Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-08-2015
Ran by Adams (2015-08-28 13:03:37)
Running from C:\Users\Adams\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Adams (S-1-5-21-1025616775-32965946-2427245248-1001 - Administrator - Enabled) => C:\Users\Adams
Administrator (S-1-5-21-1025616775-32965946-2427245248-500 - Administrator - Disabled)
Guest (S-1-5-21-1025616775-32965946-2427245248-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1025616775-32965946-2427245248-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Anti-Virus Free (Disabled - Up to date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free (Disabled - Up to date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 9.5.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.2 - Adobe Systems Incorporated)
AnyPC Client (HKLM-x32\...\{1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}) (Version: 1.0.0.25 - Doctorsoft)
Atheros Client Installation Program (HKLM-x32\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
AVG Free 9.0 (HKLM-x32\...\AVG9Uninstall) (Version:  - AVG Technologies)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
BatteryLifeExtender (HKLM-x32\...\{853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}) (Version: 1.0.1 - Samsung)
Change Case (HKLM-x32\...\Change_Case) (Version:  - )
ChargeableUSB (HKLM-x32\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
Citrix Online Launcher (HKLM-x32\...\{1EFF9E6C-76E1-43F9-81FB-BC8C037B0902}) (Version: 1.0.258 - Citrix)
cmd (HKLM\...\{c47364d8-3a89-4a96-83ca-ff8b61cec670}.sdb) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3226 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2511 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3604b - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3227 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.3228e - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3304 - CyberLink Corp.)
Duplicate Remover for Excel 1.7 (HKLM-x32\...\Duplicate Remover for Excel_is1) (Version: 1.7 - Add-in Express Ltd.)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Free PS Convert driver 8.15 (HKLM-x32\...\Free PS Convert driver_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1003 - Intel Corporation)
Ipswitch WS_FTP 12 (HKLM-x32\...\{AD88355B-A4E0-4DA1-BAC3-EA4FEA930691}) (Version: 12.3 - Ipswitch)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Merge Cells Wizard for Excel 2.2 (HKLM-x32\...\Merge Cells Wizard for Excel_is1) (Version: 2.2 - Add-in Express Ltd.)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft IntelliPoint 7.0 (HKLM\...\{C74A84EC-7C5F-4C36-A4A6-381E516D643B}) (Version: 7.0.260.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM-x32\...\{F2BC3383-F000-410C-A038-3846ADBE8D90}) (Version: 1.01.0088 - REALTEK Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung R-Series (HKLM-x32\...\{3EED7541-55F8-4DC6-B9CD-28762D71310E}) (Version: 1.0 - Samsung)
Samsung Support Center (HKLM-x32\...\{0A353130-D22C-41DD-8C67-1B02A05F2CE0}) (Version: 1.1.0 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.10.0 - Synaptics Incorporated)
Trim Spaces for Microsoft Excel 1.1 (HKLM-x32\...\Trim Spaces for Microsoft Excel_is1) (Version: 1.1 - Add-in Express Ltd.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.800 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Word to PDF Converter 3.00 (HKLM-x32\...\Word to PDF Converter_is1) (Version:  - PDF-Convert, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1025616775-32965946-2427245248-1001_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\p2pcollab.dll No File <==== ATTENTION

==================== Restore Points =========================

24-08-2015 11:52:26 Scheduled Checkpoint
24-08-2015 12:43:04 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2010-04-26 10:18 - 00392792 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {29EB21DB-3F7C-4AA7-818F-516FB300CBB6} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2009-05-26] (Microsoft Corporation)
Task: {4DDCF3E1-106F-4D80-A055-63B3104DDB2D} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\windows\TEMP\{555B1F96-43AA-4B8F-A2B8-27992274CCE4}.exe
Task: {56658561-F04C-4303-BFA4-06049E44779C} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {56828BAB-2C2F-476F-BE58-0CE627AB7F81} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-18] (SEC)
Task: {68F89948-D12A-40B8-B47F-A368D3ABBE99} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {6B445E90-629C-4119-B274-D231A97410B1} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-12-14] (SAMSUNG Electronics)
Task: {8118FAA4-9259-4804-85DE-690C643BBCE6} - System32\Tasks\APSchedulerC => C:\Program Files (x86)\AnyPC Client\APLanMgrC.exe [2009-11-20] (DoctorSoft)
Task: {882D04AF-C293-432A-A82C-08C804DF41D9} - System32\Tasks\{3210778E-5496-4C77-A527-F3271C956218} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe [2015-06-18] (Malwarebytes Corporation)
Task: {BBCE28BD-9400-4571-8CEA-778FC5F89160} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {C011793D-4FB1-44CA-8058-FC6CAD89981F} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {D9AD9109-3147-4F59-B0C8-DB4BAC3BCD5D} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {E0521E90-44FD-469D-8788-623FF4B52D99} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-11-18] (Samsung Electronics. Co. Ltd.)
Task: {F1131011-D4EE-4B3D-B0C7-75E410B81970} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\windows\TEMP\{555B1F96-43AA-4B8F-A2B8-27992274CCE4}.exe <==== ATTENTION
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2010-04-26 11:30 - 2005-03-12 09:07 - 00087040 _____ () C:\windows\System32\pdfmonnt.dll
2010-02-02 23:02 - 2009-03-05 05:54 - 00311296 _____ () C:\windows\SysWOW64\Rezip.exe
2011-07-01 11:00 - 2010-10-28 18:55 - 06550136 _____ () C:\Program Files\ipswitch\WS_FTP 12\res0409.dll
2010-02-02 23:11 - 2009-07-07 14:23 - 00247152 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2011-12-12 12:17 - 2014-08-25 14:30 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
2010-02-02 23:15 - 2006-08-11 23:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2014-11-03 15:53 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-11-03 15:53 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-11-03 15:53 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-11-03 15:53 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-11-03 15:53 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2009-12-04 03:59 - 2009-12-04 03:59 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-04 04:04 - 2009-12-04 04:04 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2015-08-27 18:24 - 2000-01-01 01:00 - 00714452 _____ () C:\Users\Adams\AppData\Local\Temp\T3967552228\Tor\libevent-2-0-5.dll
2015-08-27 18:24 - 2000-01-01 01:00 - 00091026 _____ () C:\Users\Adams\AppData\Local\Temp\T3967552228\Tor\libssp-0.dll
2015-08-27 18:24 - 2000-01-01 01:00 - 00517814 _____ () C:\Users\Adams\AppData\Local\Temp\T3967552228\Tor\libgcc_s_sjlj-1.dll
2015-08-27 18:24 - 2000-01-01 01:00 - 00110592 _____ () C:\Users\Adams\AppData\Local\Temp\T3967552228\Tor\zlib1.dll
2015-08-27 18:36 - 2015-08-18 01:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-27 18:36 - 2015-08-18 01:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2011-07-01 11:00 - 2010-10-28 18:52 - 00948496 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\LIBEAY32.dll
2011-07-01 11:00 - 2010-10-28 18:52 - 00153360 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\SSLEAY32.dll
2011-07-01 11:00 - 2010-10-28 18:55 - 06551672 _____ () C:\Program Files (x86)\Ipswitch\WS_FTP 12\res0409.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 6976 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1025616775-32965946-2427245248-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Adams\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{26137D47-0CB0-49D3-9CDB-433443AAB396}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{6FCD7834-50E4-42CA-B4B1-90A55BA864DE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{6DC57B63-5F82-4C4B-B21F-B4ED8AE30B8F}] => (Allow) svchost.exe
FirewallRules: [{418DB10E-6F9A-45EE-9EEE-25DA1D065349}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{9C755D83-ECBD-4C97-BAE6-1AF8B2AC4F18}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgemc.exe
FirewallRules: [{B1084A64-360F-4130-BFE7-0A86997D1B85}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgupd.exe
FirewallRules: [{9E3BA463-E4AE-404A-956C-B3C7E4402131}] => (Allow) C:\Program Files (x86)\AVG\AVG9\avgnsa.exe
FirewallRules: [TCP Query User{8239AE58-5A7A-4CE7-B5D5-E7CFC5F180F0}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [UDP Query User{F460941F-59B9-4E74-850D-7EEDCC4BDA00}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [TCP Query User{7559F51F-A7C6-485A-AD7C-E56F25DE4756}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [UDP Query User{289FE499-7570-4B89-8501-4E8BDDC532EF}C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_626\g2viewer.exe
FirewallRules: [TCP Query User{57D71E0C-02DA-4284-99B0-2D449612FEF9}C:\program files (x86)\microsoft office\office12\excel.exe] => (Allow) C:\program files (x86)\microsoft office\office12\excel.exe
FirewallRules: [UDP Query User{7A808B86-1B90-4456-BF88-32B0EDC79949}C:\program files (x86)\microsoft office\office12\excel.exe] => (Allow) C:\program files (x86)\microsoft office\office12\excel.exe
FirewallRules: [TCP Query User{2A4F61AC-AC2F-4DAA-B1AA-E3C2C6AEF524}C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [UDP Query User{3787462F-FB42-4515-91C3-F11FBE6B6EFF}C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_943\g2viewer.exe
FirewallRules: [TCP Query User{4724D3AE-6D7A-46AF-AC63-BA10519530B3}C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe
FirewallRules: [UDP Query User{AF668C6A-9A95-453C-98EF-0DDB3CD4E34B}C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1337\g2viewer.exe
FirewallRules: [TCP Query User{A9B48745-A43C-4886-AAF1-61DBBF027A36}C:\program files (x86)\ipswitch\ws_ftp 12\wsftpgui.exe] => (Allow) C:\program files (x86)\ipswitch\ws_ftp 12\wsftpgui.exe
FirewallRules: [UDP Query User{998DD478-F817-4B0E-8E09-6EF9FE048853}C:\program files (x86)\ipswitch\ws_ftp 12\wsftpgui.exe] => (Allow) C:\program files (x86)\ipswitch\ws_ftp 12\wsftpgui.exe
FirewallRules: [TCP Query User{700C3F65-997C-414F-9222-0876ECFEEA09}C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe
FirewallRules: [UDP Query User{41AE2CEA-842D-4D9F-8B00-36B97F187635}C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe] => (Allow) C:\users\adams\appdata\local\temp\g2_1606\g2viewer.exe
FirewallRules: [{C0CF8375-ABA2-48B3-995E-80363EC7ADD7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/28/2015 12:36:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:44:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:44:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:44:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:44:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:44:11 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:29:06 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:29:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:29:04 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.

Error: (08/28/2015 11:29:01 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.


System errors:
=============
Error: (08/28/2015 11:59:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AVG Free E-mail Scanner service depends on the AVG Free WatchDog service which failed to start because of the following error: 
%%1053

Error: (08/28/2015 11:59:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error: 
%%1053

Error: (08/28/2015 11:59:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.

Error: (08/28/2015 11:59:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error: 
%%1053

Error: (08/28/2015 11:59:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.

Error: (08/28/2015 11:59:18 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG Free WatchDog service failed to start due to the following error: 
%%1053

Error: (08/28/2015 11:59:18 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG Free WatchDog service to connect.

Error: (08/28/2015 11:54:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AVG Free E-mail Scanner service depends on the AVG Free WatchDog service which failed to start because of the following error: 
%%1053

Error: (08/28/2015 11:53:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMService service failed to start due to the following error: 
%%1053

Error: (08/28/2015 11:53:54 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMService service to connect.


Microsoft Office:
=========================

CodeIntegrity:
===================================
  Date: 2015-08-24 11:12:09.105
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-08-24 11:12:09.055
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Malwarebytes Anti-Malware\mbampt.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 45%
Total physical RAM: 3956.45 MB
Available physical RAM: 2165.61 MB
Total Virtual: 7912.89 MB
Available Virtual: 5755.97 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:100 GB) (Free:29.53 GB) NTFS
Drive d: () (Fixed) (Total:350.66 GB) (Free:350.55 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 8C4416FD)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=350.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================