==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2012-01-14 14:20 - 2009-11-05 08:40 - 00085504 _____ () C:\Windows\System32\cpwmon64.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-05-06 13:07 - 2011-05-06 13:07 - 00460144 _____ () C:\Program Files (x86)\Flip Video\FlipShare\FlipShareService.exe
2015-04-24 14:37 - 2011-07-01 16:33 - 00194048 _____ () C:\DLautoR.exe
2010-03-23 12:23 - 2010-03-23 12:23 - 00176944 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\ipseclog.exe
2000-04-07 02:06 - 2000-04-07 02:06 - 00244224 _____ () C:\Program Files (x86)\Red NoteBook\RedNoteBook.exe
2015-10-22 02:19 - 2015-10-22 02:19 - 00438784 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\Finkit.Mani55710822#\5cc5b412c8b8e134418697a97dd1003d\Finkit.ManicTime.Common.XmlSerializers.ni.dll
2015-10-22 02:31 - 2015-10-22 02:31 - 00855552 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\UIAComWrapper\955bbff0e5fb4c07556d19f9d54836df\UIAComWrapper.ni.dll
2014-11-19 10:36 - 2014-11-19 10:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2010-10-26 00:06 - 2010-10-26 00:06 - 02248704 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtCore4.dll
2011-05-06 13:07 - 2011-05-06 13:07 - 04317184 _____ () C:\Program Files (x86)\Flip Video\FlipShare\Core.dll
2011-05-06 13:02 - 2011-05-06 13:02 - 00737280 _____ () C:\Program Files (x86)\Flip Video\FlipShare\qca2.dll
2010-10-26 00:23 - 2010-10-26 00:23 - 08351744 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtGui4.dll
2010-10-26 00:08 - 2010-10-26 00:08 - 00983040 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtNetwork4.dll
2010-10-26 00:23 - 2010-10-26 00:23 - 00204800 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtSql4.dll
2010-10-26 00:06 - 2010-10-26 00:06 - 00364544 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtXml4.dll
2010-10-26 08:34 - 2010-10-26 08:34 - 11853824 _____ () C:\Program Files (x86)\Flip Video\FlipShare\QtWebKit4.dll
2010-10-26 00:37 - 2010-10-26 00:37 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\phonon4.dll
2010-05-20 13:49 - 2010-05-20 13:49 - 00258048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\boost_serialization-vc80-mt-1_43.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 01199104 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoFoundation.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00642048 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoNet.dll
2010-05-17 09:47 - 2010-05-17 09:47 - 00511488 _____ () C:\Program Files (x86)\Flip Video\FlipShare\PocoXML.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-11 13:06 - 2014-10-11 13:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2009-07-13 16:03 - 2009-07-13 20:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2005-09-21 02:57 - 2005-09-21 02:57 - 04325376 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\qt-mt335.dll
2015-10-21 19:37 - 2015-10-21 19:37 - 00371712 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Finkit.Mani55710822#\3f22ab9c4e88a796f545e3c348845c03\Finkit.ManicTime.Common.XmlSerializers.ni.dll
2015-10-21 19:34 - 2015-10-21 19:34 - 00611840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\AutoMapper\a4a1bc90717989183123b6319322335a\AutoMapper.ni.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-02-11 18:59 - 2016-01-12 13:44 - 00034768 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-02-11 18:59 - 2016-01-12 13:45 - 00019408 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2015-12-09 19:14 - 2016-01-12 13:44 - 00116688 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-02-11 18:59 - 2016-01-12 13:44 - 00093640 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-02-11 18:59 - 2016-01-12 13:44 - 00018376 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\select.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00019760 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-02-11 18:59 - 2016-01-12 13:46 - 00105928 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32api.pyd
2015-12-09 19:14 - 2016-01-12 13:44 - 00392144 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-02-11 18:59 - 2016-02-08 20:59 - 00381752 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-02-11 18:59 - 2016-01-12 13:44 - 00692688 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00020816 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-02-11 18:59 - 2016-01-12 13:45 - 00112592 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 01682760 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00020808 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00020800 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\_cffi_python_x66cf7a7cx17a72769.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00021840 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00038696 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-02-11 18:59 - 2016-01-12 13:46 - 00020936 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-02-11 18:59 - 2016-01-12 13:46 - 00024528 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-02-11 18:59 - 2016-01-12 13:47 - 00114640 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-02-11 18:59 - 2016-01-12 13:46 - 00124880 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00021832 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-02-11 18:59 - 2016-01-12 13:46 - 00024016 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-02-11 18:59 - 2016-01-12 13:46 - 00175560 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-02-11 18:59 - 2016-01-12 13:47 - 00030160 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-02-11 18:59 - 2016-01-12 13:47 - 00043472 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-02-11 18:59 - 2016-01-12 13:47 - 00028616 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-02-11 18:59 - 2016-01-12 13:47 - 00048592 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00026456 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-02-11 18:59 - 2016-01-12 13:46 - 00057808 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-02-11 18:59 - 2016-01-12 13:47 - 00024016 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00117056 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00024392 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-02-11 18:59 - 2016-01-12 13:47 - 00036296 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\librsync.dll
2016-02-11 18:59 - 2016-02-08 20:59 - 00023376 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-11 18:59 - 2016-01-12 13:44 - 00134608 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-02-11 18:59 - 2016-01-12 13:44 - 00134088 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-02-11 18:59 - 2016-01-12 13:45 - 00240584 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00052024 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00020800 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00021824 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00019776 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00020800 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00020280 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-02-11 18:59 - 2016-01-12 13:47 - 00350152 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00022352 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00084792 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2015-12-09 19:14 - 2016-02-08 20:59 - 01826096 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-02-11 18:59 - 2016-01-12 13:45 - 00083912 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\sip.pyd
2015-12-09 19:14 - 2016-02-08 20:59 - 03928880 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2015-12-09 19:14 - 2016-02-08 20:59 - 01971504 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2015-12-09 19:14 - 2016-02-08 20:59 - 00531248 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2015-12-09 19:14 - 2016-02-08 20:59 - 00132912 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2015-12-09 19:14 - 2016-02-08 20:59 - 00223544 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2015-12-09 19:14 - 2016-02-08 20:59 - 00207672 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00158008 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2016-02-11 18:59 - 2016-02-08 20:59 - 00042808 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2016-02-11 18:59 - 2016-01-12 13:49 - 00017864 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-02-11 18:59 - 2016-01-12 13:49 - 01631184 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-02-11 18:59 - 2016-02-08 20:59 - 00024904 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2015-12-09 19:14 - 2016-02-08 20:59 - 00546096 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-12-09 19:14 - 2016-02-08 20:59 - 00357680 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-02-11 18:59 - 2016-01-12 13:52 - 00697304 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-02-11 18:59 - 2016-01-12 13:47 - 00060880 _____ () C:\Users\Janine\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-01-04 22:25 - 2016-01-04 22:25 - 01114648 _____ () C:\Users\Janine\AppData\Roaming\Mozilla\Firefox\Profiles\gg5wyjne.default\extensions\
[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll
2016-02-10 15:28 - 2016-02-09 06:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 15:28 - 2016-02-09 06:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Janine\Documents\USB:Virtual printer port
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3812081098-2880812072-1431629892-1000\...\entradahealth.net -> hxxps://myentrada.entradahealth.net
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3812081098-2880812072-1431629892-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Janine\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Janine^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Quick Lookup.lnk => C:\Windows\pss\Quick Lookup.lnk.Startup
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{740FED46-8CF7-495D-9E78-8E17B9BE2D1B}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{E611B664-2451-4DAB-8F1A-D218EBBCA685}] => (Allow) C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{98135ECD-9ED8-4441-91DC-5AFCDD8E2CB6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{790F27FF-00A1-4D0D-BE37-EB4BF5BC9486}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CFB7D198-A87D-41EE-A480-D39FA9E92E1E}] => (Allow) LPort=2869
FirewallRules: [{A04CA265-5075-4356-A338-078A2F5449B7}] => (Allow) LPort=1900
FirewallRules: [{345C8ED2-FAD7-434C-92A5-56137E2D185F}] => (Allow) LPort=24726
FirewallRules: [{10DFBC11-CDC8-4A7D-80DB-CE2DFFBE5CF9}] => (Allow) LPort=24727
FirewallRules: [{0C35A7AF-90FC-4EA8-80DC-3ECFC8BC9F50}] => (Allow) LPort=443
FirewallRules: [{F1FE9871-644E-485F-9DBD-526AEA30A612}] => (Allow) LPort=443
FirewallRules: [{DD2ED240-5220-4AF9-BCB7-AD6E5D0D399E}] => (Allow) LPort=37674
FirewallRules: [{4D8DB7BC-9CFE-426A-A8CB-FC37D25512EB}] => (Allow) LPort=37674
FirewallRules: [{A797124C-BC69-4E44-BC45-BE1AD0FA79C5}] => (Allow) LPort=37675
FirewallRules: [{46F51475-BCCE-4EE7-9DB6-CFAE60E7DE0F}] => (Allow) LPort=443
FirewallRules: [{5C7A25DA-C667-4886-9B1F-40435F7F817D}] => (Allow) LPort=443
FirewallRules: [{736C18D0-1586-45A0-AFC8-C9C3502EC4A1}] => (Allow) LPort=37674
FirewallRules: [{82542927-6374-43F9-87F9-BA68BF700B24}] => (Allow) LPort=37674
FirewallRules: [{325F8B4A-7497-4331-88A6-9657526E9AA2}] => (Allow) LPort=37675
FirewallRules: [{DDE8A342-91BC-45CD-BF86-8C6BAAA3A69F}] => (Allow) C:\Users\Janine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AFCF8EBB-96AC-40B7-B5F6-33C4B7CA50D2}] => (Allow) C:\Users\Janine\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{5AAF333B-B2AB-4EF7-8BB6-1462237EC7F5}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [UDP Query User{7FA523A8-79F8-4200-BDF2-88B5A4C8CE3C}C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe] => (Allow) C:\program files (x86)\amazon\utilities\amazon music importer\amazon music importer.exe
FirewallRules: [TCP Query User{F1D688BB-5106-4561-80FD-53EF0B2952D0}C:\users\janine\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\janine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{3BC90526-2FD2-45D7-90F6-7C4A8957EDCD}C:\users\janine\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\janine\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{E1BC54D3-8F3A-47D8-A19C-9C5B1CBAB906}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{C94ECB75-19FC-4EF7-9099-B034ED27999F}] => (Allow) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{3D499C49-5CC1-4B21-830E-93BF5C9912F6}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{EAF6F5E3-E653-46DE-8DD9-881400F68FAA}] => (Allow) D:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{2E87269D-AAD6-4E5D-9BDA-B0DD90378C19}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{DC09E1C6-D4BA-4E96-95D8-B22A37518CE1}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{CC118903-4422-4D95-8CD3-A7846F62C12F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE84B49D-6412-468B-9B59-798D69A7C62C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8D4802D7-7DBF-499B-8A66-9E0B71C01AC5}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{94E8530D-9E51-4DA9-9E02-145CC47A899E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{CE4DB621-FB15-4FC5-BB78-E062249AD784}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{20BB85A5-2BFA-44D5-AD34-CE12FFE9DFF3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{45EF3F6D-1984-4530-9637-B70D6B3BD716}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7509F015-97D4-483D-957D-384296C1BAA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0B6B3122-29A0-44A0-B70B-E41F2F8657F7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FF330B4D-2CB0-4CF3-BA5F-75156472DA47}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9B444E46-E3FE-4FF9-BAAA-D19EBE4D06E3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{D6122938-0D31-4DDD-8BD8-14974A75860D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
22-01-2016 01:30:01 Windows Update
26-01-2016 01:35:27 Windows Update
03-02-2016 01:26:35 Windows Update
10-02-2016 01:56:02 Checkpoint by HitmanPro
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter for 64-bit Windows
Description: Cisco Systems VPN Adapter for 64-bit Windows
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (02/13/2016 02:34:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Silhouette Studio.exe, version: 3.6.57.1, time stamp: 0x50d4fc89
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56258e62
Exception code: 0xc0000374
Fault offset: 0x000ced0b
Faulting process id: 0x12c0c
Faulting application start time: 0xSilhouette Studio.exe0
Faulting application path: Silhouette Studio.exe1
Faulting module path: Silhouette Studio.exe2
Report Id: Silhouette Studio.exe3
Error: (02/12/2016 02:37:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 44.0.0.5866, time stamp: 0x56a4304a
Faulting module name: mozglue.dll, version: 44.0.0.5866, time stamp: 0x56a42229
Exception code: 0x80000003
Fault offset: 0x0000efa8
Faulting process id: 0xea60
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (02/12/2016 02:37:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 44.0.0.5866, time stamp: 0x56a4304a
Faulting module name: mozglue.dll, version: 44.0.0.5866, time stamp: 0x56a42229
Exception code: 0x80000003
Fault offset: 0x0000efa8
Faulting process id: 0x11578
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (02/10/2016 01:56:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 48.0.2564.103, time stamp: 0x56b12600
Faulting module name: chrome.dll, version: 48.0.2564.103, time stamp: 0x56b11fad
Exception code: 0xc0000005
Fault offset: 0x000f221d
Faulting process id: 0x230c
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3
Error: (02/09/2016 09:38:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iCloudServices.exe, version: 34.0.0.12, time stamp: 0x561ca2e5
Faulting module name: WTF.dll, version: 7601.2003.0.4, time stamp: 0x55e933dc
Exception code: 0xc0000005
Fault offset: 0x00001883
Faulting process id: 0x414
Faulting application start time: 0xiCloudServices.exe0
Faulting application path: iCloudServices.exe1
Faulting module path: iCloudServices.exe2
Report Id: iCloudServices.exe3
Error: (02/09/2016 03:47:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 12.0.6735.5000, time stamp: 0x56219708
Faulting module name: clr.dll, version: 4.0.30319.34209, time stamp: 0x5348961e
Exception code: 0xc0000005
Fault offset: 0x0000e31e
Faulting process id: 0x1978c
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
Error: (02/09/2016 03:47:47 PM) (Source: .NET Runtime) (EventID: 1023) (User: )
Description: Application: WINWORD.EXE
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in the .NET Runtime at IP 5B1FE31E (5B1F0000) with exit code 80131506.
Error: (02/08/2016 10:33:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Silhouette Studio.exe, version: 3.6.57.1, time stamp: 0x50d4fc89
Faulting module name: ntdll.dll, version: 6.1.7601.19045, time stamp: 0x56258e62
Exception code: 0xc0000374
Fault offset: 0x000ced0b
Faulting process id: 0x196e4
Faulting application start time: 0xSilhouette Studio.exe0
Faulting application path: Silhouette Studio.exe1
Faulting module path: Silhouette Studio.exe2
Report Id: Silhouette Studio.exe3
Error: (02/04/2016 05:10:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WINWORD.EXE, version: 12.0.6735.5000, time stamp: 0x56219708
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56258f05
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x180ec
Faulting application start time: 0xWINWORD.EXE0
Faulting application path: WINWORD.EXE1
Faulting module path: WINWORD.EXE2
Report Id: WINWORD.EXE3
Error: (02/04/2016 05:10:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: WINWORD.EXE
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.IO.IOException
Stack:
at Dictaphone.CorrectionClient2.WaveDictation..ctor(Int32, Boolean)
at Dictaphone.CorrectionClient2.TransnetJobQueue.JobReceived(System.Object, Dictaphone.DocNet.LegacyInterop.TransnetJobReceivedEventArg)
at Dictaphone.DocNet.LegacyInterop.TransnetConnection+JobReceivedHandler.Invoke(System.Object, Dictaphone.DocNet.LegacyInterop.TransnetJobReceivedEventArg)
at Dictaphone.DocNet.LegacyInterop.TransnetConnection._StatusHandlerThreadProc()
at System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
System errors:
=============
Error: (02/09/2016 01:42:49 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.5477.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (02/09/2016 01:42:48 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.5477.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (02/08/2016 02:12:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DisplayLinkService service.
Error: (02/06/2016 01:37:36 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.5477.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (02/06/2016 01:37:34 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.5477.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (02/02/2016 01:41:40 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.5004.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (02/02/2016 01:41:40 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.5004.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (01/31/2016 01:44:22 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.4870.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (01/31/2016 01:44:22 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.4870.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
Error: (01/30/2016 01:41:31 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.213.4870.0
Update Source: %NT AUTHORITY59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT AUTHORITY602
Update Type: %NT AUTHORITY604
User: NT AUTHORITY\SYSTEM
Current Engine Version: %NT AUTHORITY605
Previous Engine Version: %NT AUTHORITY606
Error code: %NT AUTHORITY607
Error description: %NT AUTHORITY608
CodeIntegrity:
===================================
Date: 2015-09-22 14:02:34.840
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-22 14:02:34.640
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-22 14:02:29.531
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-22 14:02:29.391
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidFilt.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-22 14:02:22.094
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-22 14:02:22.024
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-22 14:02:21.933
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-09-22 14:02:21.803
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\LHidEqd.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-07-12 02:29:00.920
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll because the set of per-page image hashes could not be found on the system.
Date: 2014-07-12 02:29:00.789
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage of memory in use: 77%
Total physical RAM: 4027.2 MB
Available physical RAM: 888.07 MB
Total Virtual: 10065.4 MB
Available Virtual: 4282.69 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:198.62 GB) NTFS
Drive d: (Lectionary Art N) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS
Drive e: (FantomHD) (Fixed) (Total:1863.01 GB) (Free:1709.88 GB) NTFS
Drive g: () (Fixed) (Total:1 GB) (Free:0.67 GB) FAT32
Drive h: () (Removable) (Total:0.48 GB) (Free:0.48 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AF2AA563)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 3E12CCE7)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 489.2 MB) (Disk ID: 97DB97DB)
Partition 1: (Active) - (Size=489 MB) - (Type=06)
==================== End of Addition.txt ============================