Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016
Ran by salamouna2 (2016-07-04 23:34:29)
Running from C:\Users\salamouna2\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-14 20:42:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1498194768-3071915256-2736199516-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1498194768-3071915256-2736199516-503 - Limited - Disabled)
Guest (S-1-5-21-1498194768-3071915256-2736199516-501 - Limited - Disabled)
salamouna2 (S-1-5-21-1498194768-3071915256-2736199516-1001 - Administrator - Enabled) => C:\Users\salamouna2
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 9.0.318.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.381.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.2.28500 - BitTorrent Inc.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.57 - ICEpower a/s)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.42.2.18804 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.42.6 - AVG Technologies) Hidden
Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
BlueStacks App Player (HKLM-x32\...\{4047E0FE-CBD8-4915-BBB1-45F6CBF417AC}) (Version: 2.0.4.5627 - BlueStack Systems, Inc.)
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cent Browser (HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\CentBrowser) (Version: 1.9.13.75 - Cent Studio)
DriversCloud.com (64 bits) (HKLM\...\{B3F21810-C58E-4AE1-BFBA-8327721C9F8A}) (Version: 8.0.4.0 - Cybelsoft)
ESET Smart Security (HKLM\...\{11994064-51F2-45DF-A83E-539B4BFE3F5A}) (Version: 9.0.318.0 - ESET, spol. s r.o.)
FileZilla Client 3.18.0 (HKLM-x32\...\FileZilla Client) (Version: 3.18.0 - Tim Kosse)
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto V version v.1.0.350.1 (HKLM-x32\...\Grand Theft Auto V_is1) (Version: v.1.0.350.1 - GMT-MAX.ORG)
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
iMacros Version 10.0.2.2823 (x64) (HKLM\...\{9C5118F7-E26D-4fc0-B7F4-4A067A0808FA}_is1) (Version: 10.0.2.2823 - Ipswitch, Inc)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Codec Pack 11.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.01.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.5.1.0 - Duodian Technology Co. Ltd.)
NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.332 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
Rental Management (HKLM-x32\...\{4F040BE0-2E11-4CED-8AE3-047C0DA352D4}_is1) (Version: 4.0 - Jsoft.fr)
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Telegram Desktop version 0.9.51 (HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.51 - Telegram Messenger LLP)
Terminals (HKLM-x32\...\{9CA99653-709D-493E-BB16-C32125D94138}) (Version: 3.6.1.0 - Robert Chartier)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 8.247 - El Desaparecido - www.usb-antivirus.com - www.sosvirus.net)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc)
VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden
Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinHTTrack Website Copier 3.48-21 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1498194768-3071915256-2736199516-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\salamouna2\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00D85E4D-BD90-4534-9802-538A333C7E76} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0BB48EE2-C323-4B10-BAA2-9271797FD747} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {21940C9F-3DD2-43FA-A983-8CFD26DCCCE6} - \Google Update -> No File <==== ATTENTION
Task: {2AFC4A1A-4624-4909-937E-C06573397783} - System32\Tasks\hfdccd => C:\Users\salamouna2\hfdccd\zvbvhivw.exe [2015-07-10] (AutoIt Team)
Task: {2E6FEAF1-ECE8-4A9F-9CD7-2288AE99B277} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3A0F3D84-AC0E-4E2D-B40B-58DE5EB9037E} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {4453AEEB-2FD2-4C95-BAEC-D8CC46163A86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4904A467-029A-4FA3-814E-F9B60459075D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5AB1A12D-E3A1-455C-AC75-D7E90C9983EE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {63273E66-DC21-4F59-99A5-6A53C79B5E96} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {68B9BCF9-1986-4BDE-A23C-32135F0929A4} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-11-30] ()
Task: {69F7916A-70C2-4898-8414-FC5CB36AD8C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {6A596AF8-E666-45AB-939B-E553FD83FF1B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {70637062-DC18-425E-AE37-B4AA5C44113A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7D286572-9A8E-44AF-A15B-1A6955F4BBDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-03] (Google Inc.)
Task: {831FB78A-A096-4006-998E-9FB9AFBE0D57} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {93357560-2CD3-4F9E-9E01-12179707A1FB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {95CF4079-9C3D-4335-B50A-3AFA122A03E8} - System32\Tasks\{6DDF7C85-E9A4-482B-8905-8345726CEC8A} => Chrome.exe hxxp://ui.skype.com/ui/0/7.15.0.102/fr/abandoninstall?source=lightinstaller&page=tsMain
Task: {B93A2461-7FDF-4112-B796-75DA19B35D64} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C3EE5D55-E77E-4BEB-804F-AF5E0575B223} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-06-01] (AVG Technologies CZ, s.r.o.)
Task: {D2A52D7B-457D-4F26-8BE4-20FC5E1384C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-03] (Google Inc.)
Task: {D4A92B6C-03FC-48A6-8567-B3750CF4192C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {D76F1F42-D3C8-4816-8B45-E7486AF9DED2} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {ED056F24-4F09-4E0B-962F-AEDB747147B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {F1C8788E-19C1-4CC3-9D48-F8BCDAB5C307} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {F90636A8-2115-4F09-BE19-FD70F9F9ACF4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F989AEF5-BCE8-4702-BF86-0603DCB557A8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-14 21:10 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-28 11:34 - 2014-08-20 08:27 - 00242256 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2016-04-13 16:53 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 16:53 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-24 16:20 - 2016-05-24 16:20 - 00959168 _____ () C:\Users\salamouna2\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-27 13:19 - 2016-05-27 13:19 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-04-14 16:04 - 2014-04-14 16:04 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2015-12-19 01:08 - 2015-12-19 01:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-02-18 19:41 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 16:50 - 2016-04-02 04:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 16:50 - 2016-04-02 04:26 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-07-03 18:28 - 2016-07-03 18:28 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-02-15 17:22 - 2016-02-15 17:22 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-02-15 17:22 - 2016-02-15 17:22 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-02-15 17:28 - 2016-02-15 17:29 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-13 16:51 - 2016-04-02 04:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 16:51 - 2016-04-02 03:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 16:52 - 2016-04-02 03:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 16:52 - 2016-04-02 04:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-04-14 16:41 - 2014-04-14 16:41 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-01-21 15:01 - 2015-01-21 15:01 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-24 16:20 - 2016-05-24 16:20 - 00679624 _____ () C:\Users\salamouna2\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-02-25 14:15 - 2015-02-25 14:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-03-09 22:49 - 2016-03-09 22:49 - 01114136 _____ () C:\Users\salamouna2\AppData\Roaming\Mozilla\Firefox\Profiles\e18oh439.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2016-02-15 17:28 - 2016-02-15 17:29 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-15 17:28 - 2016-02-15 17:30 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-07-03 22:40 - 2016-06-02 05:32 - 01709976 _____ () C:\Users\salamouna2\AppData\Local\CentBrowser\Application\1.9.13.75\libglesv2.dll
2016-07-03 22:40 - 2016-06-02 05:32 - 00081816 _____ () C:\Users\salamouna2\AppData\Local\CentBrowser\Application\1.9.13.75\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [306]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\salamouna2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AvgUi"
HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\StartupApproved\Run: => "Google Update"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FBD6C7A3-96F4-4BA4-B3A0-DA9CA91AF2A9}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{6A6F2BB9-29D3-463F-8090-3354FEBEC9BB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{4699980F-073C-4303-BB42-625FBB00445A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{67DF7A49-CE12-4B54-85E4-E6A05882CA55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{325C551B-50D5-43E5-A3E9-D0FB8305BBDF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2C613F3F-7EB4-460A-ADB8-45F21E3892A5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1DDB1A23-CB54-43FF-A90B-C9B82F9630EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A8E3FC6C-B55C-4D30-87ED-B57C701C09BE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{22AF13E6-D352-409E-96ED-C05F607F6C4E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E4317E6F-6830-4DB9-B6E7-B8A4E53BEB29}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1FA372BE-1393-4EC1-935B-65B4E3B604B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FC7A131-1897-4E78-BD7A-A6AEA72CD200}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{104B4B33-A23A-4C0F-9163-C3EFBB452573}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{13C3B734-810C-4128-B1EC-3C6C20E20A50}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{AC680737-21CB-4946-B75C-8E811C15E7FF}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{BCDF1721-6407-467D-ACCA-4F6C7C376D7F}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{DCB5BA34-E321-49F3-BE47-BED2869B667F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7BB501D3-3084-49C0-B3E4-E4988455F65E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BFF0DB46-1C54-4110-B127-02B2900B9F9A}] => (Allow) LPort=8317
FirewallRules: [{3220E14A-35DC-4ECB-AB6B-A917CB044616}] => (Allow) C:\Users\salamouna2\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [TCP Query User{6F759F54-398C-4D55-89BC-FC71716758BC}E:\grand theft auto v\gta5.exe] => (Allow) E:\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{33D432F0-681A-4318-AB94-09B8314DCDAF}E:\grand theft auto v\gta5.exe] => (Allow) E:\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BEDB0855-4D46-4752-853F-2E82CC21E8CD}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe
FirewallRules: [UDP Query User{9117BCA3-B01A-4217-8A9C-6181562CBB8F}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe
FirewallRules: [{D8289F40-1115-438A-A064-7CF6CC203D6E}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{6516A227-8220-46E8-9303-2DD7ECE9B5B6}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
==================== Restore Points =========================
05-06-2016 18:00:39 Installed Splashtop Personal.
17-06-2016 14:10:21 Installed DirectX
30-06-2016 15:31:05 Removed Google Earth
01-07-2016 15:55:20 zoek.exe restore point
02-07-2016 14:17:45 JRT Pre-Junkware Removal
03-07-2016 19:20:23 Removed Google Talk Plugin
==================== Faulty Device Manager Devices =============
Name: Intel(R) Dynamic Platform and Thermal Framework Manager
Description: Intel(R) Dynamic Platform and Thermal Framework Manager
Class Guid: {c3077fcd-9c3c-482f-9317-460712f23efd}
Manufacturer: Intel
Service: esif_lf
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2016 11:31:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (07/04/2016 03:24:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (07/04/2016 03:24:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (07/03/2016 09:58:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Faulting module name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Exception code: 0xc0000409
Fault offset: 0x0000000000015953
Faulting process id: 0x12c8
Faulting application start time: 0xigfxHK.exe0
Faulting application path: igfxHK.exe1
Faulting module path: igfxHK.exe2
Report Id: igfxHK.exe3
Faulting package full name: igfxHK.exe4
Faulting package-relative application ID: igfxHK.exe5
Error: (07/03/2016 09:25:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Faulting module name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Exception code: 0xc0000409
Fault offset: 0x0000000000015953
Faulting process id: 0x14e8
Faulting application start time: 0xigfxHK.exe0
Faulting application path: igfxHK.exe1
Faulting module path: igfxHK.exe2
Report Id: igfxHK.exe3
Faulting package full name: igfxHK.exe4
Faulting package-relative application ID: igfxHK.exe5
Error: (07/03/2016 07:20:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (07/03/2016 07:12:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Faulting module name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Exception code: 0xc0000409
Fault offset: 0x0000000000015953
Faulting process id: 0x8d0
Faulting application start time: 0xigfxHK.exe0
Faulting application path: igfxHK.exe1
Faulting module path: igfxHK.exe2
Report Id: igfxHK.exe3
Faulting package full name: igfxHK.exe4
Faulting package-relative application ID: igfxHK.exe5
Error: (07/03/2016 05:56:03 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 2472. Message ID: [0x2509].
Error: (07/03/2016 05:52:47 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (07/03/2016 05:52:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
System errors:
=============
Error: (07/04/2016 03:32:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:32:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2016 03:32:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:32:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2016 03:32:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:32:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2016 03:26:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:26:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2016 03:26:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:26:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-06-06 12:51:16.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-22 23:00:23.942
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-07 22:20:07.456
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-18 13:00:13.480
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-26 17:29:32.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-26 15:03:26.238
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-26 14:59:42.972
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-26 14:24:45.287
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-15 23:33:08.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-15 23:24:15.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 64%
Total physical RAM: 8091.35 MB
Available physical RAM: 2861.59 MB
Total Virtual: 11737.38 MB
Available Virtual: 6671.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:345.23 GB) (Free:183.16 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:585.94 GB) (Free:387.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 12395357)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=345.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by salamouna2 (2016-07-04 23:34:29)
Running from C:\Users\salamouna2\Desktop
Windows 10 Home Version 1511 (X64) (2016-02-14 20:42:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1498194768-3071915256-2736199516-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1498194768-3071915256-2736199516-503 - Limited - Disabled)
Guest (S-1-5-21-1498194768-3071915256-2736199516-501 - Limited - Disabled)
salamouna2 (S-1-5-21-1498194768-3071915256-2736199516-1001 - Administrator - Enabled) => C:\Users\salamouna2
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET Smart Security 9.0.318.0 (Disabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 9.0.381.0 (Disabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personal firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.2.28500 - BitTorrent Inc.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.57 - ICEpower a/s)
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.42.2.18804 - AVG Technologies)
AVG PC TuneUp (x32 Version: 16.42.6 - AVG Technologies) Hidden
Bitdefender 60-Second Virus Scanner (HKLM\...\{CCEA2053-D975-4E38-AC09-4D5E6DAC6B6F}) (Version: 1.0.3.76 - Bitdefender)
BlueStacks App Player (HKLM-x32\...\{4047E0FE-CBD8-4915-BBB1-45F6CBF417AC}) (Version: 2.0.4.5627 - BlueStack Systems, Inc.)
Camtasia Studio 8 (HKLM-x32\...\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}) (Version: 8.6.0.2079 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cent Browser (HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\CentBrowser) (Version: 1.9.13.75 - Cent Studio)
DriversCloud.com (64 bits) (HKLM\...\{B3F21810-C58E-4AE1-BFBA-8327721C9F8A}) (Version: 8.0.4.0 - Cybelsoft)
ESET Smart Security (HKLM\...\{11994064-51F2-45DF-A83E-539B4BFE3F5A}) (Version: 9.0.318.0 - ESET, spol. s r.o.)
FileZilla Client 3.18.0 (HKLM-x32\...\FileZilla Client) (Version: 3.18.0 - Tim Kosse)
FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Grand Theft Auto V version v.1.0.350.1 (HKLM-x32\...\Grand Theft Auto V_is1) (Version: v.1.0.350.1 - GMT-MAX.ORG)
Hex Workshop v6.8 (HKLM\...\{A36AC685-4435-4C16-861F-221231DE165D}) (Version: 6.8.0.5419 - BreakPoint Software)
iMacros Version 10.0.2.2823 (x64) (HKLM\...\{9C5118F7-E26D-4fc0-B7F4-4A067A0808FA}_is1) (Version: 10.0.2.2823 - Ipswitch, Inc)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Codec Pack 11.7.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.26.01.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 47.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 en-US)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.5.1.0 - Duodian Technology Co. Ltd.)
NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.332 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
Rental Management (HKLM-x32\...\{4F040BE0-2E11-4CED-8AE3-047C0DA352D4}_is1) (Version: 4.0 - Jsoft.fr)
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Telegram Desktop version 0.9.51 (HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.9.51 - Telegram Messenger LLP)
Terminals (HKLM-x32\...\{9CA99653-709D-493E-BB16-C32125D94138}) (Version: 3.6.1.0 - Robert Chartier)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 8.247 - El Desaparecido - www.usb-antivirus.com - www.sosvirus.net)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc)
VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden
Windows Driver Package - ASUS (ATP) Mouse (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
WinHTTrack Website Copier 3.48-21 (x64) (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.48.21 - HTTrack)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WinSCP 5.7.6 (HKLM-x32\...\winscp3_is1) (Version: 5.7.6 - Martin Prikryl)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1498194768-3071915256-2736199516-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\salamouna2\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00D85E4D-BD90-4534-9802-538A333C7E76} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {0BB48EE2-C323-4B10-BAA2-9271797FD747} - \Microsoft\Windows\Setup\GWXTriggers\Logon-URT -> No File <==== ATTENTION
Task: {21940C9F-3DD2-43FA-A983-8CFD26DCCCE6} - \Google Update -> No File <==== ATTENTION
Task: {2AFC4A1A-4624-4909-937E-C06573397783} - System32\Tasks\hfdccd => C:\Users\salamouna2\hfdccd\zvbvhivw.exe [2015-07-10] (AutoIt Team)
Task: {2E6FEAF1-ECE8-4A9F-9CD7-2288AE99B277} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {3A0F3D84-AC0E-4E2D-B40B-58DE5EB9037E} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {4453AEEB-2FD2-4C95-BAEC-D8CC46163A86} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {4904A467-029A-4FA3-814E-F9B60459075D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5AB1A12D-E3A1-455C-AC75-D7E90C9983EE} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {63273E66-DC21-4F59-99A5-6A53C79B5E96} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {68B9BCF9-1986-4BDE-A23C-32135F0929A4} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-11-30] ()
Task: {69F7916A-70C2-4898-8414-FC5CB36AD8C1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {6A596AF8-E666-45AB-939B-E553FD83FF1B} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {70637062-DC18-425E-AE37-B4AA5C44113A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7D286572-9A8E-44AF-A15B-1A6955F4BBDC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-03] (Google Inc.)
Task: {831FB78A-A096-4006-998E-9FB9AFBE0D57} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {93357560-2CD3-4F9E-9E01-12179707A1FB} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {95CF4079-9C3D-4335-B50A-3AFA122A03E8} - System32\Tasks\{6DDF7C85-E9A4-482B-8905-8345726CEC8A} => Chrome.exe hxxp://ui.skype.com/ui/0/7.15.0.102/fr/abandoninstall?source=lightinstaller&page=tsMain
Task: {B93A2461-7FDF-4112-B796-75DA19B35D64} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C3EE5D55-E77E-4BEB-804F-AF5E0575B223} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-06-01] (AVG Technologies CZ, s.r.o.)
Task: {D2A52D7B-457D-4F26-8BE4-20FC5E1384C1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-03] (Google Inc.)
Task: {D4A92B6C-03FC-48A6-8567-B3750CF4192C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {D76F1F42-D3C8-4816-8B45-E7486AF9DED2} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {ED056F24-4F09-4E0B-962F-AEDB747147B4} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {F1C8788E-19C1-4CC3-9D48-F8BCDAB5C307} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {F90636A8-2115-4F09-BE19-FD70F9F9ACF4} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F989AEF5-BCE8-4702-BF86-0603DCB557A8} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-02-14 21:10 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-11-28 11:34 - 2014-08-20 08:27 - 00242256 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2016-04-13 16:53 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-13 16:53 - 2016-03-29 11:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-24 16:20 - 2016-05-24 16:20 - 00959168 _____ () C:\Users\salamouna2\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-27 13:19 - 2016-05-27 13:19 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-04-14 16:04 - 2014-04-14 16:04 - 14407384 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2015-12-19 01:08 - 2015-12-19 01:08 - 00402344 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-02-18 19:41 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-04-13 16:50 - 2016-04-02 04:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-04-13 16:50 - 2016-04-02 04:26 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2016-07-03 18:28 - 2016-07-03 18:28 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-02-15 17:22 - 2016-02-15 17:22 - 03746816 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\Calculator.exe
2016-02-15 17:22 - 2016-02-15 17:22 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.49020.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-02-15 17:28 - 2016-02-15 17:29 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-04-13 16:51 - 2016-04-02 04:03 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-04-13 16:51 - 2016-04-02 03:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-04-13 16:52 - 2016-04-02 03:59 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-04-13 16:52 - 2016-04-02 04:02 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-04-14 16:41 - 2014-04-14 16:41 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-01-21 15:01 - 2015-01-21 15:01 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-05-24 16:20 - 2016-05-24 16:20 - 00679624 _____ () C:\Users\salamouna2\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-02-25 14:15 - 2015-02-25 14:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-03-09 22:49 - 2016-03-09 22:49 - 01114136 _____ () C:\Users\salamouna2\AppData\Roaming\Mozilla\Firefox\Profiles\e18oh439.default\extensions\support@lastpass.com\platform\WINNT_x86-msvc\components\lpxpcom.dll
2016-02-15 17:28 - 2016-02-15 17:29 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-15 17:28 - 2016-02-15 17:30 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-07-03 22:40 - 2016-06-02 05:32 - 01709976 _____ () C:\Users\salamouna2\AppData\Local\CentBrowser\Application\1.9.13.75\libglesv2.dll
2016-07-03 22:40 - 2016-06-02 05:32 - 00081816 _____ () C:\Users\salamouna2\AppData\Local\CentBrowser\Application\1.9.13.75\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [306]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\salamouna2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "XboxStat"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AvgUi"
HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1498194768-3071915256-2736199516-1001\...\StartupApproved\Run: => "Google Update"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FBD6C7A3-96F4-4BA4-B3A0-DA9CA91AF2A9}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{6A6F2BB9-29D3-463F-8090-3354FEBEC9BB}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{4699980F-073C-4303-BB42-625FBB00445A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{67DF7A49-CE12-4B54-85E4-E6A05882CA55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{325C551B-50D5-43E5-A3E9-D0FB8305BBDF}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{2C613F3F-7EB4-460A-ADB8-45F21E3892A5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1DDB1A23-CB54-43FF-A90B-C9B82F9630EE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{A8E3FC6C-B55C-4D30-87ED-B57C701C09BE}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [UDP Query User{22AF13E6-D352-409E-96ED-C05F607F6C4E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E4317E6F-6830-4DB9-B6E7-B8A4E53BEB29}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{1FA372BE-1393-4EC1-935B-65B4E3B604B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8FC7A131-1897-4E78-BD7A-A6AEA72CD200}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{104B4B33-A23A-4C0F-9163-C3EFBB452573}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{13C3B734-810C-4128-B1EC-3C6C20E20A50}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{AC680737-21CB-4946-B75C-8E811C15E7FF}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{BCDF1721-6407-467D-ACCA-4F6C7C376D7F}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{DCB5BA34-E321-49F3-BE47-BED2869B667F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7BB501D3-3084-49C0-B3E4-E4988455F65E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BFF0DB46-1C54-4110-B127-02B2900B9F9A}] => (Allow) LPort=8317
FirewallRules: [{3220E14A-35DC-4ECB-AB6B-A917CB044616}] => (Allow) C:\Users\salamouna2\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [TCP Query User{6F759F54-398C-4D55-89BC-FC71716758BC}E:\grand theft auto v\gta5.exe] => (Allow) E:\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{33D432F0-681A-4318-AB94-09B8314DCDAF}E:\grand theft auto v\gta5.exe] => (Allow) E:\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{BEDB0855-4D46-4752-853F-2E82CC21E8CD}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe
FirewallRules: [UDP Query User{9117BCA3-B01A-4217-8A9C-6181562CBB8F}C:\program files (x86)\youwave android\vb\vboxsdl.exe] => (Allow) C:\program files (x86)\youwave android\vb\vboxsdl.exe
FirewallRules: [{D8289F40-1115-438A-A064-7CF6CC203D6E}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
FirewallRules: [{6516A227-8220-46E8-9303-2DD7ECE9B5B6}] => (Allow) C:\Program Files\DriversCloud.com\MCDetection.exe
==================== Restore Points =========================
05-06-2016 18:00:39 Installed Splashtop Personal.
17-06-2016 14:10:21 Installed DirectX
30-06-2016 15:31:05 Removed Google Earth
01-07-2016 15:55:20 zoek.exe restore point
02-07-2016 14:17:45 JRT Pre-Junkware Removal
03-07-2016 19:20:23 Removed Google Talk Plugin
==================== Faulty Device Manager Devices =============
Name: Intel(R) Dynamic Platform and Thermal Framework Manager
Description: Intel(R) Dynamic Platform and Thermal Framework Manager
Class Guid: {c3077fcd-9c3c-482f-9317-460712f23efd}
Manufacturer: Intel
Service: esif_lf
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2016 11:31:39 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (07/04/2016 03:24:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (07/04/2016 03:24:50 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (07/03/2016 09:58:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Faulting module name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Exception code: 0xc0000409
Fault offset: 0x0000000000015953
Faulting process id: 0x12c8
Faulting application start time: 0xigfxHK.exe0
Faulting application path: igfxHK.exe1
Faulting module path: igfxHK.exe2
Report Id: igfxHK.exe3
Faulting package full name: igfxHK.exe4
Faulting package-relative application ID: igfxHK.exe5
Error: (07/03/2016 09:25:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Faulting module name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Exception code: 0xc0000409
Fault offset: 0x0000000000015953
Faulting process id: 0x14e8
Faulting application start time: 0xigfxHK.exe0
Faulting application path: igfxHK.exe1
Faulting module path: igfxHK.exe2
Report Id: igfxHK.exe3
Faulting package full name: igfxHK.exe4
Faulting package-relative application ID: igfxHK.exe5
Error: (07/03/2016 07:20:39 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Access is denied.
.
Error: (07/03/2016 07:12:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Faulting module name: igfxHK.exe, version: 6.15.10.4331, time stamp: 0x564cc83e
Exception code: 0xc0000409
Fault offset: 0x0000000000015953
Faulting process id: 0x8d0
Faulting application start time: 0xigfxHK.exe0
Faulting application path: igfxHK.exe1
Faulting module path: igfxHK.exe2
Report Id: igfxHK.exe3
Faulting package full name: igfxHK.exe4
Faulting package-relative application ID: igfxHK.exe5
Error: (07/03/2016 05:56:03 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 2472. Message ID: [0x2509].
Error: (07/03/2016 05:52:47 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: rdyboost4
Error: (07/03/2016 05:52:00 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
System errors:
=============
Error: (07/04/2016 03:32:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:32:42 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2016 03:32:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:32:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2016 03:32:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:32:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2016 03:26:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:26:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
Error: (07/04/2016 03:26:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error:
%%1275 = This driver has been blocked from loading
Error: (07/04/2016 03:26:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SALAMO~1\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-06-06 12:51:16.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-22 23:00:23.942
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-05-07 22:20:07.456
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-04-18 13:00:13.480
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-26 17:29:32.966
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-26 15:03:26.238
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-26 14:59:42.972
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-26 14:24:45.287
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-15 23:33:08.927
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-15 23:24:15.118
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Percentage of memory in use: 64%
Total physical RAM: 8091.35 MB
Available physical RAM: 2861.59 MB
Total Virtual: 11737.38 MB
Available Virtual: 6671.43 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:345.23 GB) (Free:183.16 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:585.94 GB) (Free:387.64 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 12395357)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=345.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================