Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017 Ran by PAUL (16-05-2017 20:19:08) Running from C:\Users\PAUL\Desktop\FRST Windows 8.1 (Update) (X64) (2014-11-06 17:08:21) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1375163193-2629173629-2764439304-500 - Administrator - Disabled) Guest (S-1-5-21-1375163193-2629173629-2764439304-501 - Limited - Enabled) => C:\Users\Guest PAUL (S-1-5-21-1375163193-2629173629-2764439304-1001 - Administrator - Enabled) => C:\Users\PAUL ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ad Muncher v4.94.34121 (Free) (HKLM-x32\...\Ad Muncher) (Version: - ) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) Adobe Photoshop 7.0 CE (HKLM-x32\...\Adobe Photoshop 7.0 CE) (Version: 7.0 CE - Adobe Systems, Inc.) Adobe Reader XI (11.0.20) - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated) AMD Catalyst Install Manager (HKLM\...\{29200C76-2ADF-0C62-BE0D-2AC087740379}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.4.2294 - AVAST Software) Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2531.57 - CyberLink Corp.) Delicious: Emily's Childhood Memories Premium Edition (x32 Version: 3.0.2.32 - WildTangent) Hidden doPDF (Version: 8.0.907 - Softland) Hidden doPDF 8 (HKLM-x32\...\{d38b571a-1bb2-47f5-9194-b5956174c0cf}) (Version: 8.0.907 - Softland) ETDWare PS/2-X64 11.6.22.201_WHQL (HKLM\...\Elantech) (Version: 11.6.22.201 - ELAN Microelectronic Corp.) ffdshow v1.3.4527 [2013-12-03] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4527.0 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3005 - Packard Bell) Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Packard Bell) Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.137 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Polish) (HKLM-x32\...\{95120000-00AF-0415-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850415-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Mozilla Firefox 53.0.2 (x86 pl) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 pl)) (Version: 53.0.2 - Mozilla) Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG) novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{72FA3932-13F2-4AC2-9859-80DFB3E32D27}) (Version: 8.0.907 - Softland) novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{56C7F352-A03D-447C-98C2-7185F6067CC1}) (Version: 8.0.907 - Softland) novaPDF 8 Printer Driver (HKLM\...\{8B94B029-DF00-4314-BE5F-96AAA44D0B5A}) (Version: 8.0.907 - Softland) OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Packard Bell Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Packard Bell) Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Packard Bell) Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Packard Bell) Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Packard Bell) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden QCA CardReader Driver Installer (HKLM-x32\...\{4E0BC999-655B-421D-87F3-640C6F2BFC11}) (Version: 1.0.1.34 - Qualcomm Inc.) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.) SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB) Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1375163193-2629173629-2764439304-1001_Classes\CLSID\{E68D0A55-3C40-4712-B90D-DCFA93FF2534}\InprocServer32 -> C:\Users\PAUL\AppData\Roaming\GG\ggdrive\ggdrive-menu.dll => No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {09BF981D-1941-4277-961B-854CEA603BA2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {4D65F161-9748-48A9-9328-D8F8986E55C5} - System32\Tasks\SafeZone scheduled Autoupdate 1479733706 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software) Task: {60AFD539-7D0C-4DC4-998B-F6C7BAC97C82} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-02-22] () Task: {6C3EA29B-E5AF-498F-A78E-C84984C67BE6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-10] (Microsoft Corporation) Task: {7059FA19-9555-4BD3-82FC-62BB24E037B0} - \PowerWord-SCT-JT -> No File <==== ATTENTION Task: {7FAC9F4D-1A5F-4B2F-94E5-875E0723F00A} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-05-19] () Task: {A20BF1FD-4805-4C37-AB98-31D45BDB6FD0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software) Task: {AE315974-244F-4801-ABD6-A3DB2E1A7DB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {CB579D27-BBF1-4600-9D6E-C85EB932868C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {D4667EE3-7B14-4F00-9586-81D5D96F06C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {DC0119B4-9D04-46C2-AEC9-425D09BE4A3E} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-05-10] (AVAST Software) Task: {DDC228B1-D1D2-4042-A8A8-D7308F14CE7F} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2013-03-15] (Acer Incorporate) Task: {E177E7F7-B9E2-46FF-8427-B38294551DF0} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2013-03-16] (Acer Incorporated) Task: {F5806BED-CB90-45D2-BC21-DBDBE3F2B7D7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-09] (Adobe Systems Incorporated) Task: {FCF9FC12-4043-4ACB-B554-330DBB9A0E1D} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2013-01-24] (Acer Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\PAUL\Favorites\Packard Bell\Packard Bell.lnk -> hxxp://www.packardbell.com ==================== Loaded Modules (Whitelisted) ============== 2014-05-19 16:48 - 2014-05-19 16:48 - 00017920 _____ () C:\WINDOWS\System32\novamn8.dll 2014-07-04 22:33 - 2014-07-04 22:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2014-11-06 18:33 - 2014-11-06 18:33 - 00130933 ____N () C:\WINDOWS\TEMP\2a9a7188-2f9b-4c02-a7f4-5421caf99ace\AgileDotNetRT64.dll 2014-11-06 18:33 - 2014-11-06 18:33 - 00130933 ____N () C:\WINDOWS\TEMP\2baca5df-110d-4425-83de-0e951af60763\AgileDotNetRT64.dll 2013-04-15 20:23 - 2013-04-15 20:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-04-15 20:20 - 2013-04-15 20:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2013-04-15 20:25 - 2013-04-15 20:25 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2013-02-22 05:37 - 2013-02-22 05:37 - 03367976 _____ () C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe 2017-05-04 11:17 - 2017-05-09 16:40 - 00323584 _____ () C:\Users\PAUL\AppData\Local\background_fault\bf.dll 2017-05-16 17:40 - 2017-05-16 17:40 - 00098816 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32api.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00110080 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\pywintypes27.dll 2017-05-16 17:40 - 2017-05-16 17:40 - 00364544 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\pythoncom27.dll 2017-05-16 17:40 - 2017-05-16 17:40 - 00320512 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32com.shell.shell.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00914432 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\_hashlib.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 01176576 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\wx._core_.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00806400 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\wx._gdi_.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00816128 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\wx._windows_.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 01067008 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\wx._controls_.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00733184 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\wx._misc_.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00682496 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\pysqlite2._sqlite.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00088064 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\_ctypes.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00686080 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\unicodedata.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00119808 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32file.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00108544 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32security.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00007168 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\hashobjs_ext.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00017920 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\thumbnails_ext.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00088064 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\usb_ext.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00012800 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\common.time34.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00018432 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32event.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00167936 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32gui.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00046080 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\_socket.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 01303552 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\_ssl.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00128512 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\_elementtree.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00127488 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\pyexpat.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00038912 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32inet.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00036864 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\_psutil_windows.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00524248 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\windows._lib_cacheinvalidation.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00011264 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32crypt.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00123392 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\wx._wizard.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00077312 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\wx._html2.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00027648 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\_multiprocessing.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00020480 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\_yappi.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00035840 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32process.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00078848 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\wx._animate.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00024064 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32pipe.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00010240 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\select.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00025600 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32pdh.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00017408 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32profile.pyd 2017-05-16 17:40 - 2017-05-16 17:40 - 00022528 ____R () C:\Users\PAUL\AppData\Local\Temp\_MEI45562\win32ts.pyd 2017-05-10 10:20 - 2017-05-10 10:20 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2017-05-10 10:20 - 2017-05-10 10:20 - 00997896 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll 2017-05-10 10:20 - 2017-05-10 10:20 - 67717632 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-05-10 10:20 - 2017-05-10 10:20 - 00176992 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-05-10 10:20 - 2017-05-10 10:20 - 00223224 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll 2017-05-10 10:20 - 2017-05-10 10:20 - 00291824 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-05-10 10:20 - 2017-05-10 10:20 - 00684656 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-05-04 11:18 - 2017-04-11 08:36 - 67718656 _____ () C:\Users\PAUL\AppData\Local\background_fault\libcef.dll 2017-05-04 11:18 - 2017-04-11 08:36 - 01922560 _____ () C:\Users\PAUL\AppData\Local\background_fault\libglesv2.dll 2017-05-04 11:18 - 2017-04-11 08:36 - 00079872 _____ () C:\Users\PAUL\AppData\Local\background_fault\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2017-05-12 17:02 - 00000852 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1375163193-2629173629-2764439304-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PAUL\Desktop\alle\the-joker-the-dark-knight-wallpaper-3.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\StartupFolder: => "Adobe Gamma Loader.lnk" HKU\S-1-5-21-1375163193-2629173629-2764439304-1001\...\StartupApproved\Run: => "Napisy24.pl" HKU\S-1-5-21-1375163193-2629173629-2764439304-1001\...\StartupApproved\Run: => "Napisy24Update" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{7B205214-F400-4835-8389-1F4973EE450A}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [TCP Query User{D3340914-A96E-4914-93D5-41859B0D6A24}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{257E6306-21F5-4EE7-831B-9BBD73CB90C4}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Block) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe FirewallRules: [TCP Query User{13883029-9947-48A7-A526-39F22D0F0818}C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe] => (Block) C:\program files (x86)\nero\nero 12\nero backitup\backitup.exe FirewallRules: [{F8975405-C385-479E-8CBF-E3403E59839A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{27B0EE3D-A011-49A0-A8EA-A12595F92235}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{48D2D929-3B96-4807-8384-9F4EDB1E8A2D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe FirewallRules: [{A9584939-B91F-4553-83E4-ED30E6E26FEE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{387FA1FC-2FD0-4C71-B312-06FDD0C7D8C7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe FirewallRules: [{BC1C28CB-80A6-4DE2-A6E2-709E6CDC7AF4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{ED14F697-6FEE-43BA-BE13-3642E2B01C48}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{D4F24439-899A-4B30-AF6C-B31C5144D8E7}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{A16E464B-EE69-4BAC-B474-A3AEFDED1F37}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{43457ABB-D9FD-41C6-8C2E-1D41606A6694}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{1900E7FD-D560-4DDE-96C0-0DBE2BAAF3A2}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{86310F9E-4FF2-4733-9210-B890648BD85D}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{8F06697A-77B4-4BC5-9040-C3ECC2D07B13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{BDC6F593-AF64-41A0-9928-7DE25A73B678}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{6CE14375-2357-4938-974C-52F7C254DA58}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{01DDF5F8-062B-4FA6-8C17-5FD28FAF73E9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{D5E8852E-8FA9-4BCA-9906-1A6116816008}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [UDP Query User{353F3184-54F2-49DF-86C8-04BE8A4220F5}C:\program files (x86)\symantec\norton online backup\nobuclient.exe] => (Block) C:\program files (x86)\symantec\norton online backup\nobuclient.exe FirewallRules: [{53573D07-F036-478F-AD70-3753B94FEE9E}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{F10BEBB1-3449-4539-8663-1BDF4C125FA3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{9892889F-B64E-4D59-9AF1-44E5A3C2CD77}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1989EDF4-2A9E-4DCF-B7C5-6E8EB7AD3C69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C59E85DA-A3B6-4AF4-A4E7-F5B1B0437FCA}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [UDP Query User{7FC5153C-9CE5-4921-83DE-4DBAE4BD2BFD}C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe] => (Block) C:\program files (x86)\allplayer remote\allplayerremotecontrol.exe FirewallRules: [{96B862AE-1DE5-473D-9E4F-C6937B1BCFBF}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{970FD1A4-AE62-4222-8432-4695714A05C9}] => (Allow) C:\Program Files (x86)\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{1FFC2AD5-B901-4944-B9CE-8E906988FFE9}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe FirewallRules: [{EC64E54A-EEC4-4809-BE0C-3297B21A54A3}] => (Allow) C:\Program Files (x86)\Dayglad\Application\chrome.exe FirewallRules: [{4B3F85BF-54B3-4906-BE90-D36CE605DBF8}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_6357p3xatxx6357p3xat.dat FirewallRules: [{78B73177-4E36-4B09-B2F0-8603EA1531A2}] => (Allow) C:\Program Files (x86)\MIO\loader\toshibaxmq01abd100_6357p3xatxx6357p3xat.dat FirewallRules: [{A99FBE2E-9D2A-41C0-9DA6-9EE056BD0968}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{DD66645C-CBB2-435D-B02F-29D1EEA18A7F}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{5612EF2C-EB66-4058-A9AD-36E502CF76B9}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596_0\SZBrowser.exe FirewallRules: [{0264BD9D-227F-4B74-9FD0-293629DFADC8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 29-04-2017 17:44:16 Scheduled Checkpoint 04-05-2017 15:51:26 Removed AlphaGo 10-05-2017 11:15:43 Windows Update 15-05-2017 20:05:11 Removed Norton Online Backup ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/16/2017 05:54:31 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: updater.exe, version: 2.0.3008.0, time stamp: 0x5126f5f8 Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f33794 Exception code: 0xe0434352 Fault offset: 0x00000000000095fc Faulting process id: 0xb10 Faulting application start time: 0x01d2ce5cb1eb8b30 Faulting application path: C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll Report Id: f2b92ac9-3a4f-11e7-bf03-6002b409892f Faulting package full name: Faulting package-relative application ID: Error: (05/16/2017 05:54:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: updater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(System.String) at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean) at System.Xml.XmlDocument.Load(System.Xml.XmlReader) at System.Xml.XmlDocument.Load(System.String) at updater.Report.AddFPToResult(updater.Result) at updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs) at updater.DownloadMgr.DownloadFile(System.String, System.String) at updater.DownloadMgr.Worker(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (05/16/2017 03:36:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: updater.exe, version: 2.0.3008.0, time stamp: 0x5126f5f8 Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f33794 Exception code: 0xe0434352 Fault offset: 0x00000000000095fc Faulting process id: 0xb68 Faulting application start time: 0x01d2ce497a2906dc Faulting application path: C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll Report Id: b964fca7-3a3c-11e7-bf02-6002b409892f Faulting package full name: Faulting package-relative application ID: Error: (05/16/2017 03:36:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: updater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(System.String) at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean) at System.Xml.XmlDocument.Load(System.Xml.XmlReader) at System.Xml.XmlDocument.Load(System.String) at updater.Report.AddFPToResult(updater.Result) at updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs) at updater.DownloadMgr.DownloadFile(System.String, System.String) at updater.DownloadMgr.Worker(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (05/16/2017 02:36:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: updater.exe, version: 2.0.3008.0, time stamp: 0x5126f5f8 Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f33794 Exception code: 0xe0434352 Fault offset: 0x00000000000095fc Faulting process id: 0xc14 Faulting application start time: 0x01d2ce4117cb10c1 Faulting application path: C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll Report Id: 5737d63f-3a34-11e7-bf02-6002b409892f Faulting package full name: Faulting package-relative application ID: Error: (05/16/2017 02:36:54 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: updater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(System.String) at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean) at System.Xml.XmlDocument.Load(System.Xml.XmlReader) at System.Xml.XmlDocument.Load(System.String) at updater.Report.AddFPToResult(updater.Result) at updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs) at updater.DownloadMgr.DownloadFile(System.String, System.String) at updater.DownloadMgr.Worker(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (05/16/2017 01:36:58 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: updater.exe, version: 2.0.3008.0, time stamp: 0x5126f5f8 Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f33794 Exception code: 0xe0434352 Fault offset: 0x00000000000095fc Faulting process id: 0x1478 Faulting application start time: 0x01d2ce38b56a9578 Faulting application path: C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll Report Id: f7d24a7f-3a2b-11e7-bf02-6002b409892f Faulting package full name: Faulting package-relative application ID: Error: (05/16/2017 01:36:58 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: updater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(System.String) at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean) at System.Xml.XmlDocument.Load(System.Xml.XmlReader) at System.Xml.XmlDocument.Load(System.String) at updater.Report.AddFPToResult(updater.Result) at updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs) at updater.DownloadMgr.DownloadFile(System.String, System.String) at updater.DownloadMgr.Worker(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() Error: (05/15/2017 01:20:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: updater.exe, version: 2.0.3008.0, time stamp: 0x5126f5f8 Faulting module name: KERNELBASE.dll, version: 6.3.9600.18666, time stamp: 0x58f33794 Exception code: 0xe0434352 Fault offset: 0x00000000000095fc Faulting process id: 0xf90 Faulting application start time: 0x01d2cd6d36c578e4 Faulting application path: C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe Faulting module path: C:\WINDOWS\system32\KERNELBASE.dll Report Id: 7911e0e8-3960-11e7-bf02-6002b409892f Faulting package full name: Faulting package-relative application ID: Error: (05/15/2017 01:20:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: updater.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.Xml.XmlException Stack: at System.Xml.XmlTextReaderImpl.ThrowWithoutLineInfo(System.String) at System.Xml.XmlTextReaderImpl.ParseDocumentContent() at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean) at System.Xml.XmlDocument.Load(System.Xml.XmlReader) at System.Xml.XmlDocument.Load(System.String) at updater.Report.AddFPToResult(updater.Result) at updater.UpgradeItem.DiagnosticDownloadEvent(NotifyMgrArgs) at updater.DownloadMgr.DownloadFile(System.String, System.String) at updater.DownloadMgr.Worker(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() System errors: ============= Error: (05/16/2017 02:03:31 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (05/15/2017 01:55:14 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout. Error: (05/15/2017 01:54:44 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (05/14/2017 01:47:49 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (05/13/2017 01:24:32 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout. Error: (05/13/2017 01:24:02 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (05/13/2017 12:14:43 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (05/13/2017 12:14:13 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout. Error: (05/12/2017 03:01:46 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout. Error: (05/12/2017 03:01:16 PM) (Source: DCOM) (EventID: 10010) (User: PAULINA) Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout. CodeIntegrity: =================================== Date: 2017-05-04 15:37:05.927 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-05-04 11:45:52.817 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-05-04 11:18:44.868 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-05-04 10:35:14.259 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-05-04 10:35:13.228 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-05-04 10:35:13.165 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-05-03 17:49:09.402 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-05-03 17:49:08.434 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2017-05-03 17:49:08.402 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements. Date: 2016-11-20 18:44:49.773 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD A4-5000 APU with Radeon(TM) HD Graphics Percentage of memory in use: 31% Total physical RAM: 7621.01 MB Available physical RAM: 5230.91 MB Total Virtual: 8837.01 MB Available Virtual: 6422.08 MB ==================== Drives ================================ Drive c: (Packard Bell) (Fixed) (Total:458.48 GB) (Free:382.1 GB) NTFS Drive e: (New Volume) (Fixed) (Total:457.38 GB) (Free:422.69 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 3CBFA8C0) Partition: GPT. ==================== End of Addition.txt ============================