Ran by Ottersea (ATTENTION: The user is not administrator) on CLAY-PC (27-11-2016 09:38:07)
Running from C:\Downloads
Loaded Profiles: Ottersea (Available Profiles: clay & Ottersea & Sharon)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> winlogon.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> lsm.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> atiesrxx.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> igfxCUIService.exe
Failed to access process -> svchost.exe
Failed to access process -> atieclxx.exe
Failed to access process -> AvastSvc.exe
Failed to access process -> spoolsv.exe
Failed to access process -> taskeng.exe
Failed to access process -> svchost.exe
Failed to access process -> NetworkLicenseServer.exe
Failed to access process -> PhotoshopElementsFileAgent.exe
Failed to access process -> DbxSvc.exe
Failed to access process -> svchost.exe
Failed to access process -> escsvc.exe
Failed to access process -> FreemakeUtilsService.exe
Failed to access process -> GoogleUpdate.exe
Failed to access process -> GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(brother) C:\Program Files\Brownie\BrStsWnd.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Cyber Power Systems, Inc.) C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(AMD) C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
(Valve Corporation) C:\Program Files\Steam\Steam.exe
(Brother Industries, Ltd.) C:\Program Files\Brownie\BRNIPMON.exe
(Ruiware) C:\Program Files\Ruiware\WinPatrol\WinPatrol.exe
Failed to access process -> iSCTAgent.exe
Failed to access process -> LavasoftTcpService.exe
Failed to access process -> mbamscheduler.exe
Failed to access process -> mbamservice.exe
Failed to access process -> MSIControlService.exe
Failed to access process -> MSI_LiveUpdate_Service.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
Failed to access process -> ChargeService.exe
Failed to access process -> MSI_Trigger_Service.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
Failed to access process -> ppped.exe
Failed to access process -> PsiService_2.exe
Failed to access process -> SDFSSvc.exe
Failed to access process -> SDUpdSvc.exe
Failed to access process -> svchost.exe
Failed to access process -> SuperRAIDSvc.exe
Failed to access process -> WLIDSVC.EXE
Failed to access process -> SDWSCSvc.exe
Failed to access process -> WLIDSVCM.EXE
Failed to access process -> SearchIndexer.exe
Failed to access process -> PresentationFontCache.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
Failed to access process -> wmpnetwk.exe
Failed to access process -> WmiPrvSE.exe
Failed to access process -> svchost.exe
Failed to access process -> dllhost.exe
Failed to access process -> jhi_service.exe
Failed to access process -> LMS.exe
Failed to access process -> sppsvc.exe
Failed to access process -> XtuService.exe
Failed to access process -> ICCProxy.exe
Failed to access process -> UI0Detect.exe
Failed to access process -> SearchProtocolHost.exe
Failed to access process -> SearchFilterHost.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
Failed to access process -> avBugReport.exe
Failed to access process -> conhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [BrStsWnd] => C:\Program Files\Brownie\BrstsWnd.exe [3618160 2011-03-25] (brother)
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
HKLM\...\Run: [PowerPanel Personal Edition User Interaction] => C:\Program Files\CyberPower PowerPanel Personal Edition\pppeuser.exe [362896 2014-05-12] (Cyber Power Systems, Inc.)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1065024 2014-06-10] (SEIKO EPSON CORPORATION)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\Run: [Steam] => C:\Program Files\Steam\Steam.exe [2851408 2016-07-08] (Valve Corporation)
HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\Run: [WinPatrol] => C:\Program Files\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-05] (Ruiware)
HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\MountPoints2: G - G:\SimpliSafe.bat
HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\MountPoints2: {181a8e3e-3209-11e5-a52c-d8cb8a3c7ad7} - G:\SimpliSafe.bat
HKU\S-1-5-21-781923646-3209173807-790831272-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [221184 2010-11-20] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-10-08] (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog9 01 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-03-27] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-03-27] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-03-27] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-03-27] (Lavasoft Limited)
Winsock: Catalog9 29 C:\Windows\system32\LavasoftTcpService.dll [345360 2016-03-27] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.202.166
Tcpip\..\Interfaces\{8A8DF711-C43F-499F-8310-27A6F1CC67B0}: [DhcpNameServer] 192.168.0.1 205.171.202.166
Internet Explorer:
==================
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-03-06] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Aimersoft Video Converter Ultimate 6.1.0 -> {D879895E-2124-4ED0-BDDF-F8F8BBC98A6F} -> C:\PROGRA~2\AIMERS~1\VIDEOC~1\WSBROW~1.DLL => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-03-06] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Handler: WSAMVCUchrome - {086BD280-4613-43B5 - No File
Handler: WSISVCUchrome - No CLSID Value -
Handler: WSWSVCUchrome - No CLSID Value -
FireFox:
========
FF DefaultProfile: qdn6py8a.default
FF ProfilePath: C:\Users\Ottersea\AppData\Roaming\Mozilla\Firefox\Profiles\qdn6py8a.default [2016-11-27]
FF Homepage: Mozilla\Firefox\Profiles\qdn6py8a.default -> hxxps://login.yahoo.com/?.src=ym&.intl= ... .yahoo.com
FF Extension: (Greek Spelling dictionary) - C:\Users\Ottersea\AppData\Roaming\Mozilla\Firefox\Profiles\qdn6py8a.default\Extensions\el-GR@dictionaries.addons.mozilla.org [2015-12-24] [not signed]
FF Extension: (YouTube mp3) - C:\Users\Ottersea\AppData\Roaming\Mozilla\Firefox\Profiles\qdn6py8a.default\Extensions\info@youtube-mp3.org.xpi [2016-04-27]
FF Extension: (YouTube™ Flash® Player) - C:\Users\Ottersea\AppData\Roaming\Mozilla\Firefox\Profiles\qdn6py8a.default\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2016-11-02]
FF Extension: (Ελληνικά Language Pack) - C:\Users\Ottersea\AppData\Roaming\Mozilla\Firefox\Profiles\qdn6py8a.default\Extensions\langpack-el@firefox.mozilla.org.xpi [2016-11-20]
FF Extension: (1-Click YouTube Video Downloader) - C:\Users\Ottersea\AppData\Roaming\Mozilla\Firefox\Profiles\qdn6py8a.default\Extensions\YoutubeDownloader@PeterOlayev.com.xpi [2016-08-23]
FF ProfilePath: C:\Users\Ottersea\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\mr5c3pzr.default [2016-11-19]
FF Homepage: Moonchild Productions\Pale Moon\Profiles\mr5c3pzr.default -> hxxps://login.yahoo.com/config/mail?&.src=ym&.intl=us
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-09]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-03-06] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-03-06] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-02-17] (VideoLAN)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-07-03] (Adobe Systems) [File not signed]
R2 AdobeActiveFileMonitor5.0; C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [102400 2006-09-14] () [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-10-08] (AVAST Software)
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280840 2015-03-19] (Intel Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2016-03-14] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [35440 2016-11-07] (Dropbox, Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2015-06-30] (Macrovision Europe Ltd.) [File not signed]
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-06-09] (Freemake) [File not signed]
R3 ICCS; C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [171480 2014-02-18] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [293128 2015-03-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [686552 2014-05-13] (Intel(R) Corporation)
S3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [54976 2014-03-27] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [190256 2014-08-25] ()
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2016-03-27] (Lavasoft Limited)
R2 lmhosts; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MSIBIOSData_CC; C:\Program Files\MSI\Command Center\BIOSData\MSIBIOSDataService.exe [2100736 2014-06-04] (MSI) [File not signed]
S3 MSIClock_CC; C:\Program Files\MSI\Command Center\ClockGen\MSIClockService.exe [4026880 2014-09-26] (MSI) [File not signed]
S3 MSICOMM_CC; C:\Program Files\MSI\Command Center\MSICommService.exe [2118144 2014-07-28] () [File not signed]
S3 MSICPU_CC; C:\Program Files\MSI\Command Center\CPU\MSICPUService.exe [4157440 2014-09-26] () [File not signed]
R2 MSICTL_CC; C:\Program Files\MSI\Command Center\MSIControlService.exe [1993216 2014-09-26] () [File not signed]
S3 MSIDDR_CC; C:\Program Files\MSI\Command Center\DDR\MSIDDRService.exe [2242560 2014-09-01] () [File not signed]
S3 MSISMB_CC; C:\Program Files\MSI\Command Center\SMBus\MSISMBService.exe [2063360 2014-07-28] () [File not signed]
S3 MSISuperIO_CC; C:\Program Files\MSI\Command Center\SuperIO\MSISuperIOService.exe [550400 2014-09-25] () [File not signed]
R2 MSI_LiveUpdate_Service; C:\Program Files\MSI\Live Update\MSI_LiveUpdate_Service.exe [1723856 2014-09-18] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSI_Trigger_Service; C:\Program Files\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
R2 ppped; C:\Program Files\CyberPower PowerPanel Personal Edition\ppped.exe [1034640 2014-05-12] (Cyber Power Systems, Inc.)
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S3 RoxMediaDBVHS; C:\Program Files\Common Files\Roxio Shared\VHStoDVD\SharedCOM\RoxMediaDBVHS.exe [1112720 2012-07-30] (Corel Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [29648 2014-08-13] (Micro-Star International)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files\Intel\Extreme Tuning Utility\XtuService.exe [18384 2014-08-07] (Intel(R) Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [22808 2012-07-17] (Intel Corporation)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-10-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-10-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-10-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-10-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-10-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-10-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-10-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-10-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
R2 BrPar; C:\Windows\System32\drivers\BrPar.sys [19537 2000-07-24] (Brother Industries Ltd.) [File not signed]
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [1760256 2011-03-10] (C-Media Inc)
S3 CXPLRCAP; C:\Windows\System32\drivers\CxPlrCap.sys [187776 2010-01-06] (Conexant Systems, Inc.) [File not signed]
R3 ICCWDT; C:\Windows\System32\DRIVERS\ICCWDT.sys [23512 2013-08-13] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [19144 2014-05-27] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19656 2014-05-27] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [22728 2014-05-27] ()
R2 iocbios2; C:\Program Files\Intel\Extreme Tuning Utility\Drivers\IocDriver\32bit\iocbios2.sys [27376 2014-06-17] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD.sys [37576 2014-05-27] ()
R0 iusb3hcs; C:\Windows\System32\DRIVERS\iusb3hcs.sys [16880 2014-06-26] (Intel Corporation)
R3 iusb3hub; C:\Windows\System32\DRIVERS\iusb3hub.sys [380912 2014-06-26] (Intel Corporation)
R3 iusb3xhc; C:\Windows\System32\DRIVERS\iusb3xhc.sys [803312 2014-06-26] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-11-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 MBfilt; C:\Windows\System32\drivers\MBfilt32.sys [24664 2009-11-17] (Creative Technology Ltd.)
R3 MEI; C:\Windows\System32\DRIVERS\TeeDriver.sys [109568 2014-09-03] (Intel Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\ndisrd.sys [28776 2011-09-14] (NT Kernel Resources)
R3 NTIOLib_1_0_3; C:\Program Files\MSI\Super Charger\NTIOLib.sys [14392 2012-10-26] (MSI)
R3 NTIOLib_1_0_4; C:\Program Files\MSI\Live Update\NTIOLib.sys [7680 2010-10-20] (MSI) [File not signed]
S3 NTIOLib_MSIClock_CC; C:\Program Files\MSI\Command Center\ClockGen\NTIOLib.sys [7680 2012-11-20] (MSI) [File not signed]
S3 NTIOLib_MSICOMM_CC; C:\Program Files\MSI\Command Center\NTIOLib.sys [7680 2012-11-19] (MSI) [File not signed]
S3 NTIOLib_MSICPU_CC; C:\Program Files\MSI\Command Center\CPU\NTIOLib.sys [7680 2012-11-20] (MSI) [File not signed]
S3 NTIOLib_MSIDDR_CC; C:\Program Files\MSI\Command Center\DDR\NTIOLib.sys [7680 2012-11-26] (MSI) [File not signed]
S3 NTIOLib_MSIRatio_CC; C:\Program Files\MSI\Command Center\CPU\CPU_Ratio\NTIOLib.sys [7680 2012-11-20] (MSI) [File not signed]
S3 NTIOLib_MSISMB_CC; C:\Program Files\MSI\Command Center\SMBus\NTIOLib.sys [7680 2012-11-19] (MSI) [File not signed]
S3 NTIOLib_MSISuperIO_CC; C:\Program Files\MSI\Command Center\SuperIO\NTIOLib.sys [7680 2012-11-19] (MSI) [File not signed]
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib.sys [14832 2014-03-17] (MSI)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [46096 2013-10-16] (Corel Corporation)
R3 SCTDriverV1011; C:\Windows\System32\drivers\SCTDriverV1011.sys [202800 2010-05-10] (Jungo)
S3 USB28xxBGA; C:\Windows\System32\DRIVERS\emBDAA.sys [660120 2012-05-04] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\Windows\System32\DRIVERS\emOEMA.sys [1085592 2012-05-04] (eMPIA Technology, Inc.)
S3 CamAv; System32\Drivers\CamAv.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 MSICDSetup; \??\F:\CDriver.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-27 09:35 - 2016-11-27 09:35 - 00000000 ____D C:\FRST
2016-11-27 09:27 - 2016-11-27 09:27 - 00000000 ____D C:\Users\clay\AppData\Roaming\Moonchild Productions
2016-11-27 09:27 - 2016-11-27 09:27 - 00000000 ____D C:\Users\clay\AppData\Local\Moonchild Productions
2016-11-27 09:17 - 2016-11-27 09:27 - 00000000 ____D C:\Users\clay\AppData\LocalLow\Mozilla
2016-11-27 09:16 - 2016-11-27 09:16 - 00000000 ____D C:\Users\clay\AppData\Roaming\Epson
2016-11-20 16:04 - 2016-11-27 09:31 - 00000000 ____D C:\Users\Ottersea\AppData\LocalLow\Mozilla
2016-11-20 15:48 - 2016-11-24 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-16 11:36 - 2016-11-16 11:36 - 00000000 _____ C:\Windows\system32\last.dump
2016-11-16 11:31 - 2016-11-27 09:25 - 338093721 _____ C:\Windows\MEMORY.DMP
2016-11-16 11:31 - 2016-11-27 09:25 - 00000000 ____D C:\Windows\Minidump
2016-11-11 16:12 - 2016-11-11 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-11 15:12 - 2016-11-11 15:12 - 00000000 ____D C:\Users\Ottersea\AppData\Local\ABBYY
2016-11-11 15:10 - 2016-11-12 09:14 - 00000000 ____D C:\Users\Ottersea\AppData\Roaming\EPSON
2016-11-11 15:06 - 2016-11-11 15:06 - 00000000 ____D C:\Users\Ottersea\AppData\Roaming\ArcSoft
2016-11-11 14:58 - 2016-11-11 14:58 - 00000161 _____ C:\Users\Public\Desktop\Perfection V600 User's Guide.url
2016-11-11 14:58 - 2016-11-11 14:58 - 00000046 _____ C:\Windows\Perfection V600.ini
2016-11-11 14:58 - 2016-11-11 14:58 - 00000000 ____D C:\Users\clay\AppData\Roaming\Leadertech
2016-11-11 14:58 - 2016-11-11 14:58 - 00000000 ____D C:\ProgramData\EPSON
2016-11-11 14:57 - 2016-11-11 14:57 - 00001963 _____ C:\Users\Public\Desktop\PhotoStudio 6.lnk
2016-11-11 14:57 - 2016-11-11 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft PhotoStudio 6
2016-11-11 14:57 - 2016-11-11 14:57 - 00000000 ____D C:\Program Files\Common Files\ArcSoft
2016-11-11 14:57 - 2016-11-11 14:57 - 00000000 ____D C:\Program Files\ArcSoft
2016-11-11 14:56 - 2016-11-11 14:56 - 00000000 ____D C:\Users\clay\AppData\Local\ABBYY
2016-11-11 14:56 - 2016-11-11 14:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 9.0 Sprint
2016-11-11 14:55 - 2016-11-11 14:57 - 00000000 ____D C:\Program Files\ABBYY FineReader 9.0 Sprint
2016-11-11 14:55 - 2016-11-11 14:55 - 00000000 ____D C:\ProgramData\ABBYY
2016-11-11 14:55 - 2016-11-11 14:55 - 00000000 ____D C:\Program Files\Common Files\ABBYY
2016-11-11 14:52 - 2016-11-11 14:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2016-11-11 14:52 - 2016-11-11 14:53 - 00000000 ____D C:\Program Files\Epson Software
2016-11-11 14:51 - 2016-11-11 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-11-11 14:51 - 2016-11-11 14:57 - 00000000 ____D C:\Program Files\epson
2016-11-11 14:51 - 2016-11-11 14:51 - 00000936 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2016-11-11 14:51 - 2012-07-25 00:00 - 00075776 _____ (Seiko Epson Corporation.) C:\Windows\system32\esw2_a1.dll
2016-11-11 14:51 - 2012-07-10 01:00 - 00065793 _____ C:\Windows\system32\esfwa1.bin
2016-11-11 14:51 - 2012-07-10 00:00 - 00319488 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esinta1.dll
2016-11-11 14:51 - 2011-12-12 00:00 - 00122000 _____ (Seiko Epson Corporation) C:\Windows\system32\escsvc.exe
2016-11-10 23:19 - 2016-11-10 23:19 - 00000000 ____D C:\Users\clay\AppData\Local\PowerPanel Personal Edition
2016-11-10 22:54 - 2016-11-10 22:54 - 00000000 __SHD C:\Windows\system32\AI_RecycleBin
2016-11-10 22:54 - 2016-11-10 22:54 - 00000000 ____D C:\Users\Ottersea\AppData\Local\PowerPanel Personal Edition
2016-11-10 22:54 - 2016-11-10 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberPower PowerPanel Personal Edition
2016-11-08 16:23 - 2016-11-08 16:23 - 00000000 ____D C:\Users\clay\AppData\Local\CEF
2016-11-07 16:49 - 2016-11-07 16:49 - 00063600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-07 16:49 - 2016-11-07 16:49 - 00063600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-07 16:49 - 2016-11-07 16:49 - 00063600 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-07 16:33 - 2016-11-08 17:34 - 05610688 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2016-11-07 10:17 - 2016-11-07 10:17 - 00002824 _____ C:\Users\Ottersea\AppData\Local\recently-used.xbel
2016-10-30 15:07 - 2016-10-30 15:07 - 00000000 ____D C:\Firearms
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-11-27 09:36 - 2010-11-20 15:01 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-27 09:36 - 2009-07-13 20:37 - 00000000 ____D C:\Windows\inf
2016-11-27 09:31 - 2016-03-15 09:33 - 00000000 ___RD C:\Users\Ottersea\Dropbox
2016-11-27 09:31 - 2015-07-11 10:08 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-27 09:31 - 2015-07-03 12:24 - 00000000 __SHD C:\Users\Ottersea\IntelGraphicsProfiles
2016-11-27 09:30 - 2015-06-29 11:43 - 00000000 ____D C:\Program Files\CyberPower PowerPanel Personal Edition
2016-11-27 09:29 - 2016-07-28 08:11 - 00539810 _____ C:\Windows\ntbtlog.txt
2016-11-27 09:29 - 2016-03-14 17:51 - 00000888 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-27 09:29 - 2015-07-07 15:02 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-27 09:29 - 2015-06-30 15:17 - 00000000 ____D C:\Program Files\Steam
2016-11-27 09:29 - 2015-06-29 10:43 - 00000462 _____ C:\Windows\Brownie.ini
2016-11-27 09:29 - 2015-06-26 17:39 - 00000262 _____ C:\Windows\Tasks\RtlNetworkGenieVistaStart.job
2016-11-27 09:29 - 2009-07-13 22:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-27 09:17 - 2015-07-07 11:21 - 00000000 __SHD C:\Users\clay\IntelGraphicsProfiles
2016-11-27 09:17 - 2015-06-28 17:09 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-27 09:15 - 2015-06-28 18:02 - 00000000 ____D C:\Users\clay\AppData\Local\ElevatedDiagnostics
2016-11-27 08:03 - 2016-03-14 17:51 - 00000892 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-27 06:08 - 2009-07-13 22:34 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-27 06:08 - 2009-07-13 22:34 - 00022336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-26 10:06 - 2015-06-29 07:42 - 00000000 ____D C:\Users\Ottersea
2016-11-26 10:06 - 2014-03-18 18:16 - 00000000 ____D C:\Photos
2016-11-26 09:37 - 2015-06-29 07:56 - 00000000 ____D C:\Users\Ottersea\AppData\Local\PasswordSafe
2016-11-24 09:23 - 2015-07-24 11:39 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-11-23 15:06 - 2015-06-29 13:03 - 00000000 ____D C:\Users\Ottersea\Documents\Quicken
2016-11-19 14:56 - 2009-07-13 20:37 - 00000000 ____D C:\Windows\system32\NDF
2016-11-16 11:36 - 2015-07-01 17:40 - 00000000 ____D C:\Users\Ottersea\AppData\Local\CrashDumps
2016-11-16 11:35 - 2009-07-13 22:53 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-13 14:06 - 2016-04-24 17:17 - 00000000 ____D C:\Users\Ottersea\Documents\Easy VHS to DVD Projects
2016-11-11 16:12 - 2016-03-14 17:51 - 00000000 ____D C:\Program Files\Dropbox
2016-11-11 14:59 - 2015-06-26 05:16 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2016-11-11 14:58 - 2015-06-30 14:03 - 00000000 ____D C:\Users\clay\AppData\Local\CrashDumps
2016-11-11 14:58 - 2009-07-13 22:52 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-11-10 13:14 - 2015-06-29 10:44 - 00000426 _____ C:\Windows\BRWMARK.INI
2016-11-08 17:34 - 2015-06-30 08:21 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-11-08 17:34 - 2015-06-30 08:21 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-11-08 17:34 - 2015-06-29 15:29 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-07 16:49 - 2016-10-24 07:06 - 00035440 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-11-07 16:08 - 2015-06-29 12:09 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2016-11-07 15:56 - 2016-03-14 17:51 - 00000000 ____D C:\Users\clay\AppData\Local\Dropbox
2016-11-07 11:50 - 2015-07-13 11:18 - 00000000 ____D C:\Users\Ottersea\.gimp-2.8
2016-11-07 10:17 - 2015-07-13 11:22 - 00000000 ____D C:\Users\Ottersea\AppData\Local\gtk-2.0
2016-11-05 08:55 - 2015-06-28 17:12 - 00000000 ____D C:\Program Files\Password Safe
2016-11-05 08:54 - 2015-06-28 17:13 - 00000000 ____D C:\Users\clay\AppData\Local\PasswordSafe
2016-10-28 21:04 - 2016-08-28 17:39 - 00000000 ____D C:\RQMONEY
==================== Files in the root of some directories =======
2016-04-10 22:27 - 2016-04-11 10:22 - 0000190 _____ () C:\Users\Ottersea\AppData\Roaming\settings.xml
2016-11-07 10:17 - 2016-11-07 10:17 - 0002824 _____ () C:\Users\Ottersea\AppData\Local\recently-used.xbel
2016-04-06 19:48 - 2016-04-06 19:48 - 0000017 _____ () C:\Users\Ottersea\AppData\Local\resmon.resmoncfg
2016-05-17 17:50 - 2016-05-17 17:50 - 0000016 _____ () C:\ProgramData\mntemp
Some files in TEMP:
====================
C:\Users\clay\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\clay\AppData\Local\Temp\_isA411.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
ATTENTION: ==> Could not access BCD. The user is not administrator
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2016
Ran by Ottersea (27-11-2016 09:38:39)
Running from C:\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2015-06-26 09:06:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-781923646-3209173807-790831272-500 - Administrator - Disabled)
clay (S-1-5-21-781923646-3209173807-790831272-1000 - Administrator - Enabled) => C:\Users\clay
Guest (S-1-5-21-781923646-3209173807-790831272-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-781923646-3209173807-790831272-1003 - Limited - Enabled)
Ottersea (S-1-5-21-781923646-3209173807-790831272-1001 - Limited - Enabled) => C:\Users\Ottersea
Sharon (S-1-5-21-781923646-3209173807-790831272-1004 - Limited - Enabled) => C:\Users\Sharon
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 4.0 Sprint (HKLM\...\ABBYY FineReader 4.0 Sprint) (Version: - )
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
ACPI Driver Installer (HKLM\...\553E35CD-0415-41bc-B39A-410375E88534) (Version: 2.1 - Intel Corporation)
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.0.12.36 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop Elements 5.0 (HKLM\...\Adobe Photoshop Elements 5) (Version: 5.0 - Adobe Systems Inc.)
Adobe Reader 8.1.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81000000003}) (Version: 8.1.0 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version: 3.0 - )
AMD Catalyst Install Manager (HKLM\...\{294E0B98-299B-62A4-47C7-131A2D9E220F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AnswerWorks 5.0 English Runtime (HKLM\...\{DBCC73BA-C69A-4BF5-B4BF-F07501EE7039}) (Version: 5.0.7 - Vantage Software Technologies)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
ArcSoft PhotoStudio 6 (HKLM\...\{6C33D2FD-8FBB-4613-BC4A-1663D03D1626}) (Version: 6.0.6.187 - ArcSoft)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
Brother BRAdmin Light 1.17.0002 (HKLM\...\{DB75941E-30C4-4D97-B000-D17C764B998C}) (Version: 1.17.0002 - Brother)
Brother HL-3070CW (HKLM\...\{54794513-6AAB-44D3-AE7A-7C2037FE938D}) (Version: 1.00 - Brother)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
Contents (Version: 18.0.0.181 - Corel Corporation) Hidden
Corel VideoStudio Pro X8 (HKLM\...\_{A22A80C4-F237-4B5A-825F-0731971ECBE6}) (Version: 18.6.0.6 - Corel Corporation)
CyberPower PowerPanel Personal Edition 1.4.3 (HKLM\...\{DEC7E1CD-31A2-4F2F-BEE5-CF80E8E58C2A}) (Version: 1.4.3 - Cyber Power Systems, Inc.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Detroit Iron Information Systems (HKLM\...\Detroit Iron) (Version: - )
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Dropbox (HKLM\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.57.1 - Dropbox, Inc.) Hidden
Easy Photo Scan (HKLM\...\{04A3C7AC-C350-46FA-8F72-C4E3F6B50D07}) (Version: 1.00.0004 - Seiko Epson Corporation)
Epson Copy Utility 4 (HKLM\...\{B835ADF3-3807-4B06-8E23-3B84AD67C4D7}) (Version: 4.01.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM\...\{747C2710-1D8F-46DD-ADF0-6EE0D980F13C}) (Version: 3.10.0039 - Seiko Epson Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EZ Grabber (HKLM\...\{8543A572-5993-4101-BACC-C83884E183A4}) (Version: 2.00.0000 - EZ Grabber)
Freemake Video Converter version 4.1.9 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Earth (HKLM\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM\...\HaaliMkx) (Version: - )
HydraVision (Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
ICA (Version: 18.0.0.181 - Corel Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4170 - Intel Corporation)
Intel(R) Small Business Advantage (HKLM\...\{6A6D86CD-B004-46b7-8951-7BB75A776F8C}) (Version: 2.2.51.8439 - Intel(R) Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{2551B515-A1F5-4AF7-BF9A-74F65D04E13C}) (Version: 5.0.10.2907 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM\...\3FD0C489-0F02-481a-A3E1-9754CD396761) (Version: - Intel Corporation)
IPM_VS_Pro (Version: 18.0 - Corel Corporation) Hidden
Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden <==== ATTENTION
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MediaFACE (Version: 5.0 - Fellowes) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access 2000 Runtime (HKLM\...\{00180408-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.3308 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 50.0 (x86 en-US) (HKLM\...\Mozilla Firefox 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
MSI Command Center (HKLM\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.83 - MSI)
MSI Intel Extreme Tuning Utility (HKLM\...\{56351c83-306c-4135-a570-2784d3025548}) (Version: 5.1.0.101 - Intel Corporation)
MSI Intel Extreme Tuning Utility (Version: 5.1.0.101 - Intel Corporation) Hidden
MSI Live Update (HKLM\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.010 - MSI)
MSI Smart Utilities (HKLM\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 2.0.0.10 - MSI)
MSI Super Charger (HKLM\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.026 - MSI)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetworkGenie (HKLM\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.0.0.8 - MSI)
Nik Collection (HKLM\...\Nik Collection) (Version: 1.2.11 - Google)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenOffice 4.1.2 (HKLM\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Pale Moon 26.5.0 (x86 en-US) (HKLM\...\Pale Moon 26.5.0 (x86 en-US)) (Version: 26.5.0 - Moonchild Productions)
Password Safe (HKLM\...\Password Safe) (Version: - )
PeaZip 5.6.0 (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Perfection V600 User's Guide version 1.0 (HKLM\...\UsersGuidePerfection V600 User's Guide_is1) (Version: 1.0 - )
Quicken 2008 (HKLM\...\{3B0F52AC-EF5C-4831-B221-06C782E41280}) (Version: 17.1.6.7 - Intuit)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Roxio Easy VHS to DVD 3 (HKLM\...\{01EA1B5D-04A2-45BD-83BD-488D6EB7B942}) (Version: 3.0 - Roxio)
RVer's Notebook (HKLM\...\RVer's Notebook) (Version: 2.2 - IV Software)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
SCT Device Updater (HKLM\...\{1E05E69C-38E3-40A8-96BA-07900EE62F4F}) (Version: 2.9.16049.1 - SCT)
SCTDriversV1011x86 (HKLM\...\{85E589A5-FBF0-4CC5-9E58-CA2E1E54DBBF}) (Version: 11.0.0 - SCT Performance LLC)
Setup (Version: 18.0.0.181 - Corel Corporation) Hidden
Share (Version: 18.0.0.181 - Corel Corporation) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tomb Raider (HKLM\...\Steam App 203160) (Version: - Crystal Dynamics)
VGA Boost (HKLM\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.8 - MSI)
VideoStudio MyDVD (HKLM\...\{49D8422A-D54E-425F-8A38-54167B1174A1}) (Version: 1.0 - Corel)
VideoStudio MyDVD (Version: 1.0.112 - Corel Corporation) Hidden
ViewSonic Monitor Drivers (HKLM\...\{B4FEA924-630D-11D4-B78E-005004566E4D}) (Version: - )
Visioneer PaperPort Viewer 5.0 (HKLM\...\Visioneer PaperPort Viewer 5.0) (Version: - )
VLC media player 2.0.0 (HKLM\...\VLC media player) (Version: 2.0.0 - VideoLAN)
VSClassic (Version: 18.0.0.181 - Corel Corporation) Hidden
VSPro (Version: 18.0.0.181 - Corel Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-781923646-3209173807-790831272-1001_Classes\CLSID\{3F11DF04-C40B-F92C-CA9B-08270FD5296B}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-781923646-3209173807-790831272-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-781923646-3209173807-790831272-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Ottersea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-781923646-3209173807-790831272-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Ottersea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-781923646-3209173807-790831272-1001_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Ottersea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-781923646-3209173807-790831272-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Ottersea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-781923646-3209173807-790831272-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Ottersea\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\FileSyncApi.dll (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => <==== ATTENTION
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => <==== ATTENTION
Task: C:\Windows\Tasks\RtlNetworkGenieVistaStart.job =>
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\VideoStudio Learning.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> www.studiobacklot.tv/videostudio
==================== Loaded Modules (Whitelisted) ==============
2015-06-29 12:09 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-06-29 12:09 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2016-10-08 18:39 - 2016-10-08 18:39 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-10-08 18:39 - 2016-10-08 18:39 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-29 12:09 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-11-11 16:11 - 2016-10-10 10:29 - 00035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2016-11-11 16:11 - 2016-10-10 10:29 - 00145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2016-11-11 16:11 - 2016-10-10 10:29 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
2016-11-11 16:11 - 2016-10-10 10:29 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2016-11-11 16:11 - 2016-10-10 10:29 - 00100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2016-11-11 16:11 - 2016-10-10 10:29 - 00018888 _____ () C:\Program Files\Dropbox\Client\select.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00019760 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2016-11-11 16:11 - 2016-10-10 10:29 - 00694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2016-11-11 16:11 - 2016-11-07 16:58 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-11-11 16:11 - 2016-10-10 10:30 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2016-11-11 16:11 - 2016-11-07 16:58 - 01682760 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-11-11 16:11 - 2016-11-07 16:58 - 00020808 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00021312 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00052024 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00038696 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2016-11-11 16:11 - 2016-10-10 10:29 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2016-11-11 16:11 - 2016-10-10 10:31 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00116176 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00381752 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00025424 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2016-11-11 16:11 - 2016-11-07 16:58 - 00246592 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00026456 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-11-11 16:11 - 2016-10-10 10:30 - 00241104 _____ () C:\Program Files\Dropbox\Client\_jpegtran.pyd
2016-11-11 16:11 - 2016-11-07 16:58 - 00020280 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00023376 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00019776 _____ () C:\Program Files\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00020800 _____ () C:\Program Files\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00022352 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00024392 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-11-11 16:11 - 2016-10-10 10:27 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2016-11-11 16:11 - 2016-11-07 16:59 - 00084280 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-11 16:11 - 2016-11-07 16:59 - 01826096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2016-11-11 16:11 - 2016-10-10 10:29 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00531248 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 03928880 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 01972528 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00133424 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00224056 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00207672 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00020288 _____ () C:\Program Files\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-11-11 16:11 - 2016-10-10 10:33 - 00017864 _____ () C:\Program Files\Dropbox\Client\libEGL.dll
2016-11-11 16:11 - 2016-10-10 10:34 - 01631184 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2016-11-11 16:11 - 2016-11-07 16:59 - 00042808 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00168760 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00357680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2016-11-11 16:11 - 2016-10-10 10:31 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00024904 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-11 16:11 - 2016-11-07 16:59 - 00546096 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-781923646-3209173807-790831272-1001\...\123simsen.com -> www.123simsen.com
There are 7916 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:04 - 2016-06-10 18:28 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-781923646-3209173807-790831272-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ottersea\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.202.166
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Speed Launcher.lnk => C:\Windows\pss\Adobe Acrobat Speed Launcher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Acrobat Synchronizer.lnk => C:\Windows\pss\Adobe Acrobat Synchronizer.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microtek Scanner Finder.lnk => C:\Windows\pss\Microtek Scanner Finder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^clay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Photo Downloader => "C:\Program Files\Adobe\Photoshop Elements 5.0\apdproxy.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: APSDaemon => "c:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BingSvc => C:\Users\clay\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: Brdefprn => C:\Program Files\Brother\BRHL3070\Brdefprn.exe -d
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: Cmaudio8788 => RunDll32 cmicnfgp.cpl,CMICtrlWnd
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\system\HsMgr.exe Envoke
MSCONFIG\startupreg: Command Center => C:\Program Files\MSI\Command Center\StartCommandCenter.exe
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Dropbox => "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IMSS => "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" "C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe" 60
MSCONFIG\startupreg: ISCT Tray => C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
MSCONFIG\startupreg: iSkysoft Helper Compact.exe => C:\Program Files\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: Live Update => C:\Program Files\MSI\Live Update\Live Update.exe /REMINDER
MSCONFIG\startupreg: MediaFace Integration => C:\Program Files\Fellowes\MediaFACE 5.0\SetHook.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: QuickTime Task => "c:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
MSCONFIG\startupreg: StartCCC => "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Super Charger => C:\Program Files\MSI\Super Charger\Super Charger.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{912C58EC-8ECB-4303-BCDA-FDE23351F018}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{A9237781-FE20-4CF9-A7AF-09A38AB1EAC6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{2B417293-F492-4ABB-9C0C-C233ADCE8ECF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{390FACA7-98D7-4E30-9EB4-D3ED3A566BB9}] => (Allow) C:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe
FirewallRules: [{E2FA990B-5628-4F1B-B8A7-157FE285A17C}] => (Allow) C:\Program Files\Brother\BRAdmin Light\BRAdmLight.exe
FirewallRules: [{EF996752-8D9D-4048-ACF4-18A4E94D7C7C}] => (Allow) c:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{2E793365-984D-4A13-BDFE-94C5BB9A4D92}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{1E55D3EF-D495-44A0-9551-1E5A613D8179}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{37DC73FB-B9B8-422E-8135-A04C911AE434}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{8A8F847E-A2D3-4CF2-99EF-ABAE556D8A0E}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{10361E2A-9EF3-4360-8CE7-D838006E762F}] => (Allow) C:\Program Files\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{204B0034-C3CC-4983-961D-9631B5CEFB4D}] => (Allow) C:\Program Files\Steam\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{A56168E9-F1B3-4712-AE8D-B0F65B6D6129}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{98A3E2B7-56DC-439D-ABF9-6F9C8121238D}] => (Allow) C:\Program Files\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{FBC8C26B-72B2-4174-B3B5-055C27FA6B8F}] => (Allow) C:\Users\clay\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{04A20F7D-D538-4AFE-A287-6CF087E9BA06}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{37A13CE4-5AD0-448F-B36A-0BFBE0517BD4}] => (Allow) LPort=2869
FirewallRules: [{806230B5-4CAB-44CD-94AF-E1FCA03AA6CE}] => (Allow) LPort=1900
FirewallRules: [{2D157825-AB7E-4674-98E9-2CA326118CAA}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{40866BA8-E8CA-4ABE-AB2B-17C0B838744C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5278F079-6B94-40AD-8DAE-6140A3A8E503}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AF51ABD0-7293-4843-AEED-4EA6A0FD6B55}G:\simplisafewizard.exe] => (Allow) G:\simplisafewizard.exe
FirewallRules: [UDP Query User{D0D16C37-348A-40D9-87BA-C7F2119D1CA2}G:\simplisafewizard.exe] => (Allow) G:\simplisafewizard.exe
FirewallRules: [{23498A66-5C22-4CDC-86D3-CF76C73A70CA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{633D9F3F-B4A1-4DB7-AEA5-8EB9B51A378A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FC1DA6A2-F3F7-455C-A8B3-E3138F1E1CC8}] => (Allow) C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [TCP Query User{589328A6-9872-49E1-A596-145BF6F494D0}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{E79967BD-CE6A-4DC2-BA3B-55796835758B}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{CF4BAF8A-BC84-4B9E-9168-D3045FCE34E6}] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{20D57A38-2C95-48CE-A7BF-6EC747078505}] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/27/2016 09:37:31 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST.exe version 23.11.2016.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 10c8
Start Time: 01d248c3dab8514c
Termination Time: 6
Application Path: C:\Downloads\FRST.exe
Report Id: 613f47ac-b4b7-11e6-8e86-d8cb8a3c7ad7
Error: (11/27/2016 09:31:05 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/27/2016 09:29:49 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (11/27/2016 09:27:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/27/2016 09:20:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/27/2016 09:19:25 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (11/27/2016 09:17:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/27/2016 09:11:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (11/27/2016 09:10:40 AM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) The system cannot find the file specified.
Error: (11/27/2016 08:04:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (11/27/2016 09:27:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/27/2016 09:27:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/27/2016 09:27:53 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/27/2016 09:26:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/27/2016 09:26:08 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (11/27/2016 09:26:08 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (11/27/2016 09:26:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/27/2016 09:26:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/27/2016 09:26:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (11/27/2016 09:26:04 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Percentage of memory in use: 61%
Total physical RAM: 2760 MB
Available physical RAM: 1075.6 MB
Total Virtual: 6898.32 MB
Available Virtual: 4545.86 MB
==================== Drives ================================
Drive c: (Sata 3) (Fixed) (Total:931.51 GB) (Free:736.95 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Sata 2) (Fixed) (Total:465.76 GB) (Free:168.27 GB) NTFS
Drive e: (Sata 1) (Fixed) (Total:465.76 GB) (Free:423.11 GB) NTFS
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================