update Agent.lnk" HKLM\...\StartupApproved\Run: => "TosWaitSrv" HKLM\...\StartupApproved\Run32: => "Intuit SyncManager" HKLM\...\StartupApproved\Run32: => "BCSSync" HKLM\...\StartupApproved\Run32: => "AmIcoSinglun64" HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive" HKLM\...\StartupApproved\Run32: => "RIM PeerManager" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKLM\...\StartupApproved\Run32: => "DivXUpdate" HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter" HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk" HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\StartupApproved\Run: => "OfficeSyncProcess" HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\StartupApproved\Run: => "Dropbox Update" HKU\S-1-5-21-847376195-2476872231-1730056214-1001\...\StartupApproved\Run: => "Advanced SystemCare 9" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{9A49C13D-5D1F-4A92-98AC-6A7C39751E49}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{7769C94B-1B7B-4BB3-9420-83A6C48701BA}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe FirewallRules: [{CE7902DA-316E-45A2-8B3E-81F04514E743}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{A5057E49-E7E8-40AC-8A61-59AA1D7F693D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe FirewallRules: [{046B4C3B-E615-4FCE-B40F-77FF19A6C09D}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [{2BAF4167-09A9-40D2-8E4E-AE7EF54CACF5}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe FirewallRules: [UDP Query User{280F9587-3BAB-466A-8682-02996111E564}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{D1DFDAFD-0103-4408-B2E8-3092F8001180}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{EF826A39-BF10-40D7-9851-B633C5B0BE4E}] => (Allow) C:\Program Files (x86)\BlackBerry\BlackBerry Blend\desktopinvokeproxy.exe FirewallRules: [{33EF7EE0-2C59-4483-B948-5117B1B1C7E7}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\tunnel manager\PeerManager.exe FirewallRules: [{B2620A57-CAA4-4E90-BA7F-47B397B34A1E}] => (Allow) C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe FirewallRules: [{8A7B6215-23F6-414B-BA6E-EF9E983309A6}] => (Allow) C:\Program Files (x86)\Acorah Software Products\TaxCalcHub\TaxCalcHub.exe FirewallRules: [{9A6FA90F-70A5-4B62-9B09-AE39F14E4033}] => (Allow) C:\Program Files (x86)\Acorah Software Products\TaxCalcHub\TaxCalcHub.exe FirewallRules: [{78BE90AD-D445-49B1-B74B-F3139DCE5C9F}] => (Allow) C:\Program Files (x86)\Acorah Software Products\TaxCalcHub\TaxCalcHub.exe FirewallRules: [UDP Query User{69324431-6167-4D3E-8D06-9E64301965D4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{14277A01-7031-470F-8C12-E5BAC786A981}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{4E90ADD6-5B45-4016-9D0A-86C7B55E646F}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{BF948478-8634-4C88-BEBC-046ECE7FA8C9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 27-06-2016 10:26:11 Installed Rapport 28-06-2016 22:44:24 Installed Rapport 29-06-2016 09:50:58 Driver Booster : Intel(R) HD Graphics 30-06-2016 11:24:23 Installed Rapport 01-07-2016 17:56:13 Installed Rapport 02-07-2016 18:09:57 Installed Rapport 03-07-2016 22:37:24 Installed Rapport 05-07-2016 20:32:01 Installed Rapport 06-07-2016 21:40:25 Installed Rapport 08-07-2016 20:28:05 Installed Rapport 09-07-2016 22:03:30 Installed Rapport 11-07-2016 09:44:32 Installed Rapport 12-07-2016 18:13:17 Installed Rapport 13-07-2016 09:49:10 Windows Modules Installer 15-07-2016 19:06:45 Installed Rapport 17-07-2016 12:31:50 Installed Rapport 18-07-2016 16:47:02 Installed Rapport 19-07-2016 23:18:01 Installed Rapport 21-07-2016 09:43:18 Installed Rapport 22-07-2016 19:29:18 Installed Rapport 24-07-2016 10:55:41 Installed Rapport 25-07-2016 20:33:35 Installed Rapport 26-07-2016 23:22:59 Installed Rapport 27-07-2016 23:30:18 Installed Rapport 28-07-2016 00:21:07 Driver Booster : Java Runtime Environment 32 bit 29-07-2016 20:10:57 Installed Rapport 30-07-2016 21:02:50 Installed Rapport 31-07-2016 21:48:51 Installed Rapport 01-08-2016 23:01:48 Installed LibreOffice 5.1.4.2 ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/02/2016 12:06:25 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FRST64.exe version 27.7.2016.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: df0 Start Time: 01d1ec494186fca7 Termination Time: 31 Application Path: C:\Users\Barbara\Desktop\FIXITPC.PL\frst\FRST64.exe Report Id: 8f72702b-583c-11e6-84fa-40f02f4b01b6 Faulting package full name: Faulting package-relative application ID: Error: (08/01/2016 11:46:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MsiExec.exe, version: 5.0.10586.0, time stamp: 0x5632d75e Faulting module name: KERNELBASE.dll, version: 10.0.10586.494, time stamp: 0x5775e78b Exception code: 0xc06d007e Fault offset: 0x000bdae8 Faulting process ID: 0x1208 Faulting application start time: 0xMsiExec.exe0 Faulting application path: MsiExec.exe1 Faulting module path: MsiExec.exe2 Report ID: MsiExec.exe3 Faulting package full name: MsiExec.exe4 Faulting package-relative application ID: MsiExec.exe5 Error: (08/01/2016 11:41:16 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WINWORD.EXE version 14.0.7171.5002 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2308 Start Time: 01d1ec452c9e99e0 Termination Time: 60000 Application Path: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE Report Id: da76cece-5838-11e6-84f9-40f02f4b01b6 Faulting package full name: Faulting package-relative application ID: Error: (08/01/2016 11:02:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (08/01/2016 09:48:32 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MsiExec.exe, version: 5.0.10586.0, time stamp: 0x5632d75e Faulting module name: KERNELBASE.dll, version: 10.0.10586.494, time stamp: 0x5775e78b Exception code: 0xc06d007e Fault offset: 0x000bdae8 Faulting process ID: 0xee4 Faulting application start time: 0xMsiExec.exe0 Faulting application path: MsiExec.exe1 Faulting module path: MsiExec.exe2 Report ID: MsiExec.exe3 Faulting package full name: MsiExec.exe4 Faulting package-relative application ID: MsiExec.exe5 Error: (08/01/2016 08:34:18 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialised. Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (08/01/2016 08:34:18 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialised. Context: Windows Application Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (08/01/2016 08:34:18 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialised. Context: Windows Application, SystemIndex Catalogue Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (08/01/2016 08:34:18 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in cannot be initialised. Context: Windows Application, SystemIndex Catalogue Details: The specified object cannot be found. Specify the name of an existing object. (HRESULT : 0x80040d06) (0x80040d06) Error: (08/01/2016 08:34:17 PM) (Source: Windows Search Service) (EventID: 3057) (User: ) Description: The plug-in manager cannot be initialised. Context: Windows Application Details: (HRESULT : 0x8e5e0226) (0x8e5e0226) System errors: ============= Error: (08/01/2016 11:47:39 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {784E29F4-5EBE-4279-9948-1E8FE941646D} Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (08/01/2016 11:46:34 PM) (Source: DCOM) (EventID: 10016) (User: WEBASIA-PC) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}webasia-pcBarbaraS-1-5-21-847376195-2476872231-1730056214-1001LocalHost (Using LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 CodeIntegrity: =================================== Date: 2016-07-30 21:06:28.975 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements. Date: 2016-07-30 21:06:27.073 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe that did not meet the Windows signing level requirements. Date: 2016-07-30 20:41:28.830 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-07-20 19:32:03.993 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-15 19:05:52.724 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-14 21:17:35.737 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-07-14 09:18:23.981 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-18 09:32:48.440 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-15 20:20:40.446 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-06-15 12:49:44.390 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz Percentage of memory in use: 36% Total physical RAM: 8067.27 MB Available physical RAM: 5087.59 MB Total Virtual: 16259.27 MB Available Virtual: 13218.82 MB ==================== Drives ================================ Drive c: (TI31205500A) (Fixed) (Total:464.58 GB) (Free:310.35 GB) NTFS Drive e: (New Volume) (Fixed) (Total:260.09 GB) (Free:259.57 GB) NTFS Drive f: (New Volume) (Fixed) (Total:195.31 GB) (Free:167.87 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================