Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-10-2015 Ran by Living Room (2015-10-03 17:23:31) Running from C:\Users\Living Room\Downloads Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-03-07 00:47:37) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Ad (S-1-5-21-21828565-3005677120-1819634571-1003 - Limited - Enabled) => C:\Users\Ad Administrator (S-1-5-21-21828565-3005677120-1819634571-500 - Administrator - Enabled) => C:\Users\Administrator Guest (S-1-5-21-21828565-3005677120-1819634571-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-21828565-3005677120-1819634571-1002 - Limited - Enabled) Living Room (S-1-5-21-21828565-3005677120-1819634571-1001 - Administrator - Enabled) => C:\Users\Living Room Mcx1-LIVINGROOM-PC (S-1-5-21-21828565-3005677120-1819634571-1008 - Limited - Enabled) => C:\Users\Mcx1-LIVINGROOM-PC.LivingRoom-PC ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden 7-zip v9.20 (HKLM\...\7-Zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated) Audacity 1.3.13 (Unicode) (HKLM\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6140 - AVG Technologies) AVG 2015 (Version: 15.0.4435 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6140 - AVG Technologies) Hidden AVG Web TuneUp (HKLM\...\AVG Web TuneUp) (Version: 4.1.6.294 - AVG Technologies) Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.470.0 - Microsoft Corporation) Bing Maps 3D (HKLM\...\{2D87E961-577B-492B-AD54-1368680FB9A7}) (Version: 4.0.903.16005 - Microsoft Corporation) bitRipper (HKLM\...\bitRipper) (Version: 1.31 - ) BlueStacks Notification Center (HKLM\...\{A7FC82AC-986D-48D5-8AAE-A75C1D829E0A}) (Version: 0.7.12.896 - BlueStack Systems, Inc.) Canon MP Navigator EX 3.0 (HKLM\...\MP Navigator EX 3.0) (Version: - ) Canon MP250 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series) (Version: - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform) Combined Community Codec Pack 2011-11-11 (HKLM\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project) Computer Requirements 1.0 (HKLM\...\{BA3582A0-2DE0-4DB8-8B74-CD34AC193F9B}_is1) (Version: - Furst Person) Cooliris for Internet Explorer (HKLM\...\{3E31F0CE-D1D7-44C0-AE9B-6221D7F2DF36}) (Version: 1.11.7.32046 - Cooliris Inc.) CryptoPrevent v4.3.0 (HKLM\...\{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1) (Version: - Foolish IT LLC) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden Data Delivery Installer x86 (HKLM\...\{D746B6F6-0483-478A-BAAB-D16637B88E5A}) (Version: 1.0.677.0 - Tangentix Ltd) DebugMode Wax 2.0 (HKLM\...\DebugMode Wax 2.0) (Version: - ) DiskAid 5.14 (HKLM\...\DiskAid_is1) (Version: 5.14 - DigiDNA) DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC) DVD Flick 1.3.0.7 (HKLM\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen) DVD Shrink 3.2 (HKLM\...\DVD Shrink_is1) (Version: - DVD Shrink) DVDFab 9.1.7.6 (28/11/2014) (HKLM\...\DVDFab 9 US_is1) (Version: - Fengtao Software Inc.) Eraser 6.0.9.2343 (HKLM\...\{18026153-83A4-40E0-96B6-41E441607518}) (Version: 6.0.2343 - The Eraser Project) Ezvid (HKLM\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.) ffdshow [rev 2527] [2008-12-19] (HKLM\...\ffdshow_is1) (Version: 1.0 - ) GameSessions Runtime x86 (HKLM\...\{CEA30023-A279-4BE4-A88B-5EA18CD06360}) (Version: 1.27.84.0 - Tangentix Ltd) Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP) HyperCam 2 (HKLM\...\HyperCam 2) (Version: 2.25.01 - Hyperionics Technology LLC) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel Android Device USB driver (HKLM\...\Intel Android Device USB driver) (Version: 1.9.0 - Intel) Java 8 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Juniper Networks Host Checker (HKU\S-1-5-21-21828565-3005677120-1819634571-1001\...\Neoteris_Host_Checker) (Version: 6.5.0.17087 - Juniper Networks) Juniper Networks Setup Client (HKU\S-1-5-21-21828565-3005677120-1819634571-1001\...\Juniper_Setup_Client) (Version: 2.1.6.9079 - Juniper Networks) Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden K-Lite Codec Pack 7.7.0 (Basic) (HKLM\...\KLiteCodecPack_is1) (Version: 7.7.0 - ) LearnCNC Game (HKLM\...\{026C76AD-0085-4721-9387-CCEEC5577076}) (Version: 1.0.0 - LearnCNC.org) Lightshot-5.1.4.17 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.17 - Skillbrains) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Camera Codec Pack (HKLM\...\{F8AFEA7D-77BD-43F3-ADF7-EF71300BEFD2}) (Version: 16.4.1620.0719 - Microsoft Corporation) Microsoft Office Excel Viewer (HKLM\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM\...\{172423F9-522A-483A-AD65-03600CE4CA4F}) (Version: 9.7.0621 - Microsoft Corporation) MotoHelper MergeModules (Version: 1.2.0 - Motorola) Hidden Mouse Suite (HKLM\...\MouseSuite98) (Version: - ) Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Moyea FLV Editor Lite version: 1.1.1.846 (HKLM\...\{8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1) (Version: - ) Mozilla Firefox 41.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Netflix in Windows Media Center (HKLM\...\{0CA72D12-F6C6-4D43-A2A0-41F5AA17E2B6}) (Version: 3.3.101.0 - Microsoft Corporation) Network (Version: 140.0.212.000 - Hewlett-Packard) Hidden Nitro Reader 3 (HKLM\...\{D94D7782-B61C-49E5-BE75-2DDC0A68EF97}) (Version: 3.0.6.3 - Nitro) NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation) NVIDIA 3D Vision Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation) NVIDIA Graphics Driver 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation) PrimoPDF -- brought to you by Nitro PDF Software (HKLM\...\PrimoPDF) (Version: 5 - Nitro PDF Software) PS_AIO_07_D110_SW_Min (Version: 140.0.142.000 - Hewlett-Packard) Hidden PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden RealDownloader (Version: 18.1.0.1233 - RealNetworks, Inc.) Hidden RealDownloader (Version: 18.1.0.1243 - RealNetworks) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealTimes (RealPlayer) (HKLM\...\RealPlayer 18.1) (Version: 18.1.0 - RealNetworks) RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Scan (Version: 140.0.77.000 - Hewlett-Packard) Hidden Scholastic eReader Support Files (HKLM\...\{7445B725-5389-4CA1-AAC1-75039BE8B26F}) (Version: 1.1.5010 - Scholastic) SDFormatter (HKLM\...\{A5355F15-F98B-4704-9BAE-E53B9FE48F48}) (Version: 3.1.0 - SD Association) SeaMonkey (2.8) (HKLM\...\SeaMonkey (2.8)) (Version: 2.8 (en-US) - Mozilla) SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group) Sling (HKLM\...\{5419F3AA-5636-4427-8FC9-380A5EC1F994}) (Version: 4.6.101 - Echostar) Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform) Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Toolbox (Version: 140.0.424.000 - Hewlett-Packard) Hidden TweakNow PowerPack 2012 (HKLM\...\TweakNow PowerPack 2012_is1) (Version: 4.1.0 - TweakNow.com) Unchecky v0.3.9 (HKLM\...\Unchecky) (Version: 0.3.9 - RaMMicHaeL) Universal Adb Driver (HKLM\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod) UpdateService (Version: 1.0.0 - RealNetworks, Inc.) Hidden VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden Video Downloader (Version: 1.0.0 - RealNetworks) Hidden Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Media Center Add-in for Flash (HKLM\...\{E2D09AC2-4153-4817-AAEB-24F92A8BCE88}) (Version: 4.1.2.0 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinHTTrack Website Copier 3.44-1 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.44.1 - HTTrack) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Wizard101 (HKLM\...\{A9E27FF5-6294-46A8-B8FD-77B1DECA3021}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.) World of Tanks v.0.6.3.11 (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1) (Version: - Wargaming.net) Xiph.Org Open Codecs 0.85.17777 (HKLM\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{04F93351-81D2-4484-9982-0D55DEFFFAE6}\InprocServer32 -> C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{CA171FED-4D7C-46b9-A201-4A11B3730942}\InprocServer32 -> C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{CEE49C36-A170-4f0c-B098-257BA4CF46E5}\InprocServer32 -> C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.) CustomCLSID: HKU\S-1-5-21-21828565-3005677120-1819634571-1001_Classes\CLSID\{EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA}\InprocServer32 -> C:\Program Files\PicLensIE\cooliris.dll (Cooliris Inc.) ==================== Restore Points ========================= 16-09-2015 11:22:27 Installed Microsoft Fix it Solution - f4c2a476-3532-4511-a4be-0f5ccc5501af 16-09-2015 11:48:40 Removed QuickTime 16-09-2015 11:52:58 Removed PDF Split And Merge Basic 16-09-2015 11:54:52 Removed Samsung Story Album Viewer 16-09-2015 12:15:16 Removed LearnCNC Game 24-09-2015 22:52:11 Scheduled Checkpoint 02-10-2015 11:17:26 Scheduled Checkpoint ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:04 - 2015-09-29 22:48 - 00001196 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 0.0.0.0 cdn.msdwnld.com 0.0.0.0 cdn.mypcbackup.com 0.0.0.0 cdn.ppdownload.com 0.0.0.0 cdn.riceateastcach.us 0.0.0.0 cdn.shyapotato.us 0.0.0.0 cdn.solimba.com 0.0.0.0 cdn.tuto4pc.com 0.0.0.0 cdn.appround.biz 0.0.0.0 cdn.bigspeedpro.com There are 5 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0A788BC0-7EF2-4FB3-8A8E-F7A3A34A27B9} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {0E18BE3C-290B-427E-9033-A140BF5BE35F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {13799A59-0C55-4258-B09F-2B21FCE758F4} - System32\Tasks\{A11FF400-817F-4296-BEDE-E3928D6D7DCE} => pcalua.exe -a "C:\Users\Living Room\Downloads\Shockwave_Installer_Slim.exe" -d "C:\Users\Living Room\Downloads" Task: {1501089D-0119-4F18-B0BD-A0201089D797} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-500 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {1974EA6D-B7A0-4D7C-996D-731B8AFCC7DC} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {19F17239-5DB2-4FEA-8F7F-2604C320B04A} - System32\Tasks\Real Player online update program => C:\Program Files\Real\RealPlayer\update\realsched.exe [2015-09-25] (RealNetworks, Inc.) Task: {1CE4D6BC-A7B2-4A09-811D-2FDBADB39D24} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {2A4A42B3-F3F8-4C75-B06C-30F6AD7883F2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {3F0888B1-63BC-4309-B297-98AD6C9FAE1E} - \RealTimes (32-bit) -> No File <==== ATTENTION Task: {61A1567B-E4EA-4BE6-BF08-E87E38A3A2CE} - System32\Tasks\{3D601AD9-120A-4687-919B-3B7399D81418} => pcalua.exe -a C:\PROGRA~1\NETRAT~1\NetSight\NSSetup.exe -c /uninstall Task: {664A6E6B-5A76-4C30-87E2-35E736844E10} - System32\Tasks\{34216FFF-3223-454A-ACA4-984C7A071F49} => pcalua.exe -a "C:\Users\Living Room\Downloads\setup_11.0.0.1245.x01_2011_12_29_12_31.exe" -d "C:\Program Files\Mozilla Firefox" Task: {676E793A-7563-466A-8CA9-B6B87B1456A3} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {71F83728-E7F5-478A-87DC-D4E42A313A54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {917EE8F3-8271-4E2F-8195-8827B137AB60} - System32\Tasks\Swiki_Checker => C:\Windows\SChecker\SC_li.exe [2012-10-16] ( ) Task: {95D39476-81A6-4A7D-AF71-92D36DBFAEAF} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {9E6E6454-AD96-4CD4-8ADE-892CE6520374} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-21828565-3005677120-1819634571-1003 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {A3752072-5848-4672-BAF5-B95EF4B33868} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd) Task: {AE1DDD14-0434-47CC-AF0B-8F2A009895A7} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {C79E8CD1-CEC8-4E24-8A08-AE900FA835F6} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-LIVINGROOM-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation) Task: {CAD5E08F-740B-442E-B60B-BFC8AC75C264} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-500 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {CE8B03AF-12AC-4F11-9272-D3ACDF3D325C} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\RealNetworks\RealDownloader\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {CF7DF7B6-3569-44EB-AA4A-9A932F430069} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-21828565-3005677120-1819634571-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2015-09-16] (RealNetworks, Inc.) Task: {D6F82FBB-11EC-4E5B-A03E-B4F3ADD4BFA9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {D78045A3-DE77-4BFE-BCE7-CF8A4474324F} - System32\Tasks\RealDownloader Update Check => C:\Program Files\RealNetworks\RealDownloader\downloader2.exe [2015-09-16] () Task: {E9986AA7-C1F0-4F38-80FD-4B79B8065FAA} - System32\Tasks\{483B03F0-3A20-4A75-8DA2-916335D22D1F} => Firefox.exe http://ui.skype.com/ui/0/6.3.0.107/en/abandoninstall?page=tsProgressBar Task: {F092F3E0-2932-4FD0-98F5-D2F7C3DE8A66} - System32\Tasks\Alarm Clock Task: {F46D9D30-584B-465B-BE5F-2A9276BEFACF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {F7B68EAC-E2EB-4E59-8D2A-CB2470DF4C3F} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-08-04] (Oracle Corporation) Task: {F8E53776-C030-46E3-B909-4C25A8B85871} - System32\Tasks\DivX Update => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2014-01-10] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2015-05-04 10:39 - 2015-09-11 09:12 - 01205136 ____N () C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe 2012-05-13 01:21 - 2015-02-03 22:05 - 00106640 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2013-01-25 13:05 - 2011-02-28 18:37 - 00180624 _____ () C:\Windows\System32\Primomonnt.dll 2012-10-23 18:58 - 2012-10-23 18:58 - 00120728 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe 2012-10-17 16:42 - 2012-10-17 16:42 - 00172032 _____ () C:\Program Files\Motorola Mobility\Motorola Device Manager\css_core.dll 2015-09-16 18:26 - 2015-09-16 18:26 - 00033088 _____ () C:\Program Files\Real\UpdateService\RealPlayerUpdateSvc.exe 2015-09-16 18:26 - 2015-09-16 18:26 - 00037720 _____ () C:\Program Files\Real\UpdateService\DL2UpdatePlugin.dll 2015-09-16 18:26 - 2015-09-16 18:26 - 00039768 _____ () C:\Program Files\Real\UpdateService\RealDownloaderUpdatePlugin.dll 2015-09-16 18:26 - 2015-09-16 18:26 - 00037728 _____ () C:\Program Files\Real\UpdateService\VideoDLUpdatePlugin.dll 2015-09-16 16:31 - 2015-09-16 16:31 - 00066832 _____ () C:\Program Files\RealNetworks\RealDownloader\dtvhooks.dll 2015-09-16 16:31 - 2015-09-16 16:31 - 00598800 _____ () C:\Program Files\RealNetworks\RealDownloader\downloader2.exe 2015-09-16 16:22 - 2015-09-16 16:22 - 01382048 _____ () C:\Program Files\RealNetworks\RealDownloader\cpprest100_1_2.dll 2015-09-25 11:45 - 2015-09-25 11:45 - 00653096 _____ () c:\program files\real\realplayer\RPDS\Lib\r1api.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:96D0C06F ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 11213 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-21828565-3005677120-1819634571-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Living Room\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: lxddCATSCustConnectService => 2 MSCONFIG\Services: lxdd_device => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA1100 Smart Wizard.lnk => C:\Windows\pss\NETGEAR WNA1100 Smart Wizard.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Living Room^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup MSCONFIG\startupfolder: C:^Users^Living Room^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BingDesktop => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe /fromkey MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart MSCONFIG\startupreg: FreeAC => C:\Program Files\FreeAlarmClock\FreeAlarmClock.exe -autorun MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe MSCONFIG\startupreg: LightShot => C:\Users\Living Room\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue MSCONFIG\startupreg: lxddamon => "C:\Program Files\Lexmark 2500 Series\lxddamon.exe" MSCONFIG\startupreg: lxddmon.exe => "C:\Program Files\Lexmark 2500 Series\lxddmon.exe" MSCONFIG\startupreg: Mouse Suite 98 Daemon => ICO.EXE MSCONFIG\startupreg: Xvid => C:\Program Files\Xvid\CheckUpdate.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [TCP Query User{363B07A6-6843-4893-A149-44FED04D4E98}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe FirewallRules: [UDP Query User{1CE2EDC7-E170-44F7-99D0-0388D185802E}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe FirewallRules: [TCP Query User{E5F59C4E-EF57-4453-9C31-FE7F68CCB390}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe FirewallRules: [UDP Query User{759DBE9A-5F86-4F55-9087-1C7C1202D427}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe FirewallRules: [TCP Query User{506D4939-ECC8-4104-883A-0670843849AD}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{ADAAD328-D69E-4BA4-A149-5218A550F52A}C:\program files\google\google earth\client\googleearth.exe] => (Allow) C:\program files\google\google earth\client\googleearth.exe FirewallRules: [TCP Query User{9A385417-CC22-4A42-BBE1-1C2804DA2BB6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{63CE0C7C-B861-4563-842D-6838EAFD679C}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{670DAA51-819F-4431-81B0-D19D5CAD52DE}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{D0B7D083-F622-4058-9B33-74F27350F494}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{54687C0C-8C35-4E8B-A48A-78451122B498}] => (Allow) LPort=135 FirewallRules: [{5F3A4C7F-3AD0-478C-A3F9-BB4D0261C937}] => (Allow) LPort=5000 FirewallRules: [{0C3F9020-0BE7-4AB7-A46E-403CE87435B1}] => (Allow) LPort=5001 FirewallRules: [{D1F1A318-8629-4284-BE73-9C76EFB8972B}] => (Allow) LPort=5002 FirewallRules: [{E160F4D5-5B7A-4674-8F90-C9A291A1DAFE}] => (Allow) LPort=5003 FirewallRules: [{6FEB1F49-0E67-4247-A4F6-C59F37DF2FE1}] => (Allow) LPort=5004 FirewallRules: [{8E8A7983-C8D6-476B-8B17-66BFDE3B64A5}] => (Allow) LPort=5005 FirewallRules: [{5DBF5E72-E1F5-4980-B034-B3BB9524B1E4}] => (Allow) LPort=5006 FirewallRules: [{29A30835-EB15-44E6-B13D-AEA20F21F617}] => (Allow) LPort=5007 FirewallRules: [{211B4269-7CB0-47ED-90AA-A64FE24578CC}] => (Allow) LPort=5008 FirewallRules: [{3F024BBE-097E-4BE5-9748-A258FE7AE03A}] => (Allow) LPort=5009 FirewallRules: [{E8C9C3D7-3711-4BD2-84D5-C5E4FF21BDEA}] => (Allow) LPort=5010 FirewallRules: [{87FA39EA-1F4D-4509-AF1C-F54B13159CF0}] => (Allow) LPort=5011 FirewallRules: [{2FCBA10B-8D7D-4A84-B619-CF48ECA6E818}] => (Allow) LPort=5012 FirewallRules: [{6FFA5C94-26AF-4799-82FA-FA66F4E89CA9}] => (Allow) LPort=5013 FirewallRules: [{423ED4C5-2B6C-48E9-BECB-D14D13CD6B33}] => (Allow) LPort=5014 FirewallRules: [{D713E522-EC3D-463D-B429-6EFD7208F950}] => (Allow) LPort=5015 FirewallRules: [{640E676D-A626-41C4-AB05-53B26553CE77}] => (Allow) LPort=5016 FirewallRules: [{EB52A724-71B6-4151-809C-5C59285D026F}] => (Allow) LPort=5017 FirewallRules: [{8C2B2756-2DDD-43A3-BC42-05419ECECAC9}] => (Allow) LPort=5018 FirewallRules: [{E4D7ABFD-9161-4C4E-8AC7-BEA7FCF4D846}] => (Allow) LPort=5019 FirewallRules: [{DDBAB44E-9475-4C8F-9B02-24592D29D6B4}] => (Allow) LPort=5020 FirewallRules: [TCP Query User{BF38D799-3F9F-41A9-AA2B-F3276AF905E8}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [UDP Query User{D7BE11CB-87F2-4763-8ED3-EEB9CC3B4FC9}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe FirewallRules: [{79A96DFA-7534-4940-A575-ABF4D2597DC2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{0D8F7C03-CD64-415A-99F1-C9DE7430C058}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{0C662482-70EB-471C-B9A0-D1B9D6E2417E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{4AFD7986-DB86-42AE-8064-2680B885C8F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{735ACA3E-F766-462C-926F-6280D6A7E88F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{16F0C1DD-59F3-40EE-A1B4-C9534EDCC1D1}] => (Allow) LPort=80 FirewallRules: [{E92CB1E1-A858-4853-8B48-41AE0048EE76}] => (Allow) LPort=443 FirewallRules: [{07918651-A2C1-4CD8-B000-D062911EA913}] => (Allow) LPort=20010 FirewallRules: [{187B111C-209E-4CF0-8A54-BB8CB1073FE7}] => (Allow) LPort=3478 FirewallRules: [{5EBCD01F-B0A3-4049-9DEC-9379CB20A2CC}] => (Allow) LPort=7850 FirewallRules: [{A66C9069-9884-438C-A948-2B4F093F1DD0}] => (Allow) LPort=27022 FirewallRules: [{B9AA7E08-953D-4169-87D4-BF2DF2C1FFC9}] => (Allow) LPort=6881 FirewallRules: [{04E6825C-AD2D-4D31-A024-704BBCD19696}] => (Allow) LPort=33333 FirewallRules: [{CF075880-9048-4AB3-A0E1-46F01D2583ED}] => (Allow) LPort=20443 FirewallRules: [{9AF51EB9-F748-45BA-922B-1398A8CDCDE9}] => (Allow) LPort=8090 FirewallRules: [TCP Query User{285062FE-7E65-4CB6-A892-8AC5D5D9A7D4}C:\program files\paltalk messenger\paltalk.exe] => (Allow) C:\program files\paltalk messenger\paltalk.exe FirewallRules: [UDP Query User{AB9C3F8B-DD7B-432B-BFDE-E104F3FBAA0E}C:\program files\paltalk messenger\paltalk.exe] => (Allow) C:\program files\paltalk messenger\paltalk.exe FirewallRules: [{A8D60430-A231-4876-A9B4-45C71B141D44}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{4B220DBC-133B-4751-9B60-EEB9BDB5FA76}] => (Allow) LPort=2869 FirewallRules: [{95E2C2B7-D7F5-4E8A-BB76-D11AA089D4E3}] => (Allow) LPort=1900 FirewallRules: [{83FD6001-6872-404B-AB55-5B07794AF626}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{63678864-2D9D-48C4-AE57-716D07DA3003}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{FAC9034C-F88B-4ED8-9802-9235DC318454}] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{C0353AC5-56BA-42A5-842B-9E81932660D5}] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{906A7671-6207-4570-B696-B9B030D4B11C}] => (Allow) %SystemRoot%\System32\vpc.exe FirewallRules: [{15AFFFFC-1838-4F1D-90BC-D72BF5BEBA7B}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{843C0F7E-D6E3-49FA-92F9-77ECDA07902B}] => (Allow) C:\Program Files\Steam\Steam.exe FirewallRules: [{419B11A2-705A-41C7-AA19-B235F858AF8A}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [TCP Query User{07262C9F-E359-434D-B2B6-B0E01DAD3163}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe FirewallRules: [UDP Query User{B879BA91-D8B6-4481-AA07-C8923541FF78}C:\programdata\sling\sling.exe] => (Allow) C:\programdata\sling\sling.exe FirewallRules: [{F74F3AC9-6127-478C-93DB-801C9D585FB4}] => (Allow) LPort=8733 FirewallRules: [{214F6AF1-1A1D-4E1D-BFA1-11C330BCF0DF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{DEF35385-2EB7-41D4-8178-2BB55AB1FAA7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{9493E670-5928-40AF-9899-DB72A0A7791F}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe FirewallRules: [{E599889A-B423-4097-ADF1-3D95FC2703B6}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe FirewallRules: [{1334A7A2-C31F-41D5-A7D0-575A304705ED}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe FirewallRules: [{2F1AE1EC-5F23-4CBB-8E07-522A134AF2E8}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe FirewallRules: [{3017E6C2-4054-488A-B2B3-5EA921B8DBFB}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe FirewallRules: [{B2B3A9A3-F449-46BC-9EEB-A1945070315C}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe FirewallRules: [{A563009B-DB97-43BA-AE4C-8FB74CD3B03A}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe FirewallRules: [{CB770742-8231-4256-8E78-48790F5F6933}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe FirewallRules: [TCP Query User{91EC8D9C-8A6F-435E-B308-84C3ECAD5860}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{500BE332-20D7-4ECE-AA84-4E6B054B1DE7}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [{B9A04FC0-DF1C-421E-BE1F-3FA226E24CE5}] => (Allow) c:\program files\real\realplayer\RPDS\Bin\rpdsvc.exe FirewallRules: [{888D6082-DFCE-45E2-B469-13ED84912D7E}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (10/02/2015 10:14:30 PM) (Source: Disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (10/02/2015 10:14:26 PM) (Source: Disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (10/02/2015 10:14:21 PM) (Source: Disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (09/29/2015 11:06:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 3 time(s). Error: (09/29/2015 11:05:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (09/29/2015 10:58:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (09/29/2015 10:48:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The BlueStacks Android Service service terminated with the following error: %%1064 Error: (09/29/2015 10:46:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (09/29/2015 10:46:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (09/29/2015 10:46:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2015-07-16 04:36:45.377 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-16 04:35:29.642 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-16 01:01:26.689 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-16 01:01:26.680 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-16 01:01:26.671 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-16 00:59:42.549 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-16 00:55:23.384 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-15 00:59:12.616 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-15 00:59:12.607 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. Date: 2015-07-15 00:59:12.598 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Percentage of memory in use: 37% Total physical RAM: 3326.18 MB Available physical RAM: 2080.07 MB Total Virtual: 6650.67 MB Available Virtual: 4909.9 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:508.38 GB) (Free:70.54 GB) NTFS Drive d: (GRMCPRFRER_EN_DVD) (CDROM) (Total:2.33 GB) (Free:0 GB) UDF Drive e: (Movies) (Fixed) (Total:205.61 GB) (Free:139.03 GB) NTFS Drive f: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive z: (backup) (Fixed) (Total:217.42 GB) (Free:91.81 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B4872B98) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=508.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=217.4 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=205.6 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================