Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01 Ran by lucky at 2015-06-29 18:44:48 Running from C:\Users\lucky\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= admin (S-1-5-21-183760795-2501133323-4075679530-1010 - Administrator - Enabled) => C:\Users\admin Administrator (S-1-5-21-183760795-2501133323-4075679530-500 - Administrator - Enabled) => C:\Users\Administrator.lucky-PC Guest (S-1-5-21-183760795-2501133323-4075679530-501 - Limited - Enabled) lucky (S-1-5-21-183760795-2501133323-4075679530-1001 - Administrator - Enabled) => C:\Users\lucky ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer) Acronis True Image 2015 (HKLM-x32\...\{9C48ED33-4A66-4299-B274-BD8110AB6EAA}Visible) (Version: 18.0.6525 - Acronis) Acronis True Image 2015 (x32 Version: 18.0.6525 - Acronis) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.) Advanced SystemCare 6 (HKLM-x32\...\Advanced SystemCare 6_is1) (Version: 6.4 - IObit) Alarm Clock version 1.0 (HKLM-x32\...\{003C285C-AC50-4B8C-8718-3481CBA49E2F}_is1) (Version: 1.0 - ) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software) AVS Media Player 4.2.3.106 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.3.106 - Online Media Technologies Ltd.) AVS Video Converter 9.0 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.0.1.566 - Online Media Technologies Ltd.) AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.) AVS Video Recorder 2.6 (HKLM-x32\...\AVS Video Recorder_is1) (Version: 2.6.1.94 - Online Media Technologies Ltd.) BOINC (HKLM\...\{D0183F8F-46BB-409F-9CD7-FB43F1A4279B}) (Version: 7.2.42 - Space Sciences Laboratory, U.C. Berkeley) ConverterLite 1.6.11.0 (HKLM-x32\...\ConverterLite) (Version: 1.6.11.0 - ConverterLite) CPUID CPU-Z 1.64.0 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CursorFX (HKLM-x32\...\CursorFX) (Version: 2.13 - Stardock Corporation) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden D-Fend Reloaded 1.3.6 (deinstall) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.3.6 - Alexander Herzog) DIRECTV Player (HKLM-x32\...\{ced7d84f-76e6-4ae6-8de8-4501b4755bd7}) (Version: 10.1 - DIRECTV) D-i-v-X AVI Codec Pack Pro 2.4.0 (HKLM-x32\...\D-i-v-X - AVI Codec Pack Pro) (Version: - D-i-v-X AVI Codec Pack Pro) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC) DVD Decrypter (Remove Only) (HKLM-x32\...\DVD Decrypter) (Version: - ) DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) FedEx Desktop (HKLM-x32\...\FedExDesktop.026F9BDCA0F141E500950436A5D33181EE6B8EF5.1) (Version: 2.03 - FedEx Corporation) FedEx Desktop (x32 Version: 2.03 - FedEx Corporation) Hidden ffdshow (remove only) (HKLM-x32\...\ffdshow) (Version: - ) ffdshow v1.1.3572 [2010-09-13] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3572.0 - ) Fraps (HKLM-x32\...\Fraps) (Version: - ) Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group) Free HD Converter V 2.0 (HKLM-x32\...\Free HD Converter_is1) (Version: 2.0.0.0 - Koyote Soft) FreeFixer (HKLM-x32\...\FreeFixer1.12) (Version: 1.12 - Kephyr) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Drive (HKLM-x32\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com) Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.241 - SurfRight B.V.) Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) InfraRecorder (HKLM-x32\...\InfraRecorder) (Version: - Christian Kindahl) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2869 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation) Jing (HKLM-x32\...\{22800204-9E53-45C7-B6F3-5BB0F1C1A147}) (Version: 2.8.13007.1 - TechSmith Corporation) Kcast for Windows (HKLM-x32\...\{FC00D5C6-356F-47B8-B0B7-19ABC493440E}) (Version: 3.0.5.0 - Kitco) KeePass Password Safe 1.29 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.29 - Dominik Reichl) Leawo Total Media Converter Ultimate version 7.1.0.7 (HKLM-x32\...\{A5F041A4-812A-47C2-AD53-8893A81019FB}_is1) (Version: 7.1.0.7 - Leawo Software) LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.7.2.0 - LG Electronics) Malwarebytes Anti-Exploit version 1.06.1.1019 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.06.1.1019 - Malwarebytes) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) ManyCam 4.0.109 (HKLM-x32\...\ManyCam) (Version: 4.0.109 - Visicom Media Inc.) McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.) Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - ) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{59E4543A-D49D-4489-B445-473D763C79AF}) (Version: 2.0.672.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 38.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 en-US)) (Version: 38.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyBullionTracker (HKLM-x32\...\com.nwtmint.air.mybulliontracker.BB33928E34E7C1F3E9FB215478549CD3C053FEC7.1) (Version: 2.0.0 - Northwest Territorial Mint LLC) MyBullionTracker (x32 Version: 2.0.0 - Northwest Territorial Mint LLC) Hidden Nero BurningROM 2015 (HKLM-x32\...\{6A4B15CC-4E95-45A1-807A-AB7267B02959}) (Version: 16.0.02000 - Nero AG) Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1003 - Nero AG) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation) NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Paltalk Messenger 11.6 (HKLM-x32\...\Paltalk Messenger) (Version: 11.6.607.17218 - AVM Software Inc.) PC Wizard 2012.2.12 (HKLM-x32\...\PC Wizard 2012_is1) (Version: - CPUID) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version: - www.PerfectUninstaller.com) Photo Slideshow Creator 3.25 (HKLM-x32\...\{2CEF6CD7-0093-4EA1-8EA5-12E843E980BF}_is1) (Version: - AMS Software) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Pokémon Trading Card Game Online (HKLM-x32\...\{0D9304CD-1C83-4703-AFEF-0C46D1DB21F2}) (Version: 2.27.0 - The Pokémon Company International) PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars) Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden Prerequisite installer (x32 Version: 16.0.0003 - Nero AG) Hidden QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) RealDownloader (x32 Version: 18.0.1.10 - RealNetworks, Inc.) Hidden RealDownloader (x32 Version: 18.0.1.9 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.) RealTimes (RealPlayer) (HKLM-x32\...\RealPlayer 18.0) (Version: 18.0.1 - RealNetworks) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden RegiStax 5.1 (HKU\S-1-5-21-183760795-2501133323-4075679530-1001\...\RegiStax 5.1) (Version: - ) RegiStax 6 (HKU\S-1-5-21-183760795-2501133323-4075679530-1001\...\RegiStax 6) (Version: - ) RegiStax 6.1.0.8 update (HKU\S-1-5-21-183760795-2501133323-4075679530-1001\...\RegiStax 6.1.0.8 update) (Version: - ) RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd) Screen Recording Suite V3.0.3 (HKLM-x32\...\{EB9F3F92-4857-4121-AA6F-1C424AC6C266}_is1) (Version: 3.0.3 - Apowersoft) SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden Should I Remove It (HKU\S-1-5-21-183760795-2501133323-4075679530-1001\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.) Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden SMI Grabber Device (HKLM-x32\...\{B03B98E3-2795-48F6-BA33-793BBF5DF685}) (Version: 1.0.0.22B - Somagic) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SRS-Root (HKLM-x32\...\{24EAD272-D05D-4950-BD59-F88AB7B4C8C7}_is1) (Version: - 123Unlock GSM Service) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Price is Right (HKLM-x32\...\The Price is Right) (Version: - ) TweetEyeSeller version 1.1.7 (HKLM-x32\...\{38CA4EE4-DA60-40AF-815E-47A9AD4BC7DB}_is1) (Version: 1.1.7 - TweetEyeSeller) ubCore64 5.80 (HKLM-x32\...\InstallShield_{F65FE148-FCF5-42F7-8803-FA0B7DA8B8A4}) (Version: 5.80 - Unibrain) ubCore64 5.80 (Version: 5.80 - Unibrain) Hidden UltraMon (HKLM\...\{9069EE0A-7615-4D86-AD80-CA263E936DA6}) (Version: 3.2.2 - Realtime Soft Ltd) Unity Web Player (HKU\S-1-5-21-183760795-2501133323-4075679530-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Video Downloader (x32 Version: 1.0.0 - RealNetworks) Hidden VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: - Elaborate Bytes) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) VSDC Free Video Editor version 3.1.0.352 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 3.1.0.352 - Flash-Integro LLC) Warframe (HKLM-x32\...\{F687407B-A756-4B4D-84F7-00F4FF5245D7}) (Version: 1.0.0 - Digital Extremes) WeatherBug® (HKLM-x32\...\WeatherBug®) (Version: 10.0.7.4 - Earth Networks, Inc.) Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.0.6 - Shark007) Windows DVD Maker 5.2.0.2 (HKLM-x32\...\{66712EEE-ECBC-4CA6-A475-windows-dvd-maker}_is1) (Version: - Windows DVD Maker,Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) WizTree v1.07 (HKLM-x32\...\WizTree_is1) (Version: - Antibody Software) Wondershare Video Editor(Build 5.1.1) (HKLM-x32\...\Wondershare Video Editor_is1) (Version: - Wondershare Software) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.) Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 01-05-2015 15:01:26 Windows Update 01-05-2015 15:53:33 Windows Update 03-05-2015 01:01:18 Restore Operation 03-05-2015 23:30:13 Windows Update 05-05-2015 12:15:45 Installed Warframe 05-05-2015 12:17:09 Installed DirectX 06-05-2015 15:45:58 Removed WeatherApp 06-05-2015 22:33:59 avast! antivirus system restore point 06-05-2015 22:46:08 Removed PocketCloud Windows Companion. 06-05-2015 23:28:57 Restore Operation 06-05-2015 23:49:47 avast! antivirus system restore point 07-05-2015 00:00:06 avast! antivirus system restore point 07-05-2015 00:16:37 Removed PocketCloud Windows Companion. 07-05-2015 00:30:44 Windows Update 12-05-2015 19:35:18 Windows Update 13-05-2015 00:26:42 Windows Update 13-05-2015 20:15:52 Installed DirectX 13-05-2015 21:22:00 Windows Update 14-05-2015 22:31:35 Windows Update 16-05-2015 11:09:45 Windows Update 18-05-2015 02:20:02 Installed NinjaTrader 7 18-05-2015 05:06:24 Removed NinjaTrader 7 20-05-2015 23:03:58 Windows Live Essentials 20-05-2015 23:06:20 Installed DirectX 20-05-2015 23:07:26 Installed DirectX 20-05-2015 23:08:27 Installed DirectX 20-05-2015 23:11:14 WLSetup 28-05-2015 00:00:04 Scheduled Checkpoint 04-06-2015 00:00:19 Scheduled Checkpoint 05-06-2015 12:09:23 Windows Update 07-06-2015 20:15:18 Windows Modules Installer 07-06-2015 20:17:29 Windows Modules Installer 08-06-2015 04:35:17 Checkpoint by HitmanPro 10-06-2015 05:22:21 Windows Update 18-06-2015 13:29:58 Scheduled Checkpoint 26-06-2015 00:00:05 Scheduled Checkpoint 26-06-2015 16:45:47 Installed QuickTime 7 27-06-2015 02:05:55 Removed Skype™ 7.6 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2015-06-29 18:27 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com There are 1000 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B53E785-AAD9-4DB0-BC4B-912D11EA1D29} - System32\Tasks\{1C8BB068-D9BB-4152-8ABA-62660412B91A} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {13C8284D-B66A-43CC-BFBE-814C9DADA8BC} - System32\Tasks\SolutoTask_29eebd75-6160-4b99-9c5f-a2d0ab2d0623 => C:\ProgramData\Soluto\Temp\ninite.evernote_5_1_0_2217.setup-22f94a22-b488-aa1a-a4ef-69269eb40e0f.exe <==== ATTENTION Task: {151647CB-4BC8-4619-9E74-E642C6FFD276} - System32\Tasks\{1251E152-B61C-40CD-8583-9D61D4C55D9C} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {1AAE35D6-CBE9-4723-8918-DF4D44FF5954} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {1DC01609-4294-42E4-B628-C5A5C5A6AEB5} - System32\Tasks\{C16B4601-1A3C-49CD-9BA3-48650611FF1F} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {1FF31863-594D-4148-8B7D-514FD6F61821} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.) Task: {20C2969F-5BAB-4E26-BDFD-A62E97332117} - System32\Tasks\{599D5F17-D3B8-4F1F-8D3E-8F35BCEA502E} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {24104459-717C-4199-8FBE-0B89217CEDFD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {248E7FE6-ADFE-460A-90B4-EFF2925A6DC7} - System32\Tasks\SolutoTask_88d7dfaa-2a98-4d14-a6d2-e7e67a12c089 => C:\ProgramData\Soluto\Temp\ninite.openoffice_4_00_9714.setup-22f94a22-b502-3fb6-a49b-dc44f1752a53.exe <==== ATTENTION Task: {2608F0F2-0361-4B52-97C9-2F5D95C74414} - \FTdownloader V7.0-codedownloader No Task File <==== ATTENTION Task: {29EBE885-62EF-4AC4-B714-930DFF8D6325} - System32\Tasks\{E1CF4964-ED05-429B-89E8-73800BE72E73} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {30ED8319-22AF-4EAB-A3EE-092B8E64C1BE} - System32\Tasks\NSKPLG => C:\Users\lucky\AppData\Roaming\NSKPLG.exe <==== ATTENTION Task: {3267617C-EBEB-461F-B035-83EFCDACB899} - System32\Tasks\{2486A31C-D11B-4426-9F0C-89B982D5FF0F} => C:\Users\lucky\Desktop\Eclipse-UV150-UV250-UV350-13.10.0522.1177.exe Task: {326FA77B-87C5-49B9-9956-D06572BBF835} - System32\Tasks\{3B82C675-5F5A-4773-ABAE-5F2D86371AEB} => pcalua.exe -a "C:\Users\lucky\Desktop\The Price is Right.exe" -d C:\Users\lucky\Desktop Task: {373FD48D-486B-496E-9D13-C1A2EB26C92B} - System32\Tasks\{157FC317-90D3-468F-9578-F2951CEB9CD8} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {3944185F-E674-43BE-A87B-8A67E56DE08A} - System32\Tasks\{C56225F4-A44F-4CD5-8BCE-D280C6EF63F7} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {3D2611F0-FB51-4FDE-A8A3-930B155328D7} - System32\Tasks\{D70C36E4-AC57-439F-88EA-9C36090509D3} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{548F12A2-BD2E-4B5A-9B62-BBC0AA8EB3DD}\setup.exe" -c -runfromtemp -l0x0009UNINSTALL -removeonly Task: {40F41022-A2A5-46F5-8D3B-0314F4DC2863} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe Task: {44BB5330-E138-46F1-BB18-7E8B2152E9B0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated) Task: {51D35F90-F38A-4544-9D52-40D8D6F82CDD} - System32\Tasks\{E09865A9-217D-42AF-B3AA-F513E41DE9EB} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {577A7E22-044C-4215-BBFE-948F982FC721} - System32\Tasks\BVRGMFU => C:\Users\lucky\AppData\Roaming\BVRGMFU.exe <==== ATTENTION Task: {5ADAEDBE-081B-428E-A8FC-E35194DF94EB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {5BD5C878-707B-49C2-893B-6D516490BC0B} - System32\Tasks\{D2B4885C-A40F-48DA-BFAA-540E1B067975} => pcalua.exe -a C:\Users\lucky\Desktop\cointr.exe -d C:\Users\lucky\Desktop Task: {5C86F962-C9BC-4E4E-8B01-C04CB4DD5FF5} - \FTdownloader V7.0-chromeinstaller-dev No Task File <==== ATTENTION Task: {62515543-DE4A-49C5-B003-47147643D1BE} - System32\Tasks\SolutoTask_af222ae4-0d86-47e7-b84a-7a4e93f7935c => C:\ProgramData\Soluto\Temp\ninite.openoffice_4_00_9714.setup-22f94a22-b502-3fb6-a49b-dc44f1752a53.exe <==== ATTENTION Task: {77265A33-68C9-4F2F-932A-F26CBD67B9C8} - System32\Tasks\{DADFEB8B-CAD5-4732-ABB4-29633144F6F9} => C:\Program Files (x86)\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe Task: {7EEE4876-A902-4377-8474-FFD0176A2815} - System32\Tasks\{3EC29510-271D-4611-B854-D36D682B350A} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {88A20E2C-0146-48E2-9D22-5FB9FFA6374F} - System32\Tasks\{5605C16D-875B-4BFE-9D32-2EE6759A85D1} => pcalua.exe -a "C:\Program Files (x86)\Turbine\Dungeons & Dragons Online\CleanUninstall.exe" -d "C:\Program Files (x86)\Turbine\Dungeons & Dragons Online" Task: {8C05DC0F-6A73-473C-9992-5F67120486DC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-18] (Avast Software s.r.o.) Task: {8C5BFF97-4FFD-4492-AD8F-6979B3098049} - System32\Tasks\{8BDFB7C5-77AD-403B-A953-55A6B5CF5324} => pcalua.exe -a "C:\Program Files (x86)\GrabToolz\Hulu Grabber\unins000.exe" Task: {8FE2E795-88FE-4E58-8253-D676B990221D} - System32\Tasks\GoogleUpdateTaskMachineCore1cf4a832fd36cc6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.) Task: {94BBDC4C-5736-4A79-BDF6-62A62981738F} - System32\Tasks\SolutoTask_16dc203a-2f17-45dc-a68b-b0e0ae2cf749 => C:\ProgramData\Soluto\Temp\ninite.irfanview_4_37.setup-22f94a22-b4cb-6aaf-8ed8-4e1a60ee9de6.exe <==== ATTENTION Task: {9BEF82BD-489D-4C18-9CBE-4CF81851F1FD} - System32\Tasks\{A3221E7D-68EC-4E3A-A8E0-9F886D98A00C} => pcalua.exe -a D:\Drivers\Setup.exe -d D:\Drivers Task: {9E187248-B33C-4675-912D-7FD973F94EA0} - \FTdownloader V7.0-firefoxinstaller No Task File <==== ATTENTION Task: {A0092763-7FFE-4C1F-905F-4109DF93C559} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-12-28] (Microsoft Corporation) Task: {A953C664-0684-490B-AE56-8C240D0A542C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {AB0CF976-F4F3-47F0-BC8E-E9113DC0FFCC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {AB662088-25B8-4459-B2F0-F6EDC0CCE9BC} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-183760795-2501133323-4075679530-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.) Task: {B598F31E-2673-4EC8-8FC7-138944F8095C} - System32\Tasks\{B698D628-208A-44FF-8344-13897EDF63D5} => C:\Users\lucky\Desktop\The Price is Right.exe Task: {BC2E374C-C01C-4CC6-9B8A-1D79FCB5EA64} - System32\Tasks\{BE100DE8-7B3F-409D-B2E2-B9558D2507A1} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {BCD3743F-CCC6-4920-B8A5-AD18D3811042} - System32\Tasks\{A356922B-BD25-4A27-86AE-686C19750ACD} => C:\Users\lucky\AppData\Roaming\Pokémon Trading Card Game Online\PokemonTradingCardGameOnline\Pokemon Trading Card Game Online.exe [2015-05-21] () Task: {BE33D8C4-41F0-4AE6-9FA1-36795890D50B} - System32\Tasks\{FDB6B9B1-2F1F-4F1E-8527-023A9E49C032} => C:\Users\lucky\Desktop\New folder\update2_EN\setup.exe Task: {BF720F98-967E-4BD5-979E-FD6E740218FB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-183760795-2501133323-4075679530-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2015-06-17] (RealNetworks, Inc.) Task: {C12D4C15-1B3C-4AA4-BB66-915CB0BA0B87} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks Task: {CC17CD14-8416-4694-9EE9-3276CA7AB7A0} - System32\Tasks\{8C5717E3-AFD9-4A9C-B396-DC0E9248DD28} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {CD51AA63-7C37-4D12-93D6-19F23B982C1D} - System32\Tasks\{DC631A46-B375-455D-8403-911F34AA7D44} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {D1CD0F0C-B162-46FE-9AAF-FF4D4C8C6EC2} - System32\Tasks\{DEEEA38C-004E-4D55-B026-C9C9319BBEF5} => msiexec.exe /package "C:\Users\Administrator.lucky-PC\Downloads\MM26_ENU.msi" Task: {D28B93E1-7E5A-43EA-A6E6-A1D07F40A42A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-31] (Google Inc.) Task: {D656DDAB-FB67-414B-B17E-EA7B968EB087} - System32\Tasks\TSRH => C:\Users\lucky\AppData\Roaming\TSRH.exe <==== ATTENTION Task: {DC63F88B-8991-4C32-B8BB-5C52FCB7EE65} - System32\Tasks\{3B23347F-28FD-4D99-86B0-9002F478749A} => pcalua.exe -a G:\pics\pics\the_price_is_right.exe Task: {E1D05652-DEE7-4E9C-A3B3-688D27FAD9E6} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG) Task: {E608AC07-DB28-4E61-9DBB-C7640778B586} - System32\Tasks\FreeFixer background scan => C:\Program Files\FreeFixer\freefixer.exe Task: {E7DD5877-0A89-4476-B950-170C5185C69B} - System32\Tasks\{29FBDF84-34D3-4036-8EA0-4139A0FDF26C} => pcalua.exe -a "C:\Program Files (x86)\Turbine\Dungeons & Dragons Online\unins000.exe" Task: {EBDF55DF-35D5-4F30-8684-4E6E4CF146E2} - System32\Tasks\SolutoTask_bf15e3bf-7186-4dde-9382-19ab6fcee96e => C:\ProgramData\Soluto\Temp\ninite.openoffice_4_00_9714.setup-22f94a22-b502-3fb6-a49b-dc44f1752a53.exe <==== ATTENTION Task: {F4B5B243-5F9C-4E54-8880-922D29278EF3} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2015-06-17] () Task: {FC84B100-AB94-412A-A749-87EFAD483311} - System32\Tasks\avastBCLRestartS-1-5-21-183760795-2501133323-4075679530-1001 => Chrome.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\BVRGMFU.job => C:\Users\lucky\AppData\Roaming\BVRGMFU.exe <==== ATTENTION Task: C:\Windows\Tasks\FreeFixer background scan.job => C:\Program Files\FreeFixer\freefixer.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf4a832fd36cc6.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\NSKPLG.job => C:\Users\lucky\AppData\Roaming\NSKPLG.exe <==== ATTENTION Task: C:\Windows\Tasks\TSRH.job => C:\Users\lucky\AppData\Roaming\TSRH.exe <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2014-06-19 04:56 - 2015-06-17 02:48 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2014-10-24 04:13 - 2014-05-04 10:02 - 01232880 _____ () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe 2014-01-16 17:39 - 2011-05-03 19:13 - 00199296 _____ () C:\Program Files (x86)\Common Files\DesktopUtil\MCTDesktopSvr.exe 2014-07-28 16:25 - 2014-07-28 16:25 - 01523560 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\NDSPCShowServer.exe 2015-06-17 00:06 - 2015-06-17 00:06 - 00608320 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe 2015-06-17 03:25 - 2015-06-17 03:25 - 00031856 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2015-05-07 00:04 - 2015-05-07 00:04 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-05-07 00:04 - 2015-05-07 00:04 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-06-29 13:30 - 2015-06-29 13:30 - 02952704 _____ () C:\Program Files\AVAST Software\Avast\defs\15062901\algo.dll 2015-03-31 09:08 - 2015-06-03 17:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2010-01-30 14:49 - 2011-10-24 14:00 - 00067728 _____ () C:\Program Files (x86)\Stardock\CursorFX\zlib1.dll 2015-03-29 16:35 - 2015-03-29 16:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-07-28 16:25 - 2014-07-28 16:25 - 05979488 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\PCShowServer.dll 2014-07-28 16:25 - 2014-07-28 16:25 - 03261280 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\DrmSingleton.dll 2014-07-28 16:27 - 2014-07-28 16:27 - 00338784 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\ndsLogStore.dll 2014-07-28 16:25 - 2014-07-28 16:25 - 02229096 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\DiscoveryManager.dll 2014-07-28 16:26 - 2014-07-28 16:26 - 00689000 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\libgstreamer-0.10.dll 2014-07-28 16:27 - 2014-07-28 16:27 - 01403224 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\libxml2-2.dll 2014-07-28 16:27 - 2014-07-28 16:27 - 00091976 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\z.dll 2014-07-28 16:26 - 2014-07-28 16:26 - 00060272 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\libgstinterfaces-0.10.dll 2014-07-28 16:26 - 2014-07-28 16:26 - 00043880 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\libgstvideo-0.10.dll 2014-07-28 16:26 - 2014-07-28 16:26 - 00205672 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\libgstbase-0.10.dll 2014-07-28 16:26 - 2014-07-28 16:26 - 07742304 _____ () C:\Users\lucky\AppData\Local\DIRECTV Player\gsttspplugin.dll 2014-06-19 03:20 - 2014-04-04 11:26 - 00371712 _____ () C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll 2014-06-19 03:20 - 2013-07-24 09:24 - 00137728 _____ () C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll 2014-12-16 18:06 - 2014-09-11 19:09 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll 2014-12-16 18:06 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll 2015-04-14 02:28 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-04-14 02:28 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-04-14 02:28 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2014-11-27 10:42 - 2014-11-27 10:42 - 00037696 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll 2014-11-27 10:42 - 2014-11-27 10:42 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll 2015-06-16 23:47 - 2015-06-16 23:47 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll 2015-06-17 03:24 - 2015-06-17 03:24 - 00035976 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll 2015-06-17 03:24 - 2015-06-17 03:24 - 00039560 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2015-06-17 03:24 - 2015-06-17 03:24 - 00037528 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll 2015-06-29 18:30 - 2015-06-29 18:30 - 00098816 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32api.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00110080 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\pywintypes27.dll 2015-06-29 18:30 - 2015-06-29 18:30 - 00364544 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\pythoncom27.dll 2015-06-29 18:30 - 2015-06-29 18:30 - 00045568 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\_socket.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 01161216 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\_ssl.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00320512 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32com.shell.shell.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00713216 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\_hashlib.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 01175040 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\wx._core_.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00805888 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\wx._gdi_.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00811008 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\wx._windows_.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 01062400 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\wx._controls_.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00735232 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\wx._misc_.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00682496 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\pysqlite2._sqlite.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00087552 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\_ctypes.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00119808 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32file.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00108544 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32security.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00007168 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\hashobjs_ext.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00026624 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\usb_ext.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00167936 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32gui.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00018432 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32event.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00128512 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\_elementtree.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00127488 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\pyexpat.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00013824 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\common.time34.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00036864 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\_psutil_windows.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00038912 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32inet.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00011264 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32crypt.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00070656 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\wx._html2.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00027136 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\_multiprocessing.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00020480 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\_yappi.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00035840 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32process.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00686080 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\unicodedata.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00122368 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\wx._wizard.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00024064 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32pipe.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00010240 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\select.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00025600 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32pdh.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00525640 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\windows._lib_cacheinvalidation.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00017408 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32profile.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00022528 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\win32ts.pyd 2015-06-29 18:30 - 2015-06-29 18:30 - 00078336 _____ () C:\Users\lucky\AppData\Local\Temp\_MEI30642\wx._animate.pyd 2014-11-27 10:47 - 2014-11-27 10:47 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2014-11-27 10:44 - 2014-11-27 10:44 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll 2015-03-29 16:35 - 2015-03-29 16:35 - 00985600 _____ () C:\Program Files\AVAST Software\Avast\ffmpegsumo.dll 2015-06-22 13:32 - 2015-06-20 01:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll 2015-06-22 13:32 - 2015-06-20 01:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 11403 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-183760795-2501133323-4075679530-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucky\AppData\Local\Realtime Soft\UltraMon\UltraMon Wallpaper.bmp DNS Servers: 192.168.2.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start GeekBuddy.lnk => C:\Windows\pss\Start GeekBuddy.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^lucky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Check for TWS Updates.lnk => C:\Windows\pss\Check for TWS Updates.lnk.Startup MSCONFIG\startupfolder: C:^Users^lucky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup MSCONFIG\startupfolder: C:^Users^lucky^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TimeLeft.lnk => C:\Windows\pss\TimeLeft.lnk.Startup MSCONFIG\startupreg: (default) => MSCONFIG\startupreg: Adobe Reader Speed Launcher => MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ArcadeMovieService => "C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe" MSCONFIG\startupreg: AvastUI.exe => "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui MSCONFIG\startupreg: COMODO Internet Security => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe MSCONFIG\startupreg: Consumer Input Update => MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe" -autorun MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Drivers For Free => C:\Program Files (x86)\Drivers For Free\Drivers For Free Unlimited\DriversForFree.exe /applicationMode:systemTray /showWelcome:false MSCONFIG\startupreg: DW7 => MSCONFIG\startupreg: EgisTecPMMUpdate => MSCONFIG\startupreg: EgisUpdate => MSCONFIG\startupreg: FDispPos => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe Launch FixPos MSCONFIG\startupreg: FreeAC => MSCONFIG\startupreg: gbrspcontrol => MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: IObit Malware Fighter => "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart MSCONFIG\startupreg: Jing => C:\Program Files (x86)\TechSmith\Jing\Jing.exe MSCONFIG\startupreg: KGShareApp => C:\Program Files (x86)\Kodak\KODAK Share Button App\KGShare_App.exe MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" MSCONFIG\startupreg: MCTDUtil => C:\Program Files (x86)\Common Files\DesktopUtil\Util-Desktop.exe Launch SuperUtil MSCONFIG\startupreg: MurGeeMon => MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: OOTag => C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RGSC => MSCONFIG\startupreg: RtHDVCpl => "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s MSCONFIG\startupreg: SearchProtect => MSCONFIG\startupreg: SearchProtectAll => MSCONFIG\startupreg: SearchSettings => MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: SuiteTray => MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s MSCONFIG\startupreg: vProt => MSCONFIG\startupreg: WinPatrol => ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{6F7336B9-0375-471E-9AE7-9C97A86ECF46}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{4E2B2A3E-DB2F-4888-9068-6A1C0F279D59}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [{A3C2F066-2743-4A3B-BF9E-F27F677130D1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{3990E65A-AFDA-4A0A-94D5-A2FF46C9CD66}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{89EB4A14-FECE-413E-A18D-3E2291FD9222}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{992D3987-4392-4418-8998-B067E695E552}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{F5296536-F3CB-415C-8222-BC0EF920F41F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{CA336403-FF53-480D-9D22-A84D34D3DD45}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{35764787-F41F-4E5B-9736-9B1F4B95C88C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{0524EC76-9406-4FF4-B902-06B61516B1EC}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{13D81A0C-4AD0-4E74-8693-4AA6B7645BA9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{27D2EB12-BE40-4E96-BD07-AE940F4E752A}C:\program files (x86)\comodo\dragon\dragon.exe] => (Allow) C:\program files (x86)\comodo\dragon\dragon.exe FirewallRules: [UDP Query User{ED9D035B-FF0F-4AF6-8F09-C0878E8BB380}C:\program files (x86)\comodo\dragon\dragon.exe] => (Allow) C:\program files (x86)\comodo\dragon\dragon.exe FirewallRules: [TCP Query User{3FAEB35D-FDB6-4B2A-8523-5C3D72544770}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{FA21D974-C36E-4534-AB05-72C8D6B68E98}C:\program files (x86)\paltalk messenger\paltalk.exe] => (Allow) C:\program files (x86)\paltalk messenger\paltalk.exe FirewallRules: [TCP Query User{20461ADF-9671-4426-AE85-B9F9A09AA60B}C:\users\lucky\desktop\desktop\mirc.exe] => (Allow) C:\users\lucky\desktop\desktop\mirc.exe FirewallRules: [UDP Query User{9BB56E56-B391-4DDF-B8A0-03E68A746489}C:\users\lucky\desktop\desktop\mirc.exe] => (Allow) C:\users\lucky\desktop\desktop\mirc.exe FirewallRules: [TCP Query User{B1C3BAE8-17A8-4E5B-A72C-DC76609A993F}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [UDP Query User{CB80AF12-CE91-4B50-9B03-62FEE0D51E5B}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [TCP Query User{FE30E8A4-2E4C-4CF0-8BFF-ACB144561062}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [UDP Query User{6E7A69EB-299F-4346-B842-E7F18189BD12}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe FirewallRules: [{EB740A11-0632-4A0F-9607-FA6701ED70AD}] => (Allow) LPort=5353 FirewallRules: [TCP Query User{C0DE0F13-86B2-416C-AB2E-E83D1097F76B}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [UDP Query User{DFD7ECCD-2D3E-40D6-8A73-813B86BBC24F}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe FirewallRules: [{D865288C-E35B-4CA6-91BB-9DB5A555D143}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{6E42A61F-D8EB-4C09-BB43-92D68AD80867}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{1FCDF775-22CB-4306-AA92-F3E22512BD47}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{510541C9-7D21-47E6-A2FE-FD11A563E708}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{7FDA1E06-462F-4556-863D-C04198394390}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{AD69B15A-0575-42E0-9D7A-81807030E69C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{38AE5A5F-A81F-4594-8B0B-4D1C07CA926B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{415E9F25-0607-4499-967A-2FC98D14139C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F9D30B3B-FD58-4ACB-9A17-C6B6F103354A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{56773ABA-0234-40DC-B10F-B6FE3D089EF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{F6A347F2-0793-46AE-BFBA-DE492C7EC401}] => (Allow) %ProgramFiles%\BOINC\boinc.exe FirewallRules: [{F38A51F5-63EB-4A8E-9436-685472BC8849}] => (Allow) LPort=443 FirewallRules: [TCP Query User{4CD491A6-FED0-46EC-AA21-AB4EE450745A}C:\program files (x86)\thinkorswim\thinkorswim.exe] => (Allow) C:\program files (x86)\thinkorswim\thinkorswim.exe FirewallRules: [UDP Query User{9274D549-3E2E-42B3-912A-9519BBD35060}C:\program files (x86)\thinkorswim\thinkorswim.exe] => (Allow) C:\program files (x86)\thinkorswim\thinkorswim.exe FirewallRules: [{591CC0DE-D938-40C5-B21C-C413BAEFA78E}] => (Allow) C:\Program Files (x86)\Apowersoft\Screen Recording Suite\Screen Recording Suite.exe FirewallRules: [{22E6C598-C1E6-48E9-AF9F-FEBEF3986F9B}] => (Allow) C:\Program Files (x86)\Apowersoft\Screen Recording Suite\Screen Recording Suite.exe FirewallRules: [TCP Query User{21D8B51B-2A42-4641-B19B-F1660D7748DA}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe FirewallRules: [UDP Query User{239FC151-D3D3-485D-B3CC-2DC9C708B559}C:\program files (x86)\divx\divx media server\divxmediaserver.exe] => (Block) C:\program files (x86)\divx\divx media server\divxmediaserver.exe FirewallRules: [{390A9C58-2A39-4176-811C-9B533A34A290}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe FirewallRules: [{C5B9CF01-5A7C-40B4-BDE1-84CA9C7A365F}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe FirewallRules: [{B8888FBD-32DB-449A-9030-2B994C52C0CC}] => (Allow) chrome.exe FirewallRules: [{7B3A1609-4B35-4438-BB4E-F172BED39617}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{E92382B3-A3E1-4F1E-BA0C-9E1238D3DE03}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{47879934-DD13-4561-A927-1087BE677148}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{4E7D3492-57D2-4BD0-9EE0-5892BD412CF9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{D3031DDE-FC01-41A4-950B-169E6CADF5F5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{9922222E-8A1B-496D-9555-892855EA86CA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{C6730CB8-59F9-4FD8-8C4B-F33162014295}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{9974134C-6658-4C05-9D7E-C4148DDC8D17}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{B312AE0F-B69D-4780-B980-4875E60D89AB}] => (Allow) C:\Users\Administrator.lucky-PC\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [TCP Query User{DC56DF07-2D47-487E-84CD-5708392AACA1}C:\users\lucky\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\lucky\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [UDP Query User{4254FBD2-7851-43A0-AB5E-556B3FD146E7}C:\users\lucky\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\lucky\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [TCP Query User{33D33A99-A686-4E09-83B7-F3C3169A3698}C:\users\lucky\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\lucky\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [UDP Query User{D5DC45AC-E565-4769-9D2C-71B9553A3753}C:\users\lucky\appdata\local\directv player\ndspcshowserver.exe] => (Block) C:\users\lucky\appdata\local\directv player\ndspcshowserver.exe FirewallRules: [{9D57478D-1F37-4969-BB61-943433D17799}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [TCP Query User{3074377B-5AF9-4417-8EE7-61E3A9636929}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{8AC167EC-8F32-4C1C-94C8-D8385BE26924}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [{056022B5-BF7A-471F-9479-09F3B575301D}] => (Allow) C:\Users\lucky\AppData\Local\Temp\nsnAB7D.tmp\CnetInstaller-10949291.exe FirewallRules: [{FB10B313-4B61-4A1D-81D0-450C801F2105}] => (Allow) C:\Users\lucky\AppData\Local\Temp\nsnAB7D.tmp\CnetInstaller-10949291.exe FirewallRules: [TCP Query User{B3A111EF-2F1E-4D2E-B353-BDDFF3891197}C:\users\lucky\desktop\utorrent.exe] => (Allow) C:\users\lucky\desktop\utorrent.exe FirewallRules: [UDP Query User{EFF48944-C08D-44C2-A3A4-BC2DE35C3AC5}C:\users\lucky\desktop\utorrent.exe] => (Allow) C:\users\lucky\desktop\utorrent.exe FirewallRules: [{CF7A954F-0A6F-46E8-B0D5-10FCD9FB77A8}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{C5A9062D-E271-40AC-A604-7840274CB41B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{2E39CD10-EE95-4BF6-9C66-95DB0FAFFFB6}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe FirewallRules: [{B00FBBFB-B2D7-483B-A681-7C9E8DBC6E1B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe FirewallRules: [{629DA4F6-BFF1-4EA5-98D1-C05F1EC58B41}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe FirewallRules: [{C063B475-B609-4FA2-A6BB-EC7D53BC032E}] => (Allow) C:\Program Files (x86)\FrostWire 6\FrostWire.exe FirewallRules: [{37C156D5-1BC7-405B-B1C6-A1FCDC178F4C}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe FirewallRules: [{EFD7D5FD-D826-48CF-9B28-7F66177F19A5}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe FirewallRules: [{8B86CD03-CC09-4F9F-98BD-A4D827AE356F}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe FirewallRules: [{C035B58D-FDD7-414A-9383-9E83949794DA}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe FirewallRules: [{2A9AECFE-C09B-45C4-944A-01E9CC439410}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{A9675103-6F2B-40C4-98ED-A6217F613DD3}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{4F375727-AA8A-4A99-A1E8-072FF4F90FA1}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{671DEFA6-F403-4DBD-8BBE-3A1C4E9D56AF}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{F2D2D6D7-61F8-4874-B5A1-68004AC8D575}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{844B2F24-2FA0-4545-BB7C-5E8247F74086}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{F7C537BD-E11E-4BC9-AB00-2BE2A412ACE2}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Warframe.exe FirewallRules: [{DAAA6639-C60D-426D-BBAA-3AFE22145E57}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Warframe.x64.exe FirewallRules: [{2D0711C2-3DA1-4402-9327-1492866A664B}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Warframe.exe FirewallRules: [{B7E3212C-AA2A-4CB3-93E4-006D898D0686}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Warframe.x64.exe FirewallRules: [{CEBE9C99-54A4-4D50-B618-770B9263AF56}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{54C1D295-5082-4029-8306-215657247832}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Tools\RemoteCrashSender.exe FirewallRules: [{BAF1D333-750E-441A-8E99-A3D519BB6C26}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Warframe.exe FirewallRules: [{B7E304CF-0465-4CA3-A8C2-CB0A2E6D3DE3}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Warframe.x64.exe FirewallRules: [{99356AA9-3422-490D-9C63-A962D3E1F910}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Warframe.exe FirewallRules: [{FE96772D-D593-4FEA-9F3C-60AC941DD361}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Warframe.x64.exe FirewallRules: [{5A34C06B-DC46-4C5D-8D9B-18855C1F5720}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{D4573A9C-36D1-40E4-8394-C7998C371395}] => (Allow) C:\Users\lucky\AppData\Local\Warframe\New folder\Downloaded\Public\Tools\RemoteCrashSender.exe FirewallRules: [{27D6748F-629F-42EB-8CB6-0A7FE15694A3}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{75B455F4-7B23-4CA6-A835-E2643CB706F5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [TCP Query User{AE8A592F-EE80-4172-8688-FF84D0FF8F16}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe FirewallRules: [UDP Query User{F8A4A800-9DE1-4F07-BB1F-96CF514C96D6}C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin64\ninjatrader.exe FirewallRules: [TCP Query User{4F4384FA-A043-44F2-A7E0-DDA634CCFD6B}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe FirewallRules: [UDP Query User{C13FABCE-B74D-476F-99B2-5F3CA52234FA}C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files (x86)\ninjatrader 7\bin\ninjatrader.exe FirewallRules: [{AE637F77-A4C0-4376-9B98-16FD3A8A2C84}] => (Allow) C:\Program Files (x86)\Mozilla FireFox\firefox.exe FirewallRules: [{DA805A6C-5729-4B5C-87B8-B8F594714BD7}] => (Allow) C:\Program Files (x86)\Mozilla FireFox\firefox.exe FirewallRules: [{8EBAFCF9-5EAD-43B2-A3D2-E6E721C80372}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{9384A912-DFFB-426B-A0E5-4D73AE980113}] => (Allow) LPort=2869 FirewallRules: [{04D2AC3D-1222-426B-9251-A3D925188BE3}] => (Allow) LPort=1900 FirewallRules: [{849F3A3D-AFC2-4413-969A-77AA138F0ED4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{25B5D59E-D2FC-45B0-A05C-A793FC3FF261}] => (Allow) c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{5072CF24-667E-4685-BB6C-63430231164D}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{C60BA83A-8EAB-4E00-A8BF-3A0703F456A6}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Faulty Device Manager Devices ============= Name: ELBY CLONEDRIVE SCSI CdRom Device Description: CD-ROM Drive Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard CD-ROM drives) Service: cdrom Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft ISATAP Adapter Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft ISATAP Adapter #2 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: ManyCam Virtual Microphone Description: ManyCam Virtual Microphone Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318} Manufacturer: Visicom Media Inc. Service: mcaudrv_simple Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (06/29/2015 06:32:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2015 06:32:21 PM) (Source: SideBySide) (EventID: 81) (User: ) Description: Activation context generation failed for "http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName1". The setting http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName is not registered. Error: (06/29/2015 05:48:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program avastui.exe version 10.2.2218.944 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1418 Start Time: 01d0b2b4f3a67c42 Termination Time: 60000 Application Path: C:\Program Files\AVAST Software\Avast\avastui.exe Report Id: 56e232ab-1ea8-11e5-b4ba-eca86b948bb6 Error: (06/29/2015 05:45:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2015 04:00:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (06/28/2015 09:00:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (06/28/2015 02:00:06 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (06/27/2015 02:40:05 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/27/2015 07:00:00 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (06/27/2015 06:00:15 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 System errors: ============= Error: (06/29/2015 06:32:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error: %%14001 Error: (06/29/2015 06:31:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 Error: (06/29/2015 06:31:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect. Error: (06/29/2015 05:02:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (06/29/2015 05:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Malwarebytes Anti-Exploit Service service terminated unexpectedly. It has done this 1 time(s). Error: (06/29/2015 05:02:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Yahoo! Updater service terminated unexpectedly. It has done this 1 time(s). Error: (06/29/2015 05:02:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Nero Update service terminated unexpectedly. It has done this 1 time(s). Error: (06/29/2015 05:02:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (06/29/2015 05:02:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Acronis Sync Agent Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (06/29/2015 05:02:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Spybot-S&D 2 Updating Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Microsoft Office: ========================= Error: (06/29/2015 06:32:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2015 06:32:21 PM) (Source: SideBySide) (EventID: 81) (User: ) Description: http://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayNameC:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe Error: (06/29/2015 05:48:00 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: avastui.exe10.2.2218.944141801d0b2b4f3a67c4260000C:\Program Files\AVAST Software\Avast\avastui.exe56e232ab-1ea8-11e5-b4ba-eca86b948bb6 Error: (06/29/2015 05:45:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/29/2015 04:00:04 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (06/28/2015 09:00:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (06/28/2015 02:00:06 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (06/27/2015 02:40:05 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{9F3B20DF-76F2-47F4-9372-F0F56485A58D}\recordingmanager.exe Error: (06/27/2015 07:00:00 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 Error: (06/27/2015 06:00:15 AM) (Source: Customer Experience Improvement Program) (EventID: 1006) (User: ) Description: 80004005 ==================== Memory info =========================== Processor: Pentium(R) Dual-Core CPU E6600 @ 3.06GHz Percentage of memory in use: 60% Total physical RAM: 4095.24 MB Available physical RAM: 1622.36 MB Total Pagefile: 10235.45 MB Available Pagefile: 6917.17 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:446.13 GB) (Free:177.55 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive e: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive f: () (Removable) (Total:14.83 GB) (Free:7.18 GB) FAT32 Drive g: (Lexar) (Removable) (Total:7.45 GB) (Free:6.44 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 000ED1AD) Partition 1: (Not Active) - (Size=19.5 GB) - (Type=27) Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Active) - (Size=446.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18) Partition 1: (Not Active) - (Size=7.5 GB) - (Type=0C) ======================================================== Disk: 2 (Size: 14.8 GB) (Disk ID: 04FCB9F9) Partition 1: (Not Active) - (Size=14.8 GB) - (Type=0C) ==================== End of log ============================