Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2014 01 Ran by Shlomi at 2014-02-22 22:22:38 Running from C:\Users\Shlomi\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== 5600 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden 5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated) Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden Amazon Browser App (HKLM-x32\...\{0A7D6F3C-F2AB-48ED-BE23-99791BFF87D6}) (Version: 1.0.0.0 - Amazon) AMD Accelerated Video Transcoding (Version: 12.10.100.30418 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{0C51297F-4056-7831-8157-10BE4E27CBE4}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2013.0418.1206.19803 - Advanced Micro Devices, Inc.) Hidden AMD VISION Engine Control Center (x32 Version: 2013.0418.1206.19803 - Advanced Micro Devices, Inc.) Hidden Apple Application Support (HKLM-x32\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2013 - Avast Software) Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.0418.1206.19803 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.0418.1206.19803 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Profiles Desktop (x32 Version: 2013.0418.1206.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.0418.1205.19803 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.0418.1206.19803 - Advanced Micro Devices, Inc.) Hidden Comparing (HKLM-x32\...\InstallShield_{233EE2F2-EDA8-4C70-ABC3-D656D67D2CD5}) (Version: 1.00.2012.0921 - Tong child Research & Planning Co.,Ltd) Comparing (x32 Version: 1.00.2012.0921 - Tong child Research & Planning Co.,Ltd) Hidden Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version: - Microsoft) Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc) Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0423 - Lenovo) EducationPortal (HKLM-x32\...\{65487538-FF20-421B-91DB-F6634B8D264C}) (Version: 5.00.012.0617 - Lenovo) Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden Find the Differences (HKLM-x32\...\InstallShield_{EAA04F6D-6E10-4267-B824-C35D3B9E0155}) (Version: 1.00.2012.0920 - Tong child Research & Planning Co.,Ltd) Find the Differences (x32 Version: 1.00.2012.0920 - Tong child Research & Planning Co.,Ltd) Hidden Finding the Letters (HKLM-x32\...\InstallShield_{535FB733-FFCF-4460-8694-664A2F6C53B4}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Finding the Letters (x32 Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden FormatFactory 3.3.1.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.1.0 - Format Factory) FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.80.00 - Exent Technologies) Fruits (HKLM-x32\...\InstallShield_{AA39BFDE-71E5-46A6-A10B-44C2F45A341E}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Fruits (x32 Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.3 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google) GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP) HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife) HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP) HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP) HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel) iTunes (HKLM\...\{0D924CB2-2EA4-4044-BAF7-770202D6BD0D}) (Version: 11.1.4.62 - Apple Inc.) Lenovo Assistant (HKLM-x32\...\{B2DE4F30-B8C7-49C0-85B9-2F37A5290F00}) (Version: 2.0.0.28 - Lenovo) Lenovo Black Silk USB Keyboard (HKLM\...\Lenovo Black Silk USB Keyboard) (Version: 1.22 - Lenovo) Lenovo Dashboard (HKLM-x32\...\{FEF1833C-244C-4DF2-AB67-1E1D26921ED8}) (Version: 2.0.0.13 - Lenovo) Lenovo Dynamic Brightness System (HKLM-x32\...\{D9ED6D06-6002-495E-A7BC-46E6AE386996}) (Version: 4.0.01.52020 - Lenovo) Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 1.0.3.0 - Lenovo) Lenovo Eye Distance System (HKLM-x32\...\{5183D7AB-D09B-411F-A74E-BBAEA61C6505}) (Version: 4.0.01.42160 - Lenovo) Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG) Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.6418 - CyberLink Corp.) Lenovo Power2Go (x32 Version: 6.0.6418 - CyberLink Corp.) Hidden Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4521.52 - CyberLink Corp.) Lenovo PowerDVD10 (x32 Version: 10.0.4521.52 - CyberLink Corp.) Hidden Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1511 - CyberLink Corp.) Lenovo Rescue System (Version: 4.0.0.1511 - CyberLink Corp.) Hidden Lenovo Solution Center (HKLM\...\{D60E3A84-5DDC-49ED-B9A5-E3466996EB36}) (Version: 2.3.002.00 - Lenovo Group Limited) Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation) Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.) Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo) Mammals (HKLM-x32\...\InstallShield_{ACA58CEB-2F74-4095-ADB6-4C1BFB170F64}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Mammals (x32 Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Matching Roles (HKLM-x32\...\InstallShield_{92736E44-7608-4D80-9333-E40C82B7E8B3}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Matching Roles (x32 Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office Access MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Arabic) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Russian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (Hebrew) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (Hebrew) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro) OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP) Opera 12.16 (HKLM-x32\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Pokki (HKCU\...\Pokki) (Version: 0.267.1.208 - Pokki) Puzzle (HKLM-x32\...\InstallShield_{6EB7ECE3-E3BE-481D-821B-F1AFFA244D64}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Puzzle (x32 Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros) RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6937 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.29053 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP) Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.) SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden sudoku (HKLM-x32\...\InstallShield_{8C4715DF-8AC9-4F0A-8E35-F9B4CF318FF1}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) sudoku (x32 Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.) timer (HKLM-x32\...\InstallShield_{9CC4B8EE-A96B-4800-B674-0CF8B4560F45}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) timer (x32 Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUSR_{F63A5E34-3E66-4E59-8314-1CAA9D7B12C6}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040D-0000-0000000FF1CE}_Office14.PROPLUSR_{BE08E87B-F850-412C-A543-38326E215CE1}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0419-0000-0000000FF1CE}_Office14.PROPLUSR_{1CF9A6C6-EB13-4A0B-8D52-E52A5EB5B70E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-040D-0000-0000000FF1CE}_Office14.PROPLUSR_{0C2F1EBB-1F4D-49B5-AD10-F27181F4C6FB}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-040D-0000-0000000FF1CE}_Office14.PROPLUSR_{6A7DF78C-66F2-4F76-B82C-C00C04B9F8FC}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden ==================== Restore Points ========================= 12-02-2014 17:54:19 Windows Update 16-02-2014 20:13:55 Windows Update 22-02-2014 01:11:30 Windows Update ==================== Hosts content: ========================== 2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ___AC C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0787AB4D-8392-4368-A786-F3324EDF24C5} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {10EBEB21-F8D9-4675-A971-25E2CDBA5C64} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink) Task: {18D52EE4-42DB-4D03-9A63-3F2EFA4B8001} - System32\Tasks\OFFICE2013ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] () Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {26D6644F-292B-4A33-A975-D2DDDA3E4DC6} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.) Task: {28FD1F32-7EA9-4B87-A3B5-2F68ECC8E76E} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => Rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)" Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {2E91D64C-76AB-482C-A800-C15C41056491} - System32\Tasks\Lenovo\Lenovo-23150 => C:\ProgramData\Lenovo-23150.vbs [2013-09-15] () Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3E3C3245-B521-4DA2-929C-E85A92F07594} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-424950133-3584039098-4252772914-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {4D0D9442-1A40-4D82-B329-C244179483E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-31] (Google Inc.) Task: {5767A39A-BB1C-46B8-AD69-02F24A64607E} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated) Task: {633F423F-BDAF-479C-A85F-8ABFAE530949} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {78230324-EAF2-4032-96AD-B40EE6A6B8F2} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.) Task: {7D05EE95-E0A7-4F37-9232-D8BC9AA59652} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-02-16] (Microsoft Corporation) Task: {8119C782-8213-4C69-8650-8E0045AB052D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-31] (AVAST Software) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8A99884B-E548-480B-8604-F8151B69D4F1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {973910CD-21AA-404D-BCEE-B1E70AFA456D} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-424950133-3584039098-4252772914-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {9AECF46A-071B-4539-9B94-DED074DF3BD3} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-424950133-3584039098-4252772914-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) Task: {9F3FF0EE-CBF7-4696-96DC-7801D791009B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A6FA6F24-E6AB-4CFF-AC9C-E6836254ECF7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-31] (Google Inc.) Task: {AA6FA679-24EA-42CE-903E-531F837CA11F} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft) Task: {B6FB2300-3658-4CEA-A194-6E758CA34603} - System32\Tasks\Lenovo\Lenovo-23238 => C:\ProgramData\Lenovo-23238.vbs [2013-09-15] () Task: {BDB1232D-4547-497A-8440-EC18EDDE9FA3} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-09-26] (Lenovo) Task: {C208F6F7-0C29-4A95-9F2E-20D916874D56} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-09-26] (Lenovo) Task: {CBA84765-D8FC-4348-8075-7C854C2485CC} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-09-26] () Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D4E26DB8-70AC-4DA3-A747-13863E697261} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DEA43EA9-1108-427B-BEF7-C60DB7420047} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2013-03-14] (Lenovo) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {E7639ECE-39F8-4D21-A314-5F5534CCB1D8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-18 21:19 - 2013-04-18 21:19 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 ____C () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2013-12-05 20:24 - 2013-12-05 20:24 - 02330440 _____ () C:\Users\Shlomi\AppData\Local\Pokki\ocdeskband_0.dll 2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 ____C () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2013-04-18 21:19 - 2013-04-18 21:19 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2014-02-17 11:52 - 2014-02-17 10:23 - 02180608 _____ () C:\Program Files\AVAST Software\Avast\defs\14021700\algo.dll 2014-02-22 19:27 - 2014-02-22 15:20 - 02181120 _____ () C:\Program Files\AVAST Software\Avast\defs\14022201\algo.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2009-12-05 01:59 - 2009-12-05 01:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll 2009-12-05 02:04 - 2009-12-05 02:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll 2014-01-31 13:45 - 2014-01-31 13:45 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-09-07 04:11 - 2013-09-07 04:11 - 00569856 _____ () C:\Users\Shlomi\AppData\Local\Pokki\Engine\ppGoogleNaClPluginChrome.dll 2013-09-07 04:11 - 2013-09-07 04:11 - 01400846 _____ () C:\Users\Shlomi\AppData\Local\Pokki\Engine\avcodec-54.dll 2013-09-07 04:11 - 2013-09-07 04:11 - 00151054 _____ () C:\Users\Shlomi\AppData\Local\Pokki\Engine\avutil-51.dll 2013-09-07 04:11 - 2013-09-07 04:11 - 00222734 _____ () C:\Users\Shlomi\AppData\Local\Pokki\Engine\avformat-54.dll 2014-02-15 11:25 - 2014-02-15 11:25 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 ____C () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2014-02-20 04:21 - 2014-02-19 22:03 - 00065352 ____C () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.3\chrome_elf.dll 2014-02-20 04:21 - 2014-02-19 22:03 - 00673608 ____C () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.3\libglesv2.dll 2014-02-20 04:21 - 2014-02-19 22:03 - 00093000 ____C () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.3\libegl.dll 2014-02-20 04:21 - 2014-02-19 22:03 - 04080968 ____C () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.3\pdf.dll 2014-02-20 04:21 - 2014-02-19 22:03 - 00390472 ____C () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.3\ppGoogleNaClPluginChrome.dll 2014-02-20 04:21 - 2014-02-19 22:03 - 01647432 ____C () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.3\ffmpegsumo.dll 2014-02-20 04:21 - 2014-02-19 22:03 - 13632840 ____C () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.3\PepperFlash\pepflashplayer.dll 2014-01-15 08:04 - 2014-01-15 08:04 - 01441280 ____C () C:\Program Files (x86)\FreeTime\FormatFactory\PicConvert.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\Shlomi\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/22/2014 06:12:58 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/21/2014 05:39:48 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/20/2014 09:22:05 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/19/2014 05:20:31 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/18/2014 04:04:16 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/18/2014 01:33:54 AM) (Source: Perflib) (User: ) Description: Outlook Error: (02/18/2014 01:33:54 AM) (Source: Perflib) (User: ) Description: Outlook8 Error: (02/18/2014 01:32:03 AM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/16/2014 00:18:48 PM) (Source: SideBySide) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/15/2014 01:21:36 PM) (Source: Application Error) (User: ) Description: Faulting application name: PortChanger.exe, version: 0.0.0.0, time stamp: 0x50123cc9 Faulting module name: PortChanger.exe, version: 0.0.0.0, time stamp: 0x50123cc9 Exception code: 0xc0000005 Fault offset: 0x0000000000004be7 Faulting process id: 0x23cc Faulting application start time: 0xPortChanger.exe0 Faulting application path: PortChanger.exe1 Faulting module path: PortChanger.exe2 Report Id: PortChanger.exe3 Faulting package full name: PortChanger.exe4 Faulting package-relative application ID: PortChanger.exe5 System errors: ============= Error: (02/22/2014 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (02/22/2014 03:12:04 AM) (Source: DCOM) (User: NT AUTHORITY) Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (02/21/2014 07:48:37 PM) (Source: DCOM) (User: NT AUTHORITY) Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (02/21/2014 07:48:36 PM) (Source: DCOM) (User: NT AUTHORITY) Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (02/21/2014 07:48:33 PM) (Source: DCOM) (User: NT AUTHORITY) Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (02/21/2014 07:44:38 PM) (Source: DCOM) (User: NT AUTHORITY) Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (02/21/2014 07:44:37 PM) (Source: DCOM) (User: NT AUTHORITY) Description: C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -Embedding193{10DA4F3C-CC99-4190-BE4D-58330754E882} Error: (02/21/2014 10:00:02 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (02/20/2014 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Error: (02/19/2014 10:00:00 AM) (Source: DCOM) (User: NT AUTHORITY) Description: machine-defaultLocalActivation{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)UnavailableUnavailable Microsoft Office Sessions: ========================= Error: (02/22/2014 06:12:58 AM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe Error: (02/21/2014 05:39:48 AM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe Error: (02/20/2014 09:22:05 PM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe Error: (02/19/2014 05:20:31 AM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe Error: (02/18/2014 04:04:16 AM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe Error: (02/18/2014 01:33:54 AM) (Source: Perflib)(User: ) Description: Outlook Error: (02/18/2014 01:33:54 AM) (Source: Perflib)(User: ) Description: Outlook8 Error: (02/18/2014 01:32:03 AM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe Error: (02/16/2014 00:18:48 PM) (Source: SideBySide)(User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe Error: (02/15/2014 01:21:36 PM) (Source: Application Error)(User: ) Description: PortChanger.exe0.0.0.050123cc9PortChanger.exe0.0.0.050123cc9c00000050000000000004be723cc01cf2a400c726248C:\WINDOWS\system32\PortChanger.exeC:\WINDOWS\system32\PortChanger.exe5478d3d6-9633-11e3-be7c-0025ab3fd8a1 ==================== Memory info =========================== Percentage of memory in use: 69% Total physical RAM: 3517.29 MB Available physical RAM: 1074.13 MB Total Pagefile: 7101.29 MB Available Pagefile: 3708.99 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: (Windows8_OS) (Fixed) (Total:904.91 GB) (Free:864.45 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (FreeAgent Drive) (Fixed) (Total:931.51 GB) (Free:691.25 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 6D3E53DC) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: 68F76CFC) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================