Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-11-2014 01 Ran by Living Room at 2014-11-09 00:04:24 Running from C:\Users\Living Room\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9} AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996} AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664} FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden 7-zip v9.20 (HKLM\...\7-Zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION Ad-Aware Antivirus (HKLM\...\{8EEFB640-A25D-448E-9F84-3CADF173CAE4}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft) Ad-Aware Browsing Protection (HKLM\...\Ad-Aware Browsing Protection) (Version: 1.0.1.124 - Lavasoft) AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.) Aimersoft Video Studio Express(Build 1.2.1.29) (HKLM\...\Aimersoft Video Studio Express_is1) (Version: - Aimersoft Software) AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden Apple Application Support (HKLM\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{459699C3-9430-4381-964B-4248D87B49F9}) (Version: 6.0.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 1.3.13 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5315 - AVG Technologies) AVG 2015 (Version: 15.0.4189 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.5315 - AVG Technologies) Hidden Backup Assistant Plus (HKLM\...\Backup Assistant Plus) (Version: - Verizon Wireless) Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation) Bing Maps 3D (HKLM\...\{2D87E961-577B-492B-AD54-1368680FB9A7}) (Version: 4.0.903.16005 - Microsoft Corporation) bitRipper (HKLM\...\bitRipper) (Version: 1.31 - ) BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.7.12.896 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM\...\{A7FC82AC-986D-48D5-8AAE-A75C1D829E0A}) (Version: 0.7.12.896 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - ) Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform) Combined Community Codec Pack 2011-11-11 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project) Computer Requirements 1.0 (HKLM\...\{BA3582A0-2DE0-4DB8-8B74-CD34AC193F9B}_is1) (Version: - Furst Person) Cooliris for Internet Explorer (HKLM\...\{3E31F0CE-D1D7-44C0-AE9B-6221D7F2DF36}) (Version: 1.11.7.32046 - Cooliris Inc.) CryptoPrevent v4.3.0 (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DebugMode Wax 2.0 (HKLM\...\DebugMode Wax 2.0) (Version: - ) DiskAid 5.14 (HKLM\...\DiskAid_is1) (Version: 5.14 - DigiDNA) DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.100 - DivX, LLC) DVD Flick 1.3.0.7 (HKLM\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen) DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink) DVDFab 9.1.5.9 (25/07/2014) (HKLM\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.) Emsisoft Anti-Malware (HKLM\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.0 - Emsi Software GmbH) Eraser 6.0.9.2343 (HKLM\...\{18026153-83A4-40E0-96B6-41E441607518}) (Version: 6.0.2343 - The Eraser Project) Ezvid (HKLM\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.) FastStone Image Viewer 4.6 (HKLM\...\FastStone Image Viewer) (Version: 4.6 - FastStone Soft) ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - ) Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.) Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP) HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.25.01 - Hyperionics Technology LLC) ieSpell (HKLM\...\ieSpell) (Version: 2.6.4 (build 573) - Red Egg Software) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) iTunes (HKLM\...\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}) (Version: 11.0.1.12 - Apple Inc.) Java 7 Update 71 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle) Juniper Networks Host Checker (HKCU\...\Neoteris_Host_Checker) (Version: 6.5.0.17087 - Juniper Networks) Juniper Networks Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 2.1.6.9079 - Juniper Networks) Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden K-Lite Codec Pack 7.7.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 7.7.0 - ) LearnCNC Game (HKLM\...\{026C76AD-0085-4721-9387-CCEEC5577076}) (Version: 1.0.0 - LearnCNC.org) Lightshot-5.1.4.17 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.17 - Skillbrains) Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Maxthon 3 (HKLM\...\Maxthon3) (Version: - Maxthon International Limited) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Camera Codec Pack (HKLM\...\{F8AFEA7D-77BD-43F3-ADF7-EF71300BEFD2}) (Version: 16.4.1620.0719 - Microsoft Corporation) Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM\...\{172423F9-522A-483A-AD65-03600CE4CA4F}) (Version: 9.7.0621 - Microsoft Corporation) MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden Mouse Suite (HKLM\...\MouseSuite98) (Version: - ) Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Moyea FLV Editor Lite version: 1.1.1.846 (HKLM\...\{8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1) (Version: - ) Mozilla Firefox 33.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 33.0.3 (x86 en-US)) (Version: 33.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla) MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Munzee Virtual Grid Generator (HKLM\...\{C2D55589-F1A1-4EEB-BA64-A16BCA3501FD}) (Version: 2.0.0 - Hinklenator) MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - ) Netflix in Windows Media Center (HKLM\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation) Network (Version: 140.0.212.000 - Hewlett-Packard) Hidden Nitro Reader 3 (HKLM\...\{D94D7782-B61C-49E5-BE75-2DDC0A68EF97}) (Version: 3.0.6.3 - Nitro) NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation) Overwolf (HKLM\...\Overwolf) (Version: 0.81.34.0 - Overwolf Ltd.) PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio) Photo Common (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Photo Gallery (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software) PS_AIO_07_D110_SW_Min (Version: 140.0.142.000 - Hewlett-Packard) Hidden PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime (HKLM\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.) RealDownloader (Version: 17.0.6 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer Cloud (HKLM\...\RealPlayer 17.0) (Version: 17.0.6 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) ROBLOX Player (HKLM\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Player for Living Room (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Studio 2013 (HKLM\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) ROBLOX Studio 2013 for Living Room (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) SamsungSimpleUpgradeTool for SCH-R720 MetroPCS (HKLM\...\InstallShield_{99A27D4B-7F24-476C-AC58-F654524C1B0D}) (Version: 1.0.012 - Samsung Electronics) SamsungSimpleUpgradeTool for SCH-R720 MetroPCS (Version: 1.0.012 - Samsung Electronics) Hidden Scan (Version: 140.0.77.000 - Hewlett-Packard) Hidden Scholastic eReader Support Files (HKLM\...\{7445B725-5389-4CA1-AAC1-75039BE8B26F}) (Version: 1.1.5010 - Scholastic) SDFormatter (HKLM\...\{A5355F15-F98B-4704-9BAE-E53B9FE48F48}) (Version: 3.1.0 - SD Association) SeaMonkey (2.8) (HKLM\...\SeaMonkey (2.8)) (Version: 2.8 (en-US) - Mozilla) SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden SignLab 9.1 Online Trial (E:\CADlink\SignLab 9.1 Trial) (HKLM\...\{CFAF69F7-0E33-4173-BEBE-187AB5F773E1}) (Version: 9.1 Demo - CADlink Technology Corporations) Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform) Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB) Storia (HKLM\...\{E9D2D1CB-A50E-40CC-AC19-695CEAFB0C34}) (Version: 1.1.5010 - Scholastic) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH) Toolbox (Version: 140.0.424.000 - Hewlett-Packard) Hidden TweakNow PowerPack 2012 (HKLM\...\TweakNow PowerPack 2012_is1) (Version: 4.1.0 - TweakNow.com) Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS) UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden Urwigo (HKCU\...\9b616d711397850c) (Version: 1.12.0.135 - Urwigo) VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden Visual Production Manager OnlineTrial (E:\CADlink\SignLab 9.1 Trial\VPM Trial) (HKLM\...\{A572C7D8-92CF-4A68-A0EA-BCC813AF61EB}) (Version: 5.01.00 - CADlink Technology Corporations) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN) War Thunder Launcher 1.0.1.269 (HKLM\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Media Center Add-in for Flash (HKLM\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinHTTrack Website Copier 3.44-1 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.44.1 - HTTrack) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Wizard101 (HKLM\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.) World of Tanks v.0.6.3.11 (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net) Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{04F93351-81D2-4484-9982-0D55DEFFFAE6}\InprocServer32 -> C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Living Room\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{56fc4ea8-7d40-45dd-b60e-99bbca340fb1}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{CA171FED-4D7C-46b9-A201-4A11B3730942}\InprocServer32 -> C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{CEE49C36-A170-4f0c-B098-257BA4CF46E5}\InprocServer32 -> C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}\InprocServer32 -> C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.) ==================== Restore Points ========================= 26-10-2014 20:39:11 Scheduled Checkpoint 01-11-2014 14:44:19 Installed DirectX 01-11-2014 15:13:28 Windows Update 01-11-2014 17:04:35 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:04 - 2013-11-01 09:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {04125BE3-D425-4E2A-81D5-931F58C6E8A8} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon3\Bin\mxup.exe [2012-05-29] (Maxthon International ltd.) Task: {0E18BE3C-290B-427E-9033-A140BF5BE35F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {0EA117D2-DE89-453C-B64B-AB1CAB62D30F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {13E793C4-9395-4ADF-B591-627151782413} - System32\Tasks\Divx online update program => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-02-12] () Task: {1974EA6D-B7A0-4D7C-996D-731B8AFCC7DC} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {19F17239-5DB2-4FEA-8F7F-2604C320B04A} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2014-03-19] (RealNetworks, Inc.) Task: {1CE4D6BC-A7B2-4A09-811D-2FDBADB39D24} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {47C06D0B-8F1C-491F-B981-6114D8085182} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-17] (Adobe Systems Incorporated) Task: {4A35E428-F1A0-4874-B79A-3FA8FF7F45C4} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {57592652-76CE-44D5-9432-ACD8DE442654} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2014-02-12] (RealNetworks, Inc.) Task: {64B323E3-B85B-4309-82CF-28B29051C797} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {676E793A-7563-466A-8CA9-B6B87B1456A3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {71F83728-E7F5-478A-87DC-D4E42A313A54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.) Task: {917EE8F3-8271-4E2F-8195-8827B137AB60} - System32\Tasks\Swiki_Checker => C:\Windows\SChecker\SC_li.exe [2012-10-16] ( ) Task: {972EAE5E-D165-454C-9825-8F83FAFCF409} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {A3752072-5848-4672-BAF5-B95EF4B33868} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd) Task: {A3B86272-34C0-425D-830B-FAA453C67517} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {ADFBA577-04D5-41BA-B52E-79B959499AC8} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] () Task: {AE1DDD14-0434-47CC-AF0B-8F2A009895A7} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated) Task: {C79E8CD1-CEC8-4E24-8A08-AE900FA835F6} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-LIVINGROOM-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation) Task: {D6F82FBB-11EC-4E5B-A03E-B4F3ADD4BFA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.) Task: {D8E6DDA8-E82C-4353-9835-CDBB004F80DC} - System32\Tasks\Overwolf Updater Task => C:\Program Files\Overwolf\OverwolfUpdater.exe [2014-10-22] (Overwolf LTD) Task: {E153A904-B0C9-4B9A-9C60-1DC819BB9E1B} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation) Task: {E4EBDFF8-6AA6-490B-8A14-A765A3C6E4CD} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-02-12] (RealNetworks, Inc.) Task: {E9986AA7-C1F0-4F38-80FD-4B79B8065FAA} - System32\Tasks\{483B03F0-3A20-4A75-8DA2-916335D22D1F} => Firefox.exe http://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?page=tsProgressBar Task: {F092F3E0-2932-4FD0-98F5-D2F7C3DE8A66} - System32\Tasks\Alarm Clock Task: {F24AF050-3514-483F-94BA-5953B1D4FFD7} - System32\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] () Task: {F8201D7B-FDB5-47ED-932C-794AB0BF5E64} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2014-02-12] (RealNetworks, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\update-S-1-5-21-21828565-3005677120-1819634571-1001.job => C:\Program Files\Skillbrains\Updater\Updater.exe Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe ==================== Loaded Modules (whitelisted) ============= 2014-10-19 16:47 - 2014-10-19 16:47 - 00775400 _____ () C:\Program Files\Emsisoft Anti-Malware\fw32.dll 2013-01-25 12:05 - 2011-02-28 17:37 - 00180624 _____ () C:\Windows\System32\Primomonnt.dll 2012-05-13 00:21 - 2014-07-02 14:42 - 00107992 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2012-02-20 20:29 - 2012-02-20 20:29 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2012-02-20 20:28 - 2012-02-20 20:28 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-10-15 12:56 - 2014-10-15 12:56 - 00656376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe 2014-10-15 13:06 - 2014-10-15 13:06 - 00087896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00022360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00030040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00048480 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00107872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 10343760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02423600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\RCF.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00638296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00580424 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 01658200 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00642376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00087360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00105280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00754520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00693096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00868680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00209224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00780120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00174936 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00870736 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 01003328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00030552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00769368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00856408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00190800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00705352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00669008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02363216 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02613584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00834896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00999256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00286536 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02124120 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00998720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00796992 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll 2014-10-15 13:05 - 2014-10-15 13:05 - 00760136 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00926568 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00123712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll 2012-10-23 17:58 - 2012-10-23 17:58 - 00120728 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe 2012-10-17 15:42 - 2012-10-17 15:42 - 00172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 02560336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareShellExtension.dll 2013-12-21 08:24 - 2013-12-21 08:24 - 01559064 _____ () C:\Program Files\AVG SafeGuard toolbar\TBAPI.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 07670592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe 2014-10-15 13:06 - 2014-10-15 13:06 - 00405848 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 01626432 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00056632 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00870224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll 2014-10-15 13:06 - 2014-10-15 13:06 - 00641344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.4.6792.0\Localization.dll 2014-11-01 13:00 - 2014-11-01 13:00 - 00186368 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\9f433ba38ccf5b566ab38b033d21f964\Kies.Common.DeviceServiceLib.Interface.ni.dll 2014-11-01 13:01 - 2014-11-01 13:01 - 14993920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\b6fe37435bb10efc6347a69d2d2246d2\Kies.Theme.ni.dll 2014-11-01 12:59 - 2014-11-01 12:59 - 01867264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\998d01a9bd11ede9d872d8e1974391db\Kies.UI.ni.dll 2014-11-01 12:59 - 2014-11-01 12:59 - 00081920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\a56aa72e0394be4ee01c9ef20f0ee34e\Kies.MVVM.ni.dll 2014-11-01 13:00 - 2014-11-01 13:00 - 00236544 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\9de98f06882d62c4ed949cd8756798b5\ASF_cSharpAPI.ni.dll 2014-02-12 13:42 - 2014-02-12 13:42 - 00039568 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2014-02-12 15:29 - 2014-02-12 15:29 - 00023552 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe 2014-10-30 14:29 - 2014-11-07 09:35 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll 2014-03-19 21:48 - 2014-03-19 21:48 - 00571992 _____ () c:\program files\real\realplayer\RPDS\Lib\r1api.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:96D0C06F ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: lxddCATSCustConnectService => 2 MSCONFIG\Services: lxdd_device => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA1100 Smart Wizard.lnk => C:\Windows\pss\NETGEAR WNA1100 Smart Wizard.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Living Room^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup MSCONFIG\startupfolder: C:^Users^Living Room^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: ApnTBMon => "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BingDesktop => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe /fromkey MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart MSCONFIG\startupreg: FreeAC => C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe -autorun MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: LightShot => C:\Users\Living Room\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue MSCONFIG\startupreg: lxddamon => "C:\Program Files\Lexmark 2500 Series\lxddamon.exe" MSCONFIG\startupreg: lxddmon.exe => "C:\Program Files\Lexmark 2500 Series\lxddmon.exe" MSCONFIG\startupreg: Mouse Suite 98 Daemon => ICO.EXE MSCONFIG\startupreg: Xvid => C:\Program Files\Xvid\CheckUpdate.exe ========================= Accounts: ========================== Ad (S-1-5-21-21828565-3005677120-1819634571-1003 - Limited - Enabled) => C:\Users\Ad Administrator (S-1-5-21-21828565-3005677120-1819634571-500 - Administrator - Enabled) => C:\Users\Administrator Guest (S-1-5-21-21828565-3005677120-1819634571-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-21828565-3005677120-1819634571-1002 - Limited - Enabled) Living Room (S-1-5-21-21828565-3005677120-1819634571-1001 - Administrator - Enabled) => C:\Users\Living Room Mcx1-LIVINGROOM-PC (S-1-5-21-21828565-3005677120-1819634571-1008 - Limited - Enabled) => C:\Users\Mcx1-LIVINGROOM-PC.LivingRoom-PC ==================== Faulty Device Manager Devices ============= Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: HP Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/08/2014 04:00:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 33.0.3.5422, time stamp: 0x545b5277 Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c Exception code: 0xc000000d Fault offset: 0x00097ca1 Faulting process id: 0xd08 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 System errors: ============= Error: (11/05/2014 02:16:01 AM) (Source: Disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/05/2014 02:15:57 AM) (Source: Disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/05/2014 02:15:52 AM) (Source: Disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/05/2014 02:15:47 AM) (Source: Disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (11/04/2014 02:35:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The LiveUpdate service terminated unexpectedly. It has done this 1 time(s). Error: (11/04/2014 02:34:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The BlueStacks Android Service service terminated with the following error: %%1064 Error: (11/04/2014 02:34:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The RealPlayer Cloud Service service failed to start due to the following error: %%1053 Error: (11/04/2014 02:34:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the RealPlayer Cloud Service service to connect. Error: (11/04/2014 02:33:27 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (11/04/2014 02:32:25 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 2:30:07 PM on ‎11/‎4/‎2014 was unexpected. Microsoft Office Sessions: ========================= Error: (11/08/2014 04:00:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe33.0.3.5422545b5277ntdll.dll6.1.7601.18247521ea91cc000000d00097ca1d0801cffb9704652c7aC:\Program Files\Mozilla Firefox\plugin-container.exeC:\Windows\SYSTEM32\ntdll.dll44d7cf39-678a-11e4-9557-002268604c39 CodeIntegrity Errors: =================================== Date: 2012-08-22 01:03:37.106 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-22 01:03:37.059 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-22 01:03:37.013 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-22 01:03:36.960 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-22 01:03:36.909 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-21 03:43:16.845 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-21 03:43:16.792 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-21 03:43:16.742 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-21 03:43:16.697 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. Date: 2012-08-21 03:43:16.647 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Spybot - Search & Destroy 2\pcrelib.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Percentage of memory in use: 51% Total physical RAM: 3326.18 MB Available physical RAM: 1617.71 MB Total Pagefile: 8432.8 MB Available Pagefile: 4126.23 MB Total Virtual: 2047.88 MB Available Virtual: 1901.17 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:508.38 GB) (Free:83.23 GB) NTFS Drive e: (Movies) (Fixed) (Total:205.61 GB) (Free:165.79 GB) NTFS Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive z: (backup) (Fixed) (Total:217.42 GB) (Free:85.51 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B4872B98) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=508.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=217.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=205.6 GB) - (Type=OF Extended) ==================== End Of Log ============================