Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-02-2016 Ran by annec (2016-02-08 14:22:12) Running from C:\Users\annec\Desktop Windows 10 Home (X64) (2015-12-21 05:55:12) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1066726579-3371513651-2449260020-500 - Administrator - Disabled) annec (S-1-5-21-1066726579-3371513651-2449260020-1001 - Administrator - Enabled) => C:\Users\annec DefaultAccount (S-1-5-21-1066726579-3371513651-2449260020-503 - Limited - Disabled) Guest (S-1-5-21-1066726579-3371513651-2449260020-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: 电脑管家系统防护 (Enabled - Up to date) {6F9C3F92-B625-0E47-F0B1-447602EC65F5} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: 电脑管家系统防护 (Enabled - Up to date) {D4FDDE76-901F-01C9-CA01-7F04796B2F48} AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB} FW: McAfee Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - ) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0.1 - Adobe Systems Incorporated) AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.4.0 - SlySoft) Apple Application Support (32-bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team) AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.6 - GPL Public release.) AviSynth+ 0.1.0 r1825 (HKLM-x32\...\{AC78780F-BACA-4805-8D4F-AE1B52B7E7D3}_is1) (Version: 0.1.0.1825 - The Public) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Camtasia Studio 8 (HKLM-x32\...\{A2A41B60-D51F-4C04-BC94-B4C94F7B6DC0}) (Version: 8.6.0.2054 - TechSmith Corporation) CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.5 - Globalscape) CyberLink Media Suite Essentials (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 12 - CyberLink Corp.) Dell Customer Connect (HKLM-x32\...\{124DE80C-9BFE-4D04-A8D9-69C5019DEEBF}) (Version: 1.3.28.0 - Dell Inc.) Dell Data Vault (Version: 4.3.7.0 - Dell Inc.) Hidden Dell Digital Delivery (HKLM-x32\...\{AB7F2792-2ED1-4C5C-9F28-680E5110BF72}) (Version: 3.1.1018.0 - Dell Products, LP) Dell Foundation Services (HKLM\...\{91E2DDB6-DC13-4585-8A10-04C6AB6F87A4}) (Version: 3.1.1900.0 - Dell Inc.) Dell Help & Support (HKLM-x32\...\InstallShield_{A00269ED-FD88-4907-834B-60B70DCE82C5}) (Version: 2.0.366.0 - Dell Inc.) Dell Help & Support (Version: 2.0.366.0 - Dell Inc.) Hidden Dell Power Manager Lite (HKLM-x32\...\InstallShield_{BF1F9D57-57A1-4E87-A8E8-41F2B2AD6F53}) (Version: 1.0.0.3 - Compal Inc.) Dell Power Manager Lite (x32 Version: 1.0.0.3 - Compal Inc.) Hidden Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.2.6745.47 - Dell) Dell SupportAssistAgent (HKLM-x32\...\{A62A2F03-3006-40CA-A3FA-C1086B2FEF5D}) (Version: 1.2.0.94 - Dell) Dell Update (HKLM-x32\...\{DB82968B-57A4-4397-81A5-ECAB21B5DFCD}) (Version: 1.7.1015.0 - Dell Inc.) Dropbox 20 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.) DVDFab 9.2.1.5 (28/09/2015) (HKLM-x32\...\DVDFab 9_is1) (Version: - Fengtao Software Inc.) EPSON XP-302 303 305 306 Series Printer Uninstall (HKLM\...\EPSON XP-302 303 305 306 Series) (Version: - SEIKO EPSON Corporation) ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - ) FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - ) FileZilla Client 3.14.0 (HKLM-x32\...\FileZilla Client) (Version: 3.14.0 - Tim Kosse) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Grand Ages: Medieval (HKLM\...\R3JhbmRBZ2VzTWVkaWV2YWw=_is1) (Version: 1 - ) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) HandBrake 0.10.2 (HKLM-x32\...\HandBrake) (Version: 0.10.2 - ) Herramientas de corrección de Microsoft Office 2016: español (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.12.253 - SurfRight B.V.) HP Photosmart 5520 series Basic Device Software (HKLM\...\{68C0736C-3E47-43A6-B14D-236BEF198A5F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Icaros 2.3.0 (HKLM\...\Icaros_is1) (Version: 2.3.0.0 - Tabibito Technology) Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4240 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation) Intel(R) WiDi (HKLM\...\{76FAF7E1-52D0-49F7-A627-E78303F9C7EF}) (Version: 6.0.39.0 - Intel Corporation) Intel(R) WiDi Software Asset Manager (x32 Version: 1.1.347 - Intel Corporation) Hidden Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{4544164b-edf0-455c-b150-bed7109d751e}) (Version: 18.11.0 - Intel Corporation) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - ) LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) MakeMKV v1.9.5 (HKLM-x32\...\MakeMKV) (Version: v1.9.5 - GuinpinSoft inc) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Maxx Audio Installer (x64) (Version: 2.6.6168.9 - Waves Audio Ltd.) Hidden McAfee LiveSafe – Internet Security (HKLM-x32\...\MSC) (Version: 14.0.6136 - McAfee, Inc.) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.141 - McAfee, Inc.) MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation) Microsoft Office Professionnel Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft) Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version: - ) MKVToolNix 8.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 8.4.0 - Moritz Bunkus) Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation) NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Outils de vérification linguistique 2016 de Microsoft Office - Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden Plex Home Theater (HKLM-x32\...\Plex Home Theater) (Version: 1.4.1 - Plex inc) Plex Media Server (HKLM-x32\...\{5a054eae-1147-460c-990a-0859dc73c194}) (Version: 0.9.1213 - Plex, Inc.) Plex Media Server (x32 Version: 0.9.1213 - Plex, Inc.) Hidden Product Registration (HKLM-x32\...\InstallShield_{B96204EB-3051-4B4F-9534-ED13FE7095D1}) (Version: 2.2.27.0 - Dell Inc.) Product Registration (Version: 2.2.27.0 - Dell Inc.) Hidden RAD Video Tools (HKLM-x32\...\RADVideo) (Version: - ) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7544 - Realtek Semiconductor Corp.) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Subtitle Edit 3.4.11 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.11.0 - Nikse) Taalprogramma's voor Microsoft Office 2016 - Nederlands (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VPNAutoconnect (HKLM-x32\...\{AF4EA8A0-3F78-481D-9C7A-0F47C43E3B26}) (Version: 1.15 - globalip) WebOptimum (x32 Version: 1.0.0.0 - bscodecs.com) Hidden Windows Movie Maker 6.1 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2557A92C7}}_is1) (Version: - windows-movie-maker.org) WinRAR 5.30 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.4 - win.rar GmbH) X2Go Client for Windows (HKLM-x32\...\x2goclient) (Version: 4.0.5.0-2015.07.31 - X2Go Project) XMedia Recode version 3.2.8.4 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.8.4 - XMedia Recode) ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman) 电脑管家11.3 (HKLM-x32\...\QQPCMgr) (Version: 11.3.17207.222 - 腾讯科技(深圳)有限公司) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1066726579-3371513651-2449260020-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-AB6B3328B9C6}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File CustomCLSID: HKU\S-1-5-21-1066726579-3371513651-2449260020-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\annec\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1066726579-3371513651-2449260020-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net) CustomCLSID: HKU\S-1-5-21-1066726579-3371513651-2449260020-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {04956B34-E04C-4B63-A06A-04EE1FBA2A7E} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] () Task: {06D634D8-7F51-41C3-ADE3-CB0C9E91D402} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-04-28] (Realtek Semiconductor) Task: {17F70CE6-9B3F-4586-9C2C-61DB469FCCE8} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLVDLauncher.exe [2015-01-29] (CyberLink Corp.) Task: {2D069AF7-DC2C-4F5D-9872-96882BD5D1CF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-12-29] (PC-Doctor, Inc.) Task: {41D4CB34-7A12-43A2-8537-FAA01DFE96F7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.) Task: {598B8C52-4487-4094-AF0D-D68E92BACEA3} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\platform\McUICnt.exe [2015-11-02] (McAfee, Inc.) Task: {619D523D-4D7C-4174-B11A-C7667C2FF13A} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent Task: {713AC88A-4DD5-4417-88E8-64D158F2905A} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe Task: {7E2054CA-3471-407A-BDFD-6A4881809408} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-17] (Microsoft Corporation) Task: {8276276B-E3AF-4A4D-90A3-9FA14AC0B32A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvc_P2G8.exe [2015-05-07] (CyberLink) Task: {93844436-FEF1-4CC6-A6E6-E74AC5B4DC9E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-05] (Google Inc.) Task: {A14B1D23-CE6B-4945-89F6-B6C4911B3E2A} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {AB45850C-9AB1-4F22-BBAA-0F5AF8B7C584} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation) Task: {AE23BE56-250F-4F10-A9D3-A688D79D7ED8} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation) Task: {B0CD905C-8F52-4DD2-B988-3BBCD92DB732} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-12-29] (PC-Doctor, Inc.) Task: {B85BD321-D4BC-4153-9F2B-1350F70FA11C} - System32\Tasks\PCDDataUploadTask => uaclauncher.exe Task: {BCBBD510-891B-4159-A03E-4857E5105F42} - System32\Tasks\IntelWiDi-Upgrade-91ba0caa-28a7-4f47-8d08-f71b4b10fbec-Logon => C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-06-17] (Intel Corporation) Task: {C4A40EC2-FD8D-488B-8D4B-9DE9C2421EE7} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2016-01-12] (Dell Inc.) Task: {C9669157-C00C-4DB8-942E-74F4C2E48F10} - System32\Tasks\McAfee\McAfee Idle Detection Task Task: {DC4EF1BA-B61A-466F-9F4C-7D83B7BDD5B1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {DC50C3E4-F0EF-42B6-A425-F093852385DA} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2015-06-05] (Intel Corporation) Task: {F0E07CC8-3CAF-419D-8311-3D4EC0621B07} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation) Task: {FD5BDC33-44BF-4C8D-BFE7-B298226F85B3} - System32\Tasks\Intel Security DAT Reputation (AMCore) Post DAT update endpoint safety pulse => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\21.0\mcdatrep.exe [2015-12-07] (McAfee, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Dell Product Registration.job => \ pco 0F cmd /c sc start Dell Product Registration WORKGROUP ANNEPC Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\RunDLC.job => cmd c sc start Dell Help Support WORKGROUP ANNEPC ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 07:18 - 2015-10-30 07:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-21 05:26 - 2015-07-23 01:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-12-21 13:17 - 2015-12-21 13:17 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-21 13:17 - 2015-12-21 13:17 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2015-09-16 12:12 - 2015-09-16 12:12 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-09-23 09:49 - 2014-04-15 01:59 - 00253776 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe 2015-12-21 13:54 - 2015-12-07 04:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-21 13:54 - 2015-12-07 04:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-14 07:10 - 2016-01-05 01:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-14 07:10 - 2016-01-05 01:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-28 17:26 - 2016-01-16 05:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-28 17:26 - 2016-01-16 05:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-09-23 10:18 - 2015-06-30 19:26 - 00395368 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-08-24 15:32 - 2015-08-24 15:32 - 00049864 _____ () C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe 2016-01-22 02:10 - 2016-01-22 02:10 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-01-13 14:59 - 2016-01-13 14:59 - 00173056 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.7.1041.0_x64__8wekyb3d8bbwe\CellNativeClientUniversal.dll 2015-10-05 12:23 - 2015-10-05 12:24 - 04485808 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.7.1041.0_x64__8wekyb3d8bbwe\Microsoft.Advertising.dll 2015-10-05 12:23 - 2015-10-05 12:24 - 07502848 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.7.1041.0_x64__8wekyb3d8bbwe\Microsoft.Xbox.Services.dll 2015-10-05 12:23 - 2015-10-05 12:24 - 01384960 _____ () C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_3.7.1041.0_x64__8wekyb3d8bbwe\cpprest140_uwp_2_6.dll 2015-07-31 04:35 - 2015-07-31 04:35 - 06077440 _____ () C:\Program Files (x86)\x2goclient\x2goclient.exe 2015-07-31 04:37 - 2015-07-31 04:37 - 00038090 _____ () C:\Program Files (x86)\x2goclient\x2gohelper.exe 2015-07-26 16:06 - 2015-07-26 16:06 - 02901504 _____ () C:\Program Files (x86)\x2goclient\vcxsrv\vcxsrv.exe 2015-04-25 18:51 - 2015-04-25 18:51 - 00070626 _____ () C:\Program Files (x86)\x2goclient\pulse\pulseaudio.exe 2015-04-25 20:27 - 2015-04-25 20:27 - 00008718 _____ () C:\Program Files (x86)\x2goclient\nxproxy.exe 2015-10-06 21:29 - 2014-08-26 21:31 - 00034952 _____ () C:\Program Files\GIMP 2\bin\libgimpmodule-2.0-0.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 00049944 _____ () C:\Program Files\GIMP 2\bin\libgimpthumb-2.0-0.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 01235520 _____ () C:\Program Files\GIMP 2\bin\libgimpwidgets-2.0-0.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 00099504 _____ () C:\Program Files\GIMP 2\bin\libgimpbase-2.0-0.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 00066968 _____ () C:\Program Files\GIMP 2\bin\libgimpcolor-2.0-0.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 00076648 _____ () C:\Program Files\GIMP 2\bin\libgimpconfig-2.0-0.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 00038184 _____ () C:\Program Files\GIMP 2\bin\libgimpmath-2.0-0.dll 2015-10-06 21:29 - 2014-06-01 14:13 - 00128667 _____ () C:\Program Files\GIMP 2\bin\libbabl-0.1-0.dll 2015-10-06 21:29 - 2014-09-02 22:24 - 00888927 _____ () C:\Program Files\GIMP 2\bin\libcairo-2.dll 2015-10-06 21:29 - 2014-08-26 22:55 - 00305936 _____ () C:\Program Files\GIMP 2\bin\libfontconfig-1.dll 2015-10-06 21:29 - 2014-07-19 23:13 - 00517646 _____ () C:\Program Files\GIMP 2\bin\libfreetype-6.dll 2015-10-06 21:29 - 2014-08-26 03:32 - 00420225 _____ () C:\Program Files\GIMP 2\bin\libgegl-0.2-0.dll 2015-10-06 21:29 - 2014-08-25 18:42 - 00079494 _____ () C:\Program Files\GIMP 2\bin\libgcc_s_seh-1.dll 2015-10-06 21:29 - 2014-08-25 18:19 - 01250734 _____ () C:\Program Files\GIMP 2\bin\libxml2-2.dll 2015-10-06 21:29 - 2014-08-25 18:25 - 00283703 _____ () C:\Program Files\GIMP 2\bin\libjasper-1.dll 2015-10-06 21:29 - 2014-08-25 18:21 - 00216038 _____ () C:\Program Files\GIMP 2\bin\libjpeg-8.dll 2015-10-06 21:29 - 2014-08-25 18:17 - 00217205 _____ () C:\Program Files\GIMP 2\bin\libpng16-16.dll 2015-10-06 21:29 - 2014-08-25 18:28 - 00434527 _____ () C:\Program Files\GIMP 2\bin\libtiff-5.dll 2015-10-06 21:29 - 2014-09-02 22:26 - 00682192 _____ () C:\Program Files\GIMP 2\bin\libpixman-1-0.dll 2015-10-06 21:29 - 2014-06-01 13:14 - 00089673 _____ () C:\Program Files\GIMP 2\bin\zlib1.dll 2015-10-06 21:29 - 2014-07-17 15:20 - 00032063 _____ () C:\Program Files\GIMP 2\bin\libffi-6.dll 2015-10-06 21:29 - 2014-08-25 18:49 - 00318797 _____ () C:\Program Files\GIMP 2\bin\libharfbuzz-0.dll 2015-10-06 21:29 - 2014-09-02 20:38 - 00077256 _____ () C:\Program Files\GIMP 2\lib\gtk-2.0\2.10.0\engines\libwimp.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 00035744 _____ () C:\Program Files\GIMP 2\lib\gimp\2.0\modules\libdisplay-filter-lcms.dll 2015-10-06 21:29 - 2014-08-25 18:36 - 00313443 _____ () C:\Program Files\GIMP 2\bin\liblcms2-2.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00143891 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 02750483 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00618515 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00079379 _____ () C:\Program Files\VideoLAN\VLC\libgcc_s_seh-1.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00038419 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 12272659 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 01478163 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00083987 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00075795 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 02479123 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00111123 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00259603 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00083475 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00051731 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00066579 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00672275 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00825363 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00132627 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00047635 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 01420819 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00323091 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00345619 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 01513491 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00837139 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00331795 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00025107 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00042003 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00048659 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00430099 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00031251 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00020499 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00192019 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 01805331 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00418835 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00027667 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00455699 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00127507 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 14624275 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 01597459 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00341523 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00887315 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00043027 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00030227 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00751635 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00033811 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00123923 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00059923 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00038931 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00052243 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00045587 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll 2015-04-16 14:15 - 2015-04-16 14:15 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00026643 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00141331 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00188947 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00083987 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 01507859 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00029203 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00022035 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdrawable_plugin.dll 2015-04-16 14:16 - 2015-04-16 14:16 - 00043539 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 00144976 _____ () C:\Program Files\GIMP 2\bin\libgimpui-2.0-0.dll 2015-10-06 21:29 - 2014-08-26 21:31 - 00240352 _____ () C:\Program Files\GIMP 2\bin\libgimp-2.0-0.dll 2016-02-08 13:01 - 2016-02-08 13:01 - 08551424 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.680.4.0_x86__kgqvnymyfvs32\candycrushsaga.exe 2016-02-08 02:52 - 2016-02-08 02:52 - 00108896 ____N () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QMAntiInject.dll 2016-02-08 02:52 - 2016-02-08 02:52 - 00088416 ____N () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\zlib.dll 2016-02-08 02:52 - 2016-02-08 02:52 - 00481632 ____N () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\sqlite.dll 2016-02-08 02:52 - 2016-02-08 02:52 - 00100704 ____N () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\tinyxml.dll 2016-02-08 02:52 - 2016-02-08 02:52 - 00039776 ____N () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\plugins\sysspeeduprtpplugin\SysSpeedupRtpPlugin.dll 2016-02-08 02:52 - 2016-02-08 02:52 - 00063840 ____N () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\plugins\qmiemalrtpplugin\qmiemalrtpplugin.dll 2016-02-08 02:52 - 2016-02-08 02:52 - 00019296 ____N () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\oDayProtect.dll 2016-02-08 02:52 - 2016-02-08 02:52 - 00121184 ____N () c:\program files (x86)\tencent\qqpcmgr\11.3.17207.222\qmrtpcontroller.dll 2016-02-08 02:52 - 2016-02-08 02:52 - 00108896 ____N () C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\TavPedc.dll 2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll 2015-09-23 09:48 - 2014-12-08 07:28 - 00627672 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMediaLibrary.dll 2014-12-08 22:28 - 2014-12-08 22:28 - 00016856 _____ () C:\Program Files (x86)\CyberLink\CyberLink Media Suite\Power2Go8\CLMLSvcPS.dll 2015-06-23 23:26 - 2015-06-23 23:26 - 00155888 _____ () c:\Program Files (x86)\Dell Digital Delivery\ServiceTagPlusPlus.dll 2015-06-24 08:07 - 2015-06-24 08:07 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-01-22 02:10 - 2016-01-22 02:10 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 02:10 - 2016-01-22 02:10 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-02-05 00:09 - 2016-02-03 07:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll 2016-02-05 00:09 - 2016-02-03 07:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll 2014-03-07 18:56 - 2014-03-07 18:56 - 00117262 _____ () C:\Program Files (x86)\x2goclient\libgcc_s_dw2-1.dll 2015-05-16 10:43 - 2015-05-16 10:43 - 00608152 _____ () C:\Program Files (x86)\x2goclient\libssh.dll 2014-03-07 18:56 - 2014-03-07 18:56 - 00970766 _____ () C:\Program Files (x86)\x2goclient\libstdc++-6.dll 2013-05-13 18:42 - 2013-05-13 18:42 - 00107520 _____ () C:\Program Files (x86)\x2goclient\zlib1.dll 2015-07-26 15:55 - 2015-07-26 15:55 - 00864256 _____ () C:\Program Files (x86)\x2goclient\vcxsrv\libX11.dll 2015-07-26 15:55 - 2015-07-26 15:55 - 00053760 _____ () C:\Program Files (x86)\x2goclient\vcxsrv\libxcb.dll 2015-07-26 15:53 - 2015-07-26 15:53 - 00009216 _____ () C:\Program Files (x86)\x2goclient\vcxsrv\libXau.dll 2015-07-26 15:51 - 2015-07-26 15:51 - 00068608 _____ () C:\Program Files (x86)\x2goclient\vcxsrv\zlib1.dll 2015-04-25 18:51 - 2015-04-25 18:51 - 00413946 _____ () C:\Program Files (x86)\x2goclient\pulse\libpulsecommon-6.0.dll 2015-04-25 18:51 - 2015-04-25 18:51 - 00600771 _____ () C:\Program Files (x86)\x2goclient\pulse\libpulsecore-6.0.dll 2015-04-25 18:51 - 2015-04-25 18:51 - 00321167 _____ () C:\Program Files (x86)\x2goclient\pulse\libpulse-0.dll 2015-04-25 00:06 - 2015-04-25 00:06 - 00043605 _____ () C:\Program Files (x86)\x2goclient\pulse\libltdl-7.dll 2015-04-25 00:12 - 2015-04-25 00:12 - 00468451 _____ () C:\Program Files (x86)\x2goclient\pulse\liborc-0.4-0.dll 2015-04-24 22:39 - 2015-04-24 22:39 - 00460421 _____ () C:\Program Files (x86)\x2goclient\pulse\libsndfile-1.dll 2015-04-24 23:14 - 2015-04-24 23:14 - 00118500 _____ () C:\Program Files (x86)\x2goclient\pulse\libspeexdsp-1.dll 2015-04-25 00:04 - 2015-04-25 00:04 - 00059415 _____ () C:\Program Files (x86)\x2goclient\pulse\libjson-c-2.dll 2015-04-24 20:20 - 2015-04-24 20:20 - 00098350 _____ () C:\Program Files (x86)\x2goclient\pulse\libgcc_s_sjlj-1.dll 2015-04-24 21:51 - 2015-04-24 21:51 - 00364289 _____ () C:\Program Files (x86)\x2goclient\pulse\libFLAC-8.dll 2015-04-24 19:36 - 2015-04-24 19:36 - 00026409 _____ () C:\Program Files (x86)\x2goclient\pulse\libogg-0.dll 2015-04-24 21:26 - 2015-04-24 21:26 - 00169049 _____ () C:\Program Files (x86)\x2goclient\pulse\libvorbis-0.dll 2015-04-24 21:26 - 2015-04-24 21:26 - 01523972 _____ () C:\Program Files (x86)\x2goclient\pulse\libvorbisenc-2.dll 2015-04-24 18:52 - 2015-04-24 18:52 - 00017392 _____ () C:\Program Files (x86)\x2goclient\pulse\libpcreposix-0.dll 2015-04-24 18:52 - 2015-04-24 18:52 - 00159925 _____ () C:\Program Files (x86)\x2goclient\pulse\libpcre-1.dll 2015-04-25 18:51 - 2015-04-25 18:51 - 00020045 _____ () C:\Program Files (x86)\x2goclient\pulse\module-native-protocol-tcp.dll 2015-04-25 18:51 - 2015-04-25 18:51 - 00135200 _____ () C:\Program Files (x86)\x2goclient\pulse\libprotocol-native.dll 2015-04-25 18:51 - 2015-04-25 18:51 - 00019352 _____ () C:\Program Files (x86)\x2goclient\pulse\module-esound-protocol-tcp.dll 2015-04-25 18:51 - 2015-04-25 18:51 - 00061274 _____ () C:\Program Files (x86)\x2goclient\pulse\libprotocol-esound.dll 2015-04-25 18:51 - 2015-04-25 18:51 - 00034979 _____ () C:\Program Files (x86)\x2goclient\pulse\module-waveout.dll 2015-04-25 20:24 - 2015-04-25 20:24 - 01425184 _____ () C:\Program Files (x86)\x2goclient\cygXcomp.dll 2014-12-30 01:20 - 2014-12-30 01:20 - 00285735 _____ () C:\Program Files (x86)\x2goclient\cygjpeg-8.dll 2015-04-13 18:47 - 2015-04-13 18:47 - 00200221 _____ () C:\Program Files (x86)\x2goclient\cygpng16-16.dll 2014-11-19 22:57 - 2014-11-19 22:57 - 00084519 _____ () C:\Program Files (x86)\x2goclient\cygz.dll 2015-03-03 18:07 - 2015-03-03 18:07 - 00965149 _____ () C:\Program Files (x86)\x2goclient\cygstdc++-6.dll 2015-02-24 01:05 - 2015-02-24 01:05 - 00109597 _____ () C:\Program Files (x86)\x2goclient\cyggcc_s-1.dll 2016-02-08 13:01 - 2016-02-08 13:01 - 01602560 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.680.4.0_x86__kgqvnymyfvs32\LIBEAY32.dll 2015-10-18 19:09 - 2015-10-18 19:11 - 00097944 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.680.4.0_x86__kgqvnymyfvs32\libEGL.dll 2015-10-18 19:09 - 2015-10-18 19:11 - 02303640 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.680.4.0_x86__kgqvnymyfvs32\libGLESv2.dll 2016-02-08 13:01 - 2016-02-08 13:01 - 00255488 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.680.4.0_x86__kgqvnymyfvs32\curl.dll 2016-02-08 13:01 - 2016-02-08 13:03 - 00479232 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.680.4.0_x86__kgqvnymyfvs32\SSLEAY32.dll 2015-10-06 16:29 - 2015-10-06 16:39 - 00066560 _____ () C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.680.4.0_x86__kgqvnymyfvs32\zlib.dll 2016-02-05 00:09 - 2016-02-03 07:27 - 16799048 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-12-21 14:05 - 2016-02-08 00:55 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1066726579-3371513651-2449260020-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\annec\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\bluelava_1112000xx_inspiron_wallpaper58095_16x9_72dpi_rgb.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{890BD53C-18B1-4D54-A92A-22E6FEBE8581}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8B5C5F1F-9549-42ED-B1CB-18E22F0BFA67}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{61F3BA34-41BE-449F-A46E-29EF049F670A}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{02073E33-E2D5-4061-BDA2-8FBC810CD0C9}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe FirewallRules: [{AF38E7E6-BA73-4D9D-98F1-7033DFD2B3AA}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe FirewallRules: [{AA12CC76-2A34-4F99-884B-70AF9C0D10BA}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe FirewallRules: [{E000C593-CECB-40B5-AEB7-D3EE2991D57E}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe FirewallRules: [{1ECC1CA8-1AB7-4639-99B7-FE17029DDA01}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe FirewallRules: [{2C8F99DF-1AF8-4527-A7AA-3C48619A6CFE}] => (Allow) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe FirewallRules: [{AF376473-5E83-4D81-8D3B-E904C283ED70}] => (Allow) C:\Program Files (x86)\MakeMKV\makemkv.exe FirewallRules: [{10E35EA9-9165-4DF7-8595-622A5C8D9D98}] => (Allow) C:\Program Files (x86)\MakeMKV\makemkv.exe FirewallRules: [{01A79CE1-9028-443C-BB5C-CB1F8621BD90}] => (Allow) C:\Program Files (x86)\MakeMKV\makemkv.exe FirewallRules: [{9D983A4D-2072-456F-B8E6-9E9DF779DC0E}] => (Allow) C:\Program Files (x86)\MakeMKV\makemkv.exe FirewallRules: [UDP Query User{9CBFAB5D-AE73-4CB7-99BE-19C0AA9D2B9C}C:\program files\grand ages medieval\grandagesmedieval.exe] => (Allow) C:\program files\grand ages medieval\grandagesmedieval.exe FirewallRules: [TCP Query User{E8DDABE8-71CD-47AD-8DA7-D2C0F904FDFB}C:\program files\grand ages medieval\grandagesmedieval.exe] => (Allow) C:\program files\grand ages medieval\grandagesmedieval.exe FirewallRules: [{21F942DD-2105-48B5-BA29-CA77D475FC06}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{3AE2A304-0BAD-4B5D-8A6C-49E4F4802C97}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe FirewallRules: [{502E261D-E3CA-4CB4-99FB-AC1603293A86}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{00E63866-13A4-43BE-A4E7-A7217859E3C3}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe FirewallRules: [{29DB13F6-7AAA-468A-BF9E-7AFAD11551FE}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{1ACBE218-7EDB-417F-B1F1-D7289A46D5C8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0C8FD41A-244A-4DC7-8340-1AD131109AFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{ED25D1CF-8F06-4A4A-A4D9-F4C992FE495D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{8A56F992-AC85-4502-BE17-31FD428DFB6E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{71EE83C9-7AB5-4266-9949-52B15A941B3E}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexDlnaServer.exe FirewallRules: [{C578E89E-AFAB-4E62-A06A-EFB6FA7E28D9}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe FirewallRules: [{35281CB9-5CE3-4576-883B-B482800A12BB}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe FirewallRules: [{BF98CC84-11EF-480C-A375-DD9B75195BB1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{2EFE913E-2327-41CA-BCF7-D89D744F8D6E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{8A489F51-0DB0-4B33-B22E-B1913246A690}C:\program files (x86)\plex home theater\plex home theater.exe] => (Allow) C:\program files (x86)\plex home theater\plex home theater.exe FirewallRules: [TCP Query User{C09EC280-3363-4F7E-8B95-F68E48E110AD}C:\program files (x86)\plex home theater\plex home theater.exe] => (Allow) C:\program files (x86)\plex home theater\plex home theater.exe FirewallRules: [{C4A8AA8D-A346-435F-AD5E-520090542E05}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{A8A260D3-44E6-4736-BAA8-9084B7816929}C:\program files (x86)\x2goclient\x2goclient.exe] => (Allow) C:\program files (x86)\x2goclient\x2goclient.exe FirewallRules: [TCP Query User{18907021-9E68-491D-8D70-06C78BA9D06E}C:\program files (x86)\x2goclient\x2goclient.exe] => (Allow) C:\program files (x86)\x2goclient\x2goclient.exe FirewallRules: [UDP Query User{3A8F0934-E2B9-4FD2-BEA7-7FB0A3E47B24}C:\program files (x86)\x2goclient\pulse\pulseaudio.exe] => (Allow) C:\program files (x86)\x2goclient\pulse\pulseaudio.exe FirewallRules: [TCP Query User{E835A2B3-2A8A-450F-B787-342347841AF3}C:\program files (x86)\x2goclient\pulse\pulseaudio.exe] => (Allow) C:\program files (x86)\x2goclient\pulse\pulseaudio.exe FirewallRules: [UDP Query User{3051B7CC-5D52-4FB1-A4C9-5826735D9D9E}C:\program files (x86)\x2goclient\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\x2goclient\vcxsrv\vcxsrv.exe FirewallRules: [TCP Query User{EE57E998-E6F5-4703-8D72-92D29895AA53}C:\program files (x86)\x2goclient\vcxsrv\vcxsrv.exe] => (Allow) C:\program files (x86)\x2goclient\vcxsrv\vcxsrv.exe FirewallRules: [{0A0ED91C-0E08-42B8-8DE2-3EC8687E3B9F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{F98B4C10-9A4A-47E6-81A6-2F16BD4122CD}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe FirewallRules: [{F4C9443C-8841-4209-83AE-D4478874183E}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\SmartAgentTest.exe FirewallRules: [{9E875310-4EDE-44AD-91B6-7C63EEC52E56}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\Next\WirelessDisplay.exe FirewallRules: [{E2E05979-7B47-4D64-884B-2839007A2236}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiAppOld.exe FirewallRules: [{2215955A-493A-431B-8DE1-D9E6E41780BF}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{0ADA7FA1-4771-4CD0-95B0-0DD69D13A501}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{87D499D4-7925-442D-B61C-41A75E7C076E}] => (Allow) C:\Program Files (x86)\CyberLink\CyberLink Media Suite\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe FirewallRules: [{6CFBF0FF-57AA-4173-B8C9-45BE2CDA61CD}] => (Allow) LPort=8317 FirewallRules: [{4271D076-0FDF-4FBF-A363-9D8CAE833EF7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{DB56AD30-BF2B-49F7-B46A-C2D954823259}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{C7053134-9E41-4167-A79C-663F1D588E0A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{F351C0B4-3EB6-4A11-9FC7-D0F1AC23F3D2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMDL.exe FirewallRules: [{F66849B0-1C18-4462-B58D-04DE8957BEA8}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\bugreport.exe FirewallRules: [{1779808B-D0BA-424F-996F-07A5B99E8A4A}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCFileOpen.exe FirewallRules: [{5D3BBD9E-C998-4103-8AF7-C2F0225AF37B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCLeakScan.exe FirewallRules: [{3A105EBE-7DB1-42A7-B209-1C752C1B8323}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPConfig.exe FirewallRules: [{03C654BD-D67A-46B4-BE41-45F436BB9FF3}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCSoftMgr.exe FirewallRules: [{5826AFB8-9D30-4835-AB19-56EBA4022FDF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{471C100D-A375-46E0-8936-9E42408BF717}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCBTU.exe FirewallRules: [{672175EF-D15F-4551-920E-81FD84C47253}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCClinic.exe FirewallRules: [{0A777F1B-1727-41B0-8EC0-120BD1390FDF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCLaunch.exe FirewallRules: [{581939D8-A5EA-4447-9007-9D0A3520B1A1}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{80EE2AD1-1029-4431-B007-A18D1CA9EE6F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCSoftGame.exe FirewallRules: [{A770ED7E-0AD8-4823-B449-FE8B2EB73070}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCSysOptimize.exe FirewallRules: [{A0C5CAE2-EC54-4A73-A89F-6DE7CA611690}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCUpdateAVLib.exe FirewallRules: [{211B83EE-A6F6-4462-9755-8D374612AF53}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQRepair.exe FirewallRules: [{8B80B293-05FB-4A77-8AB4-4E55E564B7D9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QQPCPatch.exe FirewallRules: [{4AC8E2E5-51F3-4BAD-A8D6-A7073054F917}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\TpkUpdate.exe FirewallRules: [{ED20DE89-7DD6-4B96-82B3-A9BC78151883}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMRouterMgr.exe FirewallRules: [{F093F15F-5784-419E-B94D-41FDA5CB9725}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMAccountProtection.exe FirewallRules: [{C318904A-B391-4FBD-886D-CC63F2BC87D2}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.1.16923.222\QMAdBlock.exe FirewallRules: [{C60914B4-6D51-49D8-B78D-C5FF3C664906}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCmgrInstallGuide.exe FirewallRules: [{2D1431BC-890F-4305-AE9C-5FE8496B2576}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCTray.exe FirewallRules: [{E165F128-15CF-4505-BDC7-A3BB90D9FD01}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCMgr.exe FirewallRules: [{9024D764-B65B-456C-BE7C-F2A2AD636EE8}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCRTP.exe FirewallRules: [{090744E7-7890-4778-8372-13A0B033B54C}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QMDL.exe FirewallRules: [{26131261-4E71-488D-9226-309918C4C603}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\bugreport.exe FirewallRules: [{BB318AEF-EDDC-4C91-86AA-0446308A08F6}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCFileOpen.exe FirewallRules: [{E8E95816-66AA-42FA-9DAB-A01D77FCD29F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCLeakScan.exe FirewallRules: [{085500FB-F208-4370-9B8F-60B57D901795}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPConfig.exe FirewallRules: [{C511606E-084D-4E96-930A-9DEA84F36A54}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCSoftMgr.exe FirewallRules: [{500B78A0-B60C-49DD-A05D-28AEA3488C56}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\plugins\QMNetMon\QQPCNetFlow.exe FirewallRules: [{3C234720-62F4-4596-9472-6598C9F61B60}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCBTU.exe FirewallRules: [{E222958F-CE77-47DB-9D64-89E2DBE853C9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCClinic.exe FirewallRules: [{6EA81509-7E20-4477-A7B4-4C840C4B9362}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCLaunch.exe FirewallRules: [{B22D9BED-9002-459F-AC3E-FD9B199EA80B}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QMUpdate\QQPCMgrUpdate.exe FirewallRules: [{D9B8A92C-B3E5-4013-A521-82F151126741}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCSoftGame.exe FirewallRules: [{8F30456E-AC43-49CE-8A80-2C134133D3AD}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCSysOptimize.exe FirewallRules: [{67652288-F96A-4986-A89E-861A27FEF62F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCUpdateAVLib.exe FirewallRules: [{C2649B42-8A78-4988-8CBD-1936779A64E9}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQRepair.exe FirewallRules: [{4F24E635-71ED-4E28-96F7-1DDAAD6F88CE}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\Uninst.exe FirewallRules: [{B7FE5BDC-2D21-4E09-9A32-A05975B3F64E}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QQPCPatch.exe FirewallRules: [{11D20B8B-0C4E-4BF0-B949-C7C32B9DD101}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\TpkUpdate.exe FirewallRules: [{46A77B09-5D81-405D-932D-629D44BE9D9F}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QMRouterMgr.exe FirewallRules: [{70CA0175-2DAD-4A43-8FE0-2923A456CF72}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QMAccountProtection.exe FirewallRules: [{6E8D29D1-FBE3-4300-A376-7055CC602ADF}] => (Allow) C:\Program Files (x86)\Tencent\QQPCMgr\11.3.17207.222\QMAdBlock.exe FirewallRules: [{515ABF7D-FAB2-4433-9D89-7A312D55EED5}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{7FB47ECB-31AF-4303-9B19-6FD0006304B9}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe ==================== Restore Points ========================= 22-01-2016 15:59:39 Windows Update 25-01-2016 16:31:43 Windows Update 26-01-2016 17:33:00 Installed Camtasia Studio 8 30-01-2016 18:38:56 Windows Update 03-02-2016 12:31:21 Windows Update 07-02-2016 14:35:26 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/08/2016 09:01:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANNEPC) Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/08/2016 08:21:39 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc Faulting module name: SkyWrap.dll, version: 10.1.2123.10, time stamp: 0x569054c9 Exception code: 0xc0000005 Fault offset: 0x00ac6197 Faulting process id: 0x23ec Faulting application start time: 0xSkypeHost.exe0 Faulting application path: SkypeHost.exe1 Faulting module path: SkypeHost.exe2 Report Id: SkypeHost.exe3 Faulting package full name: SkypeHost.exe4 Faulting package-relative application ID: SkypeHost.exe5 Error: (02/08/2016 08:08:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANNEPC) Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/08/2016 06:52:51 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANNEPC) Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/08/2016 03:51:52 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ANNEPC) Description: Activation of app Microsoft.XboxApp_8wekyb3d8bbwe!Microsoft.XboxApp failed with error: -2144927148 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/08/2016 03:51:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname ANNEPC.local already in use; will try ANNEPC-2.local instead Error: (02/08/2016 03:51:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 ANNEPC.local. Addr 192.168.0.24 Error: (02/08/2016 03:51:45 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.0.24:5353 16 ANNEPC.local. AAAA FDB6:F4CD:2F66:0000:CCD8:2B17:A054:849D Error: (02/08/2016 02:25:10 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418154 Error: (02/08/2016 12:57:18 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053"1". Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (02/08/2016 12:11:05 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:11:05 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:11:03 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:11:03 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:11:02 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:11:02 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:11:01 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:11:01 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:10:57 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys Error: (02/08/2016 12:10:57 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Users\annec\AppData\Local\Temp\catchme.sys CodeIntegrity: =================================== Date: 2016-02-08 12:34:36.258 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\SensorsApi.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-08 12:11:05.524 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-08 12:11:05.226 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-08 12:11:03.912 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-08 12:11:03.598 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-08 12:11:02.904 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-08 12:11:02.585 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-08 12:11:01.769 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-08 12:11:01.467 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-08 12:10:57.314 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\annec\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz Percentage of memory in use: 34% Total physical RAM: 16294.44 MB Available physical RAM: 10624.86 MB Total Virtual: 18726.44 MB Available Virtual: 11851.98 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:1848.71 GB) (Free:1100.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 1863 GB) (Disk ID: 5D4C1504) Partition: GPT. ==================== End of Addition.txt ============================