Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-11-2014 Ran by DSW79 at 2014-11-05 11:28:35 Running from C:\Users\DSW79\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Actual Multiple Monitors 8.0 (HKLM-x32\...\Actual Multiple Monitors_is1) (Version: 8.0 - Actual Tools) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.15221 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.) CCG Launcher version 0.6 (HKLM-x32\...\{28362054-F79B-4697-A246-3ECF730E7E9D}_is1) (Version: 0.6 - Custom Combat Gaming) Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version: - Cheat Engine) Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft) CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version: - ) Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) My Game Long Name (HKLM\...\UDK-468047f4-7dcf-4278-abc5-b0afa7b38659) (Version: - Epic Games, Inc.) Nectar Toolbar (HKLM-x32\...\Nectar Toolbar) (Version: 1.0.3 - AIMIA Coalition Loyalty UK Ltd) NVIDIA 3D Vision Controller Driver 344.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.46 - NVIDIA Corporation) NVIDIA 3D Vision Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.48 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation) NVIDIA Graphics Driver 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.48 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation) NVIDIA Miracast Virtual Audio 344.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 344.48 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.) Plantronics® GameCom 780/788 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 3.20.0001 - Plantronics) Plex Media Server (HKLM-x32\...\{9eb61479-6f2f-43c4-bfe8-12a7ea9d1acb}) (Version: 0.9.914 - Plex, Inc.) Plex Media Server (x32 Version: 0.9.914 - Plex, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) SABnzbd 0.7.18 (HKLM-x32\...\SABnzbd) (Version: 0.7.18 - The SABnzbd Team) Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) The Evil Within (HKLM-x32\...\VGhlRXZpbFdpdGhpbg==_is1) (Version: 1 - ) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.8.10 - Electronic Arts) Ultima Online Classic Client (HKLM-x32\...\Ultima Online Classic) (Version: - Electronic Arts) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) UOAssist (HKLM-x32\...\UOAssist) (Version: - ) UOCartographer 0.9 (HKLM-x32\...\UOCartographer 0.9) (Version: - UOCartographer.com) Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft) Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 01-11-2014 17:43:32 Installed DirectX 03-11-2014 18:18:32 Installed Tt eSPORTS BLACK ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {343B9539-DD0A-4690-9751-C80A233E95B0} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3EBE12DE-6674-46E1-838A-FFC5AA302EEF} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2014-09-29] () Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {5FCC841C-44F7-4FB9-B377-3770E60E3C0E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6D44BBD0-DC42-4F7C-81A1-9381251B69E7} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.) Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {7522124E-67F0-4515-A0B3-F2D5BE034B87} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {7987C088-EC6A-404C-977C-97E7A1F26972} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {957716FC-88F1-4468-8116-0A25C9149047} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A8CED03F-7620-44D9-A26F-0CFC4774543F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-20] (Google Inc.) Task: {B99D78E5-CA40-46C2-BE4D-A0883D5F2A65} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-16] (Microsoft Corporation) Task: {BDF1C4EA-9529-43E3-9EAC-8994E7A23E53} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {EB2DFE12-5742-459E-AFDA-A7085DAEA35D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-20] (Google Inc.) Task: {F07B97FE-C72B-46C1-AB81-B0140FEC0E7C} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-06-28 17:10 - 2014-06-28 17:10 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2014-04-10 18:48 - 2014-10-16 14:11 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-07-15 04:44 - 2010-07-15 04:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2014-01-25 01:22 - 2014-01-25 01:22 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2014-06-28 16:47 - 2014-01-21 15:41 - 00817440 ____N () C:\Program Files\Plantronics\GameCom 780 & 788\GameCom780.exe 2014-06-28 16:47 - 2014-01-21 15:41 - 00149792 ____N () C:\Program Files\Plantronics\GameCom 780 & 788\VmixPLGC.dll 2014-03-18 20:59 - 2014-11-04 19:29 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2014-03-18 20:59 - 2014-11-04 19:29 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2014-03-18 20:59 - 2014-11-04 19:29 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2014-03-18 20:59 - 2014-11-04 19:29 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2014-03-18 20:59 - 2014-11-04 19:29 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2014-03-18 20:59 - 2014-11-04 19:29 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2014-03-18 20:59 - 2014-11-04 19:29 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2014-03-18 20:59 - 2014-11-04 19:29 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00840840 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxml2.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00051848 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_sqlite3-vc80-3_0.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00089224 _____ () C:\Program Files (x86)\Plex\Plex Media Server\soci_core-vc80-3_0.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 02100360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_core249.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 01923720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\opencv_imgproc249.dll 2014-08-01 21:13 - 2014-08-01 21:13 - 07605400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avcodec-54.dll 2014-08-01 21:13 - 2014-08-01 21:13 - 01453720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avformat-54.dll 2014-08-01 21:13 - 2014-08-01 21:13 - 00202392 _____ () C:\Program Files (x86)\Plex\Plex Media Server\avutil-52.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00352920 _____ () C:\Program Files (x86)\Plex\Plex Media Server\swscale-2.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00507528 _____ () C:\Program Files (x86)\Plex\Plex Media Server\tag.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 08495240 _____ () C:\Program Files (x86)\Plex\Plex Media Server\WebKit.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00195720 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libidn.dll 2014-08-01 21:13 - 2014-08-01 21:13 - 00952968 _____ () C:\Program Files (x86)\Plex\Plex Media Server\CFLite.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 01291400 _____ () C:\Program Files (x86)\Plex\Plex Media Server\JavaScriptCore.dll 2014-08-01 21:13 - 2014-08-01 21:13 - 01038984 _____ () C:\Program Files (x86)\Plex\Plex Media Server\cairo.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00073352 _____ () C:\Program Files (x86)\Plex\Plex Media Server\zlib1.dll 2014-03-18 21:20 - 2014-05-06 10:24 - 00013824 _____ () C:\Program Files (x86)\Samsung Magician\SAMSUNG_SSD.dll 2014-03-18 21:20 - 2014-05-19 19:20 - 00103424 _____ () C:\Program Files (x86)\Samsung Magician\PAL.dll 2014-03-18 21:20 - 2014-05-19 19:20 - 00039424 _____ () C:\Program Files (x86)\Samsung Magician\SATA.dll 2014-03-18 21:20 - 2014-05-19 19:19 - 00038400 _____ () C:\Program Files (x86)\Samsung Magician\SAT.dll 2014-03-18 21:20 - 2014-05-19 19:20 - 00031232 _____ () C:\Program Files (x86)\Samsung Magician\SMINI.dll 2014-03-18 21:20 - 2014-05-19 19:19 - 00029696 _____ () C:\Program Files (x86)\Samsung Magician\SAS.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00045192 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_socket.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00028808 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ssl.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00019080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_hashlib.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00035976 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\simplejson\_speedups.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00836744 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\etree.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00062600 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libexslt.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00166024 _____ () C:\Program Files (x86)\Plex\Plex Media Server\libxslt.dll 2014-08-01 21:14 - 2014-08-01 21:14 - 00192648 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\lxml\objectify.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00016520 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\select.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00056456 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\crypto.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00018056 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\rand.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00044680 _____ () C:\Program Files (x86)\Plex\Plex Media Server\Exts\OpenSSL\SSL.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00083080 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\_ctypes.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00111752 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\pyexpat.pyd 2014-08-01 21:14 - 2014-08-01 21:14 - 00692360 _____ () C:\Program Files (x86)\Plex\Plex Media Server\DLLs\unicodedata.pyd 2014-10-28 19:00 - 2014-10-22 04:04 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libglesv2.dll 2014-10-28 19:00 - 2014-10-22 04:04 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libegl.dll 2014-10-28 19:00 - 2014-10-22 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\pdf.dll 2014-10-28 19:00 - 2014-10-22 04:04 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll 2014-10-28 19:00 - 2014-10-22 04:04 - 00310088 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.111\libexif.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKCU\...\StartupApproved\Run: => "ManyCam" HKCU\...\StartupApproved\Run: => "Actual Multiple Monitors" ========================= Accounts: ========================== Administrator (S-1-5-21-475818928-1566985967-3258346663-500 - Administrator - Disabled) DSW79 (S-1-5-21-475818928-1566985967-3258346663-1001 - Administrator - Enabled) => C:\Users\DSW79 Guest (S-1-5-21-475818928-1566985967-3258346663-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-475818928-1566985967-3258346663-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (11/05/2014 11:25:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/05/2014 11:24:35 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (11/05/2014 11:24:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/05/2014 11:23:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AutoKMS.exe, version: 2.5.2.0, time stamp: 0x53c9a9a0 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e Exception code: 0xe0434352 Fault offset: 0x000000000000606c Faulting process id: 0x1198 Faulting application start time: 0xAutoKMS.exe0 Faulting application path: AutoKMS.exe1 Faulting module path: AutoKMS.exe2 Report Id: AutoKMS.exe3 Faulting package full name: AutoKMS.exe4 Faulting package-relative application ID: AutoKMS.exe5 Error: (11/05/2014 11:23:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: AutoKMS.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.FormatException Stack: at System.DateTime.Parse(System.String) at ..(.) at ..(.) at ..() Error: (11/04/2014 01:31:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/04/2014 01:31:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: License Activation (slui.exe) failed with the following error code: hr=0xC004F074 Command-line arguments: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (11/04/2014 01:29:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: AutoKMS.exe, version: 2.5.2.0, time stamp: 0x53c9a9a0 Faulting module name: KERNELBASE.dll, version: 6.3.9600.17278, time stamp: 0x53eebf2e Exception code: 0xe0434352 Fault offset: 0x000000000000606c Faulting process id: 0x504 Faulting application start time: 0xAutoKMS.exe0 Faulting application path: AutoKMS.exe1 Faulting module path: AutoKMS.exe2 Report Id: AutoKMS.exe3 Faulting package full name: AutoKMS.exe4 Faulting package-relative application ID: AutoKMS.exe5 Error: (11/04/2014 01:29:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: AutoKMS.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.FormatException Stack: at System.DateTime.Parse(System.String) at ..(.) at ..(.) at ..() Error: (11/04/2014 01:29:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] System errors: ============= Error: (11/04/2014 10:54:58 AM) (Source: DCOM) (EventID: 10010) (User: DSW) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/04/2014 10:54:28 AM) (Source: DCOM) (EventID: 10010) (User: DSW) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/04/2014 10:18:47 AM) (Source: DCOM) (EventID: 10010) (User: DSW) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/04/2014 10:18:17 AM) (Source: DCOM) (EventID: 10010) (User: DSW) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/04/2014 00:00:42 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error: %%0 Error: (11/03/2014 11:38:53 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error: %%0 Error: (11/03/2014 11:35:59 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error: %%0 Error: (11/03/2014 11:13:04 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The AVGIDSAgent service terminated with the following service-specific error: %%3758213659 Error: (11/03/2014 07:36:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/03/2014 04:44:39 PM) (Source: DCOM) (EventID: 10010) (User: DSW) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Microsoft Office Sessions: ========================= Error: (11/05/2014 11:25:01 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/05/2014 11:24:35 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=2 Error: (11/05/2014 11:24:14 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/05/2014 11:23:04 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: AutoKMS.exe2.5.2.053c9a9a0KERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c119801cff8eadabd0982C:\WINDOWS\AutoKMS\AutoKMS.exeC:\WINDOWS\system32\KERNELBASE.dll1b44e29f-64de-11e4-8292-902b34d75169 Error: (11/05/2014 11:23:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: AutoKMS.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.FormatException Stack: at System.DateTime.Parse(System.String) at ..(.) at ..(.) at ..() Error: (11/04/2014 01:31:05 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=NetworkAvailable Error: (11/04/2014 01:31:02 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=81671aaf-79d1-4eb1-b004-8cbbe173afea;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (11/04/2014 01:29:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: AutoKMS.exe2.5.2.053c9a9a0KERNELBASE.dll6.3.9600.1727853eebf2ee0434352000000000000606c50401cff83364525447C:\WINDOWS\AutoKMS\AutoKMS.exeC:\WINDOWS\system32\KERNELBASE.dlla736ab86-6426-11e4-8292-902b34d75169 Error: (11/04/2014 01:29:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: AutoKMS.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.FormatException Stack: at System.DateTime.Parse(System.String) at ..(.) at ..(.) at ..() Error: (11/04/2014 01:29:45 PM) (Source: NvStreamSvc) (EventID: 1) (User: ) Description: NvStreamSvcNvVAD initialization failed [6] ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz Percentage of memory in use: 27% Total physical RAM: 8080.89 MB Available physical RAM: 5861.52 MB Total Pagefile: 9360.89 MB Available Pagefile: 6914.18 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.27 GB) (Free:15.86 GB) NTFS Drive d: () (Fixed) (Total:298.09 GB) (Free:150.79 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (Local Disk) (Fixed) (Total:931.39 GB) (Free:681.04 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: A8C3E263) Partition 1: (Active) - (Size=298.1 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================