Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015 Ran by Arian at 2015-01-08 20:58:00 Running from C:\Users\arian\Desktop\fst Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 8GadgetPack (HKLM-x32\...\{A8187B41-3541-49AC-8587-C0C75127E92C}) (Version: 9.0.0 - Helmut Buhler) Ableton Live 9 Suite (HKLM-x32\...\{2395BEE6-92D4-4D91-8665-5BAB6B78A346}) (Version: 9.0.0.0 - Ableton) Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach) Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) Auto Resolution (HKLM-x32\...\{403F1594-BC16-47A5-B365-F73CD69D720E}) (Version: 1.9 - LG Electronics Inc.) AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.) AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.) AVS4YOU Software Navigator 1.4 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB) Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - ) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.) Canon MP Navigator EX 4.1 (HKLM-x32\...\MP Navigator EX 4.1) (Version: - ) Canon MX410 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX410_series) (Version: - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform) CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.72.1.2014 - Georgy Berdyshev) CuteFTP 9 (HKLM-x32\...\{89B9E358-75C6-4C6B-BD38-803FF156CC4B}) (Version: 9.0.0 - Globalscape) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 13.5 - Illustrate) Deluge 1.3.6 (HKLM-x32\...\Deluge) (Version: - ) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) Dropbox (HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.) DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited) ElectraX full (HKLM-x32\...\Tone2 ElectraX full_is1) (Version: - Tone2) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FabFilter Pro-C 1.23 (64-bit) (HKLM-x32\...\FabFilter Pro-C 1.23 (64-bit)) (Version: - ) FabFilter Saturn 1.13 (64-bit) (HKLM-x32\...\FabFilter Saturn 1.13 (64-bit)) (Version: - ) FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line) FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - ) Gladiator v1.2.2 (HKLM-x32\...\Tone2 Gladiator full_is1) (Version: - Tone2) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North) HLSW v1.4.0.3 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software) IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 7 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417065FF}) (Version: 7.0.650 - Oracle) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games) League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.11.3.0 - LG Electronics) Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office FrontPage 2003 (HKLM-x32\...\{90170409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig) Music Manager (HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\MusicManager) (Version: - Google, Inc.) Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.6.2.1863 - Native Instruments) Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments) Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: 2.6.8.382 - Native Instruments) Native Instruments Traktor Kontrol S2 MK2 Driver (HKLM-x32\...\Native Instruments Traktor Kontrol S2 MK2 Driver) (Version: - Native Instruments) Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: - Native Instruments) Nero 2014 (HKLM-x32\...\{F384C1E1-3A16-4073-95C3-7271FE0ED4C2}) (Version: 15.0.02200 - Nero AG) NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation) NVIDIA 3D Vision Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation) NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation) NVIDIA Miracast Virtual Audio 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.) Plex Media Server (HKLM-x32\...\{16eca963-68c5-4756-80f9-db9094a4d6f0}) (Version: 0.9.1104 - Plex, Inc.) Plex Media Server (x32 Version: 0.9.1104 - Plex, Inc.) Hidden PowerISO (HKLM-x32\...\PowerISO) (Version: 5.4 - Power Software Ltd) Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) Screen Split (HKLM-x32\...\{7F0C2357-33B0-4408-A9AD-A7623FAA22B1}) (Version: 6.29 - LG Electronics Inc.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Serviio (HKLM\...\Serviio) (Version: - ) SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.) Sound Blaster Z-Series (HKLM-x32\...\{13B87C04-33E8-4D92-9102-2C109F8DB6BD}) (Version: 1.00.22 - Creative Technology Limited) Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited) Spotify (HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB) Spotydl 0.9.36.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.36.0 - spotydl.com) StartIsBack+ (HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\StartIsBack) (Version: 1.5.1 - startisback.com) Sylenth1 v2.21 (HKLM-x32\...\Sylenth1_is1) (Version: - ) Texas Instruments TUSB3410 drivers. (HKLM-x32\...\InstallShield_{FA66245E-0E77-40D5-94A4-CB7AB753034F}) (Version: 6.5.9019.1 - Texas Instruments Inc.) The Glue (HKLM\...\The Glue_is1) (Version: 1.2.1 - ) Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version: - Tunngle.net GmbH) TUSB3410 (x32 Version: 6.5.9019.1 - Texas Instruments Inc.) Hidden Unity Web Player (HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS) VirtualDJ PRO Full (HKLM-x32\...\{4769E972-2E92-49C5-B6F9-465EFD0C4D94}) (Version: 7.0.5 - Atomix Productions) VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN) VNC Server 5.2.0 (HKLM\...\{4AAE0833-3348-469C-AB09-95B421356900}) (Version: 5.2.0 - RealVNC Ltd) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.27 - VSO-Software SARL) Waves Complete v8.0.11 (HKLM-x32\...\Waves Complete V8_is1) (Version: - ) Winamp (HKLM-x32\...\Winamp) (Version: 5.7 Beta - Nullsoft, Inc) Winamp Detector Plug-in (HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc) WinDirStat 1.1.2 (HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\WinDirStat) (Version: - ) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation) WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\arian\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{61625667-893E-4707-B925-A82B528C00B9}\InprocServer32 -> C:\Users\arian\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c9}\InprocServer32 -> C:\Users\arian\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{AD1405D2-30CF-4877-8468-1EE1C52C759F}\InprocServer32 -> C:\Users\arian\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\arian\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{E5C31EC8-C5E6-4E07-957E-944DB4AAD85E}\InprocServer32 -> C:\Users\arian\AppData\Local\StartIsBack\StartIsBack64.dll (www.startisback.com) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\arian\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2231558442-1345113691-1245548305-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\arian\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 05:25 - 2014-04-13 11:04 - 00000886 ____N C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {007B69E5-C716-46AD-9766-684F399E3599} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {1E41468F-5F44-47E6-929A-5310842D7796} - System32\Tasks\{663CD220-992D-41EF-ABE8-BD1DD78BE978} => pcalua.exe -a "C:\Program Files (x86)\Actual Multiple Monitors\unins000.exe" Task: {3F230B2F-0E27-4A86-AA9B-DE7C00F8DCF0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe Task: {6CDF26F6-55BA-4B19-854C-2574493F66F0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {8806DC90-3930-4B4B-B1D7-1FF6D3A8C577} - System32\Tasks\KMS Server Daily Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-19] (MDL) Task: {99195426-6EE4-4502-B12C-C84CC278C26F} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {C63C1C1B-9DC0-41ED-B237-CA6A2A3EA3A4} - System32\Tasks\KMS Server OnLogon Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-19] (MDL) Task: {D6B4815F-D8A7-47B7-B98B-6FE5C5F09B5A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-29] (Google Inc.) Task: {DE7647F3-CCA8-435C-AF6F-6966D6B47FB3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-03] (Microsoft Corporation) Task: {E55D064D-CE5E-4CD8-BD02-C4B6BA52C86F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2013-08-20] (Nero AG) Task: {EA71A78D-F766-4BB2-8967-2F32DF02FEA4} - System32\Tasks\{A6C61C78-5BBD-47A2-BB37-A01CBC56BC55} => pcalua.exe -a "C:\Program Files (x86)\ClearThink\ClearThinkuninstall.exe" Task: {F8AE9364-4D86-49BF-BB4D-4D90E2C2D649} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2231558442-1345113691-1245548305-1001Core1cf8d8a61fa78b.job => C:\Users\arian\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2231558442-1345113691-1245548305-1001Core1cfed21d5b7037.job => C:\Users\arian\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2231558442-1345113691-1245548305-1001Core1d000fc374b0182.job => C:\Users\arian\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-01-18 12:11 - 2014-12-13 00:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-08-16 12:25 - 2013-06-12 14:54 - 00066048 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook64.dll 2014-10-14 23:27 - 2014-10-14 23:27 - 08897696 _____ () F:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-08-17 11:18 - 2014-08-17 11:18 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2014-03-20 17:57 - 2014-03-20 17:57 - 00359936 _____ () F:\Program Files\Serviio\bin\ServiioService.exe 2014-12-11 01:27 - 2014-12-05 17:16 - 01408328 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll 2014-12-11 01:27 - 2014-12-05 17:16 - 00204616 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll 2014-12-11 01:27 - 2014-12-05 17:17 - 10689352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll 2014-12-11 01:27 - 2014-12-05 17:16 - 01856840 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll 2014-08-16 12:25 - 2013-06-26 09:56 - 00241664 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\DDCCI.exe 2014-12-11 01:27 - 2014-12-05 17:17 - 26725192 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll 2014-07-26 21:46 - 2014-12-13 19:17 - 00374840 _____ () C:\Users\arian\AppData\Roaming\Spotify\Data\SpotifyHelper.exe 2014-03-20 17:57 - 2014-03-20 17:57 - 00399360 _____ () F:\Program Files\Serviio\bin\ServiioConsole.exe 2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-16 12:25 - 2013-06-12 14:54 - 00063488 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\ScreenSplitterHook.dll 2014-11-12 20:08 - 2014-11-11 10:48 - 01171456 _____ () H:\Program Files (x86)\Steam\libavcodec-56.dll 2014-11-12 20:08 - 2014-11-11 10:48 - 00332800 _____ () H:\Program Files (x86)\Steam\libavresample-2.dll 2014-11-12 20:08 - 2014-11-11 10:48 - 00442368 _____ () H:\Program Files (x86)\Steam\libavutil-54.dll 2014-11-12 20:08 - 2014-11-11 10:47 - 00774656 _____ () H:\Program Files (x86)\Steam\SDL2.dll 2014-11-21 20:32 - 2014-11-18 12:23 - 02227904 _____ () H:\Program Files (x86)\Steam\video.dll 2014-11-12 20:08 - 2014-11-11 10:48 - 00403968 _____ () H:\Program Files (x86)\Steam\libavformat-56.dll 2014-11-12 20:08 - 2014-11-11 10:48 - 00485888 _____ () H:\Program Files (x86)\Steam\libswscale-3.dll 2014-11-21 20:32 - 2014-11-18 12:23 - 00690880 _____ () H:\Program Files (x86)\Steam\bin\chromehtml.DLL 2014-02-01 15:58 - 2015-01-03 10:59 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2014-02-01 15:58 - 2015-01-03 10:59 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2014-02-01 15:58 - 2015-01-03 10:59 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2014-02-01 15:58 - 2015-01-03 10:59 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2014-02-01 15:58 - 2015-01-03 10:59 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2014-02-01 15:58 - 2015-01-03 10:59 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2014-02-01 15:58 - 2015-01-03 10:59 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2014-02-01 15:58 - 2015-01-03 10:59 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2014-11-12 20:08 - 2014-11-11 10:48 - 34589888 _____ () H:\Program Files (x86)\Steam\bin\libcef.dll 2014-08-16 12:25 - 2013-04-24 16:47 - 00004608 _____ () C:\Program Files (x86)\LG Electronics\Screen Split\bin\EngRes.dll 2014-07-26 21:46 - 2014-12-13 19:17 - 36966968 _____ () C:\Users\arian\AppData\Roaming\Spotify\Data\libcef.dll 2014-07-26 21:46 - 2014-12-13 19:17 - 00867896 _____ () C:\Users\arian\AppData\Roaming\Spotify\Data\ffmpegsumo.dll 2014-07-26 21:46 - 2014-12-13 19:17 - 00886840 _____ () C:\Users\arian\AppData\Roaming\Spotify\Data\libglesv2.dll 2014-07-26 21:46 - 2014-12-13 19:17 - 00108600 _____ () C:\Users\arian\AppData\Roaming\Spotify\Data\libegl.dll 2014-10-21 16:22 - 2014-10-21 16:22 - 00750080 _____ () C:\Users\arian\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-01-08 20:49 - 2015-01-08 20:49 - 00043008 _____ () c:\users\arian\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph5prjh.dll 2014-10-21 16:22 - 2014-10-21 16:22 - 00047616 _____ () C:\Users\arian\AppData\Roaming\Dropbox\bin\libEGL.dll 2014-10-21 16:22 - 2014-10-21 16:22 - 00863744 _____ () C:\Users\arian\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2014-10-21 16:22 - 2014-10-21 16:22 - 00200704 _____ () C:\Users\arian\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\arian\SkyDrive:ms-properties AlternateDataStreams: C:\Users\arian\Desktop\1418353027600.jpg:com.dropbox.attributes ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "tvncontrol" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "mobilegeni daemon" HKLM\...\StartupApproved\Run32: => "PWRISOVM.EXE" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\StartupApproved\Run: => "NextLive" HKU\S-1-5-21-2231558442-1345113691-1245548305-1001\...\StartupApproved\Run: => "Plex Media Server" ========================= Accounts: ========================== Administrator (S-1-5-21-2231558442-1345113691-1245548305-500 - Administrator - Disabled) Arian (S-1-5-21-2231558442-1345113691-1245548305-1001 - Administrator - Enabled) => C:\Users\arian Guest (S-1-5-21-2231558442-1345113691-1245548305-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2231558442-1345113691-1245548305-1003 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/08/2015 08:57:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FRST64.exe version 7.1.2015.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1030 Start Time: 01d02bc7acdbae43 Termination Time: 4294967295 Application Path: C:\Users\arian\Desktop\fst\FRST64.exe Report Id: 064b3b31-97bc-11e4-82ab-902b34320e66 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (01/08/2015 08:49:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The UAC File Virtualization service failed to start due to the following error: %%1275 Error: (01/08/2015 08:49:10 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (01/08/2015 08:48:49 PM) (Source: DCOM) (EventID: 10010) (User: Arian) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (01/08/2015 03:16:34 PM) (Source: DCOM) (EventID: 10010) (User: Arian) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (01/08/2015 03:16:04 PM) (Source: DCOM) (EventID: 10010) (User: Arian) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Microsoft Office Sessions: ========================= Error: (01/08/2015 08:57:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: FRST64.exe7.1.2015.0103001d02bc7acdbae434294967295C:\Users\arian\Desktop\fst\FRST64.exe064b3b31-97bc-11e4-82ab-902b34320e66 CodeIntegrity Errors: =================================== Date: 2015-01-08 15:15:37.239 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-07 02:59:01.025 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-05 23:40:27.698 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-04 03:00:40.569 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-16 05:55:55.374 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-10 03:09:15.552 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-10 03:09:15.490 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-10 03:09:15.417 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-10 03:09:15.072 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-12-10 03:09:14.960 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz Percentage of memory in use: 10% Total physical RAM: 32726.04 MB Available physical RAM: 29265.39 MB Total Pagefile: 32726.04 MB Available Pagefile: 28954.17 MB Total Virtual: 131072 MB Available Virtual: 131071.84 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:111.79 GB) (Free:43.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive f: () (Fixed) (Total:596.17 GB) (Free:499.59 GB) NTFS Drive h: (Games/Media) (Fixed) (Total:1863.01 GB) (Free:977.5 GB) NTFS Drive i: (ARIAN'S IPO) (Removable) (Total:148.79 GB) (Free:94.02 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 17E39648) Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 0F6B1E0E) Partition 1: (Not Active) - (Size=993 KB) - (Type=42) Partition 2: (Active) - (Size=596.2 GB) - (Type=42) Partition 3: (Not Active) - (Size=1368 KB) - (Type=42) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E49FF29C) Partition 1: (Not Active) - (Size=1863 GB) - (Type=42) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ==================== End Of Log ============================