Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-10-2015 Ran by jeff (2015-10-13 20:21:05) Running from C:\Users\jeff\Desktop\windows fixers Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-03-18 21:41:49) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3500784855-1693768436-1053855414-500 - Administrator - Disabled) Guest (S-1-5-21-3500784855-1693768436-1053855414-501 - Limited - Enabled) jeff (S-1-5-21-3500784855-1693768436-1053855414-1000 - Administrator - Enabled) => C:\Users\jeff Kami (S-1-5-21-3500784855-1693768436-1053855414-1004 - Limited - Enabled) => C:\Users\Kami.stewedsunshine Vamp (S-1-5-21-3500784855-1693768436-1053855414-1006 - Limited - Enabled) => C:\Users\Vamp ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3500784855-1693768436-1053855414-1000\...\uTorrent) (Version: 3.4.5.41162 - BitTorrent Inc.) 7-Zip 15.07 beta (HKLM-x32\...\7-Zip) (Version: 15.07 - Igor Pavlov) Absolute Key Logger Removal Tool (HKLM-x32\...\Absolute Key Logger Removal Tool_is1) (Version: 1.0 - Security Stronghold) Active@ ISO Burner (HKLM-x32\...\{7694E0B1-2332-448B-9235-929F84B41E3F}) (Version: 2.1.0 - LSoft Technologies) ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden Adobe Reader X (10.1.15) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.0.162 - Adobe Systems, Inc.) Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.10.3042.71197 - Alcor Micro Corp.) Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{CE29AF6F-4BF5-485F-8736-9AE4A400748B}) (Version: 1.5.17.05103 - Alcor Micro Corp.) Alcor Micro USB Card Reader (x32 Version: 1.5.17.05103 - Alcor Micro Corp.) Hidden Alcor Micro USB Card Reader (x32 Version: 3.10.3042.71197 - Alcor Micro Corp.) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) ArcSoft MediaImpression 2 (HKLM-x32\...\{3D9326E1-E378-48A6-A82B-800147E63306}) (Version: 2.0.50.560 - ArcSoft) Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.1.0 - Auslogics Labs Pty Ltd) Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 5.0.2.0 - Auslogics Labs Pty Ltd) Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.4.2233 - AVAST Software) AVG 2011 (Version: 10.0.1209 - AVG Technologies) Hidden Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version: - ) Best Removal Tool (HKLM\...\Best Removal Tool_is1) (Version: - www.bestremovaltool.com) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.) CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.) Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.) Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.7.0.3 - Canon Inc.) Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.8.0.5 - Canon Inc.) Canon Utilities Digital Photo Professional 3.11 (HKLM-x32\...\DPP) (Version: 3.11.4.10 - Canon Inc.) Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.0.204 - Canon Inc.) Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.) Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.) Canon Utilities Movie Uploader for YouTube (HKLM-x32\...\MovieUploaderForYouTube) (Version: 1.2.0.7 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.) Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.2.33 - Canon Inc.) Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.1.10 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform) Cheetah DVD Burner (HKLM-x32\...\{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}) (Version: - ) CleanMyPC - Registry Cleaner (HKLM-x32\...\CleanMyPC - Registry Cleaner_is1) (Version: - CleanMyPC Software) CloneDVD 4.3.0.3 (HKLM-x32\...\MainApp.exe_is1) (Version: - Copyright (C) 2003-2008 DVD X Studios.) Contact Sheets 1.7.0.1 (HKLM-x32\...\{6A18FC1F-DFDC-4F76-96E0-58414F7C02EA}) (Version: 1.0.0 - Echo Images) CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2111 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DiskMax 5.01 (HKLM\...\DiskMax) (Version: 5.01 - KoshyJohn.com) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.93 - DivX, LLC) DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.22 - NCH Software) Enhanced Multimedia Keyboard Solution (HKLM-x32\...\KBD) (Version: 1.0.9.2 - Hewlett-Packard) Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.) FaxRedist (HKLM-x32\...\{2C8CC208-965C-48A1-90A8-DFB484358F1C}) (Version: 1.0.0 - ) File Shredder 2.0 (HKLM-x32\...\File Shredder_is1) (Version: - WipeSoft) FLAC 1.2.1b (remove only) (HKLM-x32\...\FLAC) (Version: 1.2.1b - Xiph.org) Free Convert to DIVX AVI WMV MP4 MPEG Converter 5.8 (HKLM-x32\...\Free Convert to DIVX AVI WMV MP4 MPEG Converter_is1) (Version: - Xillvideo Software, Inc.) Free Hide Folder (HKLM-x32\...\Free Hide Folder) (Version: - ) Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft) Free RAR Extract Frog (HKLM-x32\...\Free RAR Extract Frog) (Version: 1.80 - Philipp Winterberg) Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.250 - SurfRight B.V.) HP Active Support Library (HKLM-x32\...\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}) (Version: 3.1.9.1 - Hewlett-Packard) HP Customer Experience Enhancements (HKLM-x32\...\{64B9E2F5-558E-4C56-B419-A1679518F6E7}) (Version: 5.7.0.2784 - Hewlett-Packard) HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.0.2401 - Hewlett-Packard) HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2217 - Hewlett-Packard) HP MediaSmart SmartMenu (HKLM\...\{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}) (Version: 2.0.8 - Hewlett-Packard) HP Total Care Advisor (HKLM-x32\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.5106.2815 - Hewlett-Packard) HP Total Care Setup (HKLM-x32\...\{38058455-8C21-4C2F-B2F6-14ED166039CB}) (Version: 1.1.1983.2818 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPAsset component for HP Active Support Library (x32 Version: 3.0.1.0 - Hewlett-Packard) Hidden iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.) Image Grabber II.NET (HKLM-x32\...\{F343FA04-CFC0-487C-A617-A5E8CF4D7B10}) (Version: 2.0.2 - MIDOCUS) ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden Intel Driver Update Utility (HKLM-x32\...\{ca4bc3a8-b99c-4416-90d8-351a8ceab458}) (Version: 2.2.0.2 - Intel) Intel(R) Driver Update Utility 2.2 (x32 Version: 2.2.0.1 - Intel) Hidden iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.0904 - CyberLink Corp.) LabelPrint (x32 Version: 2.5.0904 - CyberLink Corp.) Hidden Lexmark 5400 Series (HKLM\...\Lexmark 5400 Series) (Version: - Lexmark International, Inc.) LightScribe System Software (HKLM-x32\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe) LightScribe Template Labeler (HKLM-x32\...\{5BD0CB24-11AF-4BA8-A198-38D25257C656}) (Version: 1.14.25.1 - LightScribe) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Media Cope 3.3 (HKLM-x32\...\Media Cope_is1) (Version: - Media Cope) Memeo AutoSync (HKLM-x32\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version: - Memeo Inc.) Memeo Send (HKLM-x32\...\{81784157-3D4D-4bc1-B988-B24C32A26DA8}) (Version: 1.5.0.2904 - Memeo Inc.) Memeo Share (HKLM-x32\...\{1BC77CEF-C52F-4092-BF87-0D4E6B86D860}) (Version: 3.1.0.3265 - Memeo Inc.) Memory Cleaner 2.00 (HKLM-x32\...\MemClean) (Version: 2.00 - KoshyJohn.com) Menu Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Live Search Toolbar (HKLM-x32\...\{4FAB5122-775E-4418-B8D9-E2873BC93570}) (Version: 3.0.541.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 60 day trial (HKLM\...\OfficeTrial) (Version: - ) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Movie Templates - Starter Kit (x32 Version: 9.0.4.0 - Nero AG) Hidden Mozilla Firefox 41.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0.1 (x86 en-US)) (Version: 41.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.1.5750 - Mozilla) MPC-HC 1.7.6 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.6 - MPC-HC Team) MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) muvee Reveal (HKLM-x32\...\{19506BDB-4EA7-491F-E8AB-E97109FDB296}) (Version: 7.0.35.7315 - muvee Technologies Pte Ltd) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9713 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.57.35 - NVIDIA Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.) Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC) PDFill FREE PDF Writer (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC) PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.2112 - CyberLink Corp.) Power2Go (x32 Version: 6.0.2112 - CyberLink Corp.) Hidden PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.2202 - CyberLink Corp.) PowerDirector (x32 Version: 7.0.2202 - CyberLink Corp.) Hidden Python 2.5.2 (HKLM-x32\...\{6B976ADF-8AE8-434E-B282-A06C7F624D2F}) (Version: 2.5.2150 - Python Software Foundation) RealDownloader (x32 Version: 1.3.1 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6716 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Recuva (HKLM\...\Recuva) (Version: 1.44 - Piriform) Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.) Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden SoundTrax (x32 Version: 4.2.5.0 - Nero AG) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.) SpywareBlaster 5.2 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.2.0 - BrightFort LLC) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Explorer 3.9.0 (HKLM-x32\...\System Explorer_is1) (Version: - Mister Group) TeamSpeak 3 Client (HKU\S-1-5-21-3500784855-1693768436-1053855414-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.10.57.1020 - Electronic Arts Inc.) thinkorswim from TD AMERITRADE (HKLM-x32\...\thinkorswim from TD AMERITRADE) (Version: - TD AMERITRADE, Inc.) Thumbnail me 3.0 (HKU\S-1-5-21-3500784855-1693768436-1053855414-1000\...\Thumbnail me 3.0) (Version: - ) Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Service (x32 Version: 3.2.0 - ) Hidden Update Service (x32 Version: 4.1.0 - ) Hidden VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}) (Version: 8.0.0.35 - GRISOFT, s.r.o.) Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 13-10-2015 17:39:43 Removed AT&T Locker Uploader. ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-11-07 14:24 - 2015-10-07 09:06 - 00449968 ____R C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com There are 15467 more lines. ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1275EC1D-5F2A-495A-B650-B8AD79B10B4B} - System32\Tasks\HPCeeScheduleForjeff => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2008-09-16] (Hewlett-Packard) Task: {141558E9-50C7-4EAD-9E74-A13134E56E5C} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe Task: {1ADEEB3C-2E60-4B26-9225-EF1987DB21B1} - System32\Tasks\{92C18BAD-A660-4569-B3F5-870527254799} => pcalua.exe -a "C:\Program Files (x86)\CA\CA Internet Security Suite\caunst.exe" -c /u Task: {1CF0016A-6713-4664-A35F-ED57C1E943A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {208ACF13-243E-4981-93EF-735F198B8707} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3500784855-1693768436-1053855414-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {2A666D99-CB7E-4829-A0AB-1C79F9EBC1ED} - System32\Tasks\GoogleUpdateTaskMachineCore1d0e1bae53b4da0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {2C3885F5-E968-444F-97AD-E250E0090BED} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3500784855-1693768436-1053855414-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {2D69AB55-598D-43D4-BFED-0447BE34081F} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe Task: {335195CB-1877-4E57-A9DD-29876676E490} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2013-09-20] (Safer-Networking Ltd.) Task: {35C05A92-27FF-4E9C-97F8-9E5E29ABA312} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3500784855-1693768436-1053855414-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {438C4C34-BA1C-4D54-BD94-D61521200283} - System32\Tasks\{4DE71C25-3835-493C-A821-59582CF3BCCD} => pcalua.exe -a K:\Setup.exe -d K:\ Task: {45913212-955A-452D-962B-1FEA43AFDB06} - System32\Tasks\NCH Software\videopadDowngrade => C:\Program Files (x86)\NCH Software\VideoPad\videopad.exe Task: {499C65A5-880B-4243-A320-02B92A222A4D} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3500784855-1693768436-1053855414-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {4AF79F1F-7743-42AC-875A-75F76B735AE4} - System32\Tasks\{CB93A393-BC45-4AFC-861B-B6FDFA6D8A60} => pcalua.exe -a C:\PROGRA~2\UTORRE~1\UNWISE.EXE -c /U C:\PROGRA~2\UTORRE~1\INSTALL.LOG Task: {5181629B-3098-41A2-A4BD-28102A1A4EE6} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe Task: {553281C4-47B7-4314-B61D-E7D5F62653DA} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe Task: {598143E1-B231-48B6-A65A-6DD6E467AE5F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3500784855-1693768436-1053855414-1006 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {64F26A2F-E1A0-4ED7-8BB9-87BDB5C6ADC9} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3500784855-1693768436-1053855414-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {65F007B7-0E4E-4AB5-8641-F0F5B44A22D0} - System32\Tasks\Driver Support-RTMScanRunOnce => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe Task: {6AE97B9E-9DF7-4CAC-9805-ED1C75676650} - \Driver Detective-RTMUpdater -> No File <==== ATTENTION Task: {6B298353-F22C-45F5-BE8F-726350F5615A} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2013-09-20] (Safer-Networking Ltd.) Task: {708E691F-FAD8-4C1B-B7BA-4577575E7936} - \Driver Detective-RTMScan -> No File <==== ATTENTION Task: {7202F629-4781-4222-A6CA-8EC5EA7A4A70} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe Task: {771768AA-5430-4FE7-B6C0-5038E3C46B59} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2013-09-20] (Safer-Networking Ltd.) Task: {7A99F31A-601B-4824-B2A1-60B0D606ED8F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.) Task: {7CF89046-DEF8-4EF2-B5BE-4A24E16E0B89} - \TweakBit\PCRepairKit\Start PCRepairKit оn logon -> No File <==== ATTENTION Task: {8197A505-790A-4913-B7C7-6E367BCE8518} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3500784855-1693768436-1053855414-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {8BDB6393-D187-4763-B113-A8FFBEC34DE2} - System32\Tasks\Microsoft\Windows\RestartManager\{90814538-D5C6-4621-B65F-CB38DE388BBD} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {95251DDF-E007-4DDC-9CD4-BC03140E2256} - System32\Tasks\Auslogics\Disk Defrag\Start Disk Defrag On jeff Logon => C:\Program Files (x86)\Auslogics\DiskDefrag\DiskDefrag.exe [2014-02-27] (Auslogics) Task: {A335E6F8-E3DA-4154-B7C3-610F56238615} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3500784855-1693768436-1053855414-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {A579E604-A3C1-40C9-8F0D-4FB9F508BF95} - System32\Tasks\{672E94E0-B654-498C-8422-703BEEAF4163} => pcalua.exe -a C:\Users\jeff\Desktop\64bitRegReminder.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {AD815E9C-508C-45DF-9220-8415038BE3C4} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe Task: {B2DABD50-DEFC-4598-8E85-9F7320BE2764} - System32\Tasks\Microsoft\Windows\RestartManager\{A2EEEF39-9065-4faf-95A7-15C71485EA2E} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation) Task: {B60C157B-FC53-43D0-AE8C-D17F7393639F} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09] (Hewlett-Packard) Task: {B68EAC46-2560-450D-B8D6-C6B2ADCF4C32} - System32\Tasks\COMODO Updater => C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe Task: {BB3AB48E-1BD5-423D-9368-32937335EB80} - System32\Tasks\{DD1ADA7D-45CD-4157-9AA9-28B559842E93} => pcalua.exe -a C:\Users\jeff\Desktop\spybotsd_includes.exe -d C:\Users\jeff\Desktop Task: {C0800C2D-D814-4538-AAE0-38A383D4385A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3500784855-1693768436-1053855414-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {C395DA7D-07FF-4D61-845F-CF79E53F05EB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd) Task: {C3B45769-3A56-468D-A68B-3BB46B205700} - System32\Tasks\{801464D4-7E8B-4020-B17E-FE9D3D6A0645} => pcalua.exe -a C:\Users\jeff\Downloads\DAMN_NFO_Viewer_v2-10-0032-RC3.exe -d C:\Users\jeff\Downloads Task: {C6789404-FEB2-4F50-BF1E-C012EF02A0FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {CA90C11E-52E1-4F5A-A3FF-DDDB8E103CEC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-01] (AVAST Software) Task: {D4D67838-3D72-43BA-A80C-B6EBD88A908A} - \Driver Detective-RTMRules -> No File <==== ATTENTION Task: {E43CD416-5A6A-421A-8CB2-A0E184DACD6B} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3500784855-1693768436-1053855414-1004 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {F27658D7-0FC4-42C7-BBA0-CCE62290187B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3500784855-1693768436-1053855414-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-03-06] (RealNetworks, Inc.) Task: {F392F5CC-ACFB-495E-8128-DF9A00F2C8ED} - System32\Tasks\ErrorFix Startup => C:\Program Files (x86)\ErrorFix\ErrorFix.exe Task: {FF69918F-E01A-471E-BAFD-971B78643D67} - System32\Tasks\{592E4C14-0745-43A4-BC35-F84224B67BF7} => pcalua.exe -a C:\Users\jeff\Desktop\sp40961.exe -d C:\Users\jeff\Desktop (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e1bae53b4da0.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForjeff.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe ==================== Loaded Modules (Whitelisted) ============== 2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2013-10-31 13:47 - 2013-10-31 13:47 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll 2009-11-16 13:09 - 2006-10-18 08:24 - 00045056 _____ () C:\Windows\System32\lxctpmon.dll 2009-11-16 13:08 - 2006-10-18 06:32 - 00081408 _____ () C:\Program Files (x86)\Lexmark 5400 Series\ipcmt64.dll 2009-11-16 13:12 - 2006-11-13 05:40 - 00146432 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxctdrpp.dll 2015-07-11 08:42 - 2015-10-01 09:59 - 00103376 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-07-11 08:42 - 2015-10-01 09:59 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2015-10-13 16:53 - 2015-10-13 16:53 - 02994544 _____ () C:\Program Files\AVAST Software\Avast\defs\15101300\algo.dll 2015-10-13 19:51 - 2015-10-13 19:51 - 02994544 _____ () C:\Program Files\AVAST Software\Avast\defs\15101301\algo.dll 2013-11-19 14:35 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2013-11-19 14:35 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2013-11-19 14:35 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2013-11-19 14:35 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2013-11-19 14:35 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2013-11-20 16:20 - 2015-10-01 09:59 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:0B4227B4 AlternateDataStreams: C:\ProgramData\Temp:32C264A1 AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:413E2927 AlternateDataStreams: C:\ProgramData\Temp:430C6D84 AlternateDataStreams: C:\ProgramData\Temp:5C321E34 AlternateDataStreams: C:\ProgramData\Temp:737FFF57 AlternateDataStreams: C:\ProgramData\Temp:A8ADE5D8 AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2 AlternateDataStreams: C:\ProgramData\Temp:E965A533 AlternateDataStreams: C:\ProgramData\Temp:ECF54A0E ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sndappv2 => ""="service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com There are 7867 more restricted sites. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3500784855-1693768436-1053855414-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jeff\Pictures\2012_03_23 back yard sun set\IMG_0722.JPG DNS Servers: 192.168.200.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: ACDaemon => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: CLDTVHNService => 3 MSCONFIG\Services: GameConsoleService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: HP Health Check Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: LightScribeService => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2 MSCONFIG\Services: SeagateDashboardService => 3 MSCONFIG\Services: SystemExplorerHelpService => 3 MSCONFIG\Services: vToolbarUpdater14.2.0 => 2 MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => MSCONFIG\startupreg: AmIcoSinglun64 => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe MSCONFIG\startupreg: AppleSyncNotifier => MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: ArcSoft Connection Service => "C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" MSCONFIG\startupreg: DivXMediaServer => "C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpsysdrv => c:\hp\support\hpsysdrv.exe MSCONFIG\startupreg: InstaLAN => "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Lexmark 5400 Series => "C:\Program Files (x86)\Lexmark 5400 Series\fm3032.exe" /s MSCONFIG\startupreg: LXCTCATS => rundll32 C:\Windows\system32\spool\DRIVERS\x64\3\LXCTtime.dll,RunDLLEntry MSCONFIG\startupreg: Memeo AutoSync => "C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe" --silent MSCONFIG\startupreg: PCShowServer => "C:\Users\jeff\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: Seagate Dashboard => "C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe" --silent --no_ui MSCONFIG\startupreg: SmartMenu => %ProgramFiles%\Hewlett-Packard\HP MediaSmart\SmartMenu.exe MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot MSCONFIG\startupreg: UpdatePDIRShortCut => "c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0" MSCONFIG\startupreg: UpdatePSTShortCut => "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{A48ABF9E-7CB2-4551-80B5-B7B377F5F368}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR.EXE FirewallRules: [{D294A8F4-1E5C-4FEA-9E88-FAD461D691A2}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartMusic.exe FirewallRules: [{262924B9-8A58-48D9-A3AC-4D94BBDABDCB}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartPhoto.exe FirewallRules: [{EB60BABC-BCB1-4C90-849C-2F212C278534}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\HPTouchSmartVideo.exe FirewallRules: [{9064BC67-1A29-4C96-AF66-01B98150E6D8}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe FirewallRules: [{B7370C08-A815-4D3C-BDEE-E7F2AB5BE2B1}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe FirewallRules: [{3DA5C405-44E2-4368-A68F-FE4C6A304875}] => (Allow) c:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe FirewallRules: [{43703EAE-1698-4197-ABEE-1B1224D40B95}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe FirewallRules: [{EEB0993B-6956-418D-89B5-55228F98DD13}] => (Allow) C:\Windows\SysWOW64\lxctcoms.exe FirewallRules: [{20F79D4D-2B26-4693-83B8-DBAF8C32DC77}] => (Allow) C:\Windows\SysWOW64\lxctcoms.exe FirewallRules: [{161A719F-7399-45D6-8D7B-7DA0E63AA287}] => (Allow) C:\Windows\System32\lxctcoms.exe FirewallRules: [{1EE8530C-E5DF-48F8-A779-0AB60DBC3389}] => (Allow) C:\Windows\System32\lxctcoms.exe FirewallRules: [{AE3DC79D-EA6F-46AF-9036-AB133698388C}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxctpswx.exe FirewallRules: [{A0F3F62C-400A-4640-BFE1-4FA941FD5BF3}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxctpswx.exe FirewallRules: [{8811B001-E90F-4B9D-844A-A46FCB2D2EBD}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe FirewallRules: [{B0C8B0E9-56A4-4E76-85B5-CF89233692BD}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\lxctmon.exe FirewallRules: [{8DED5B7B-1D4C-46D4-AE3D-8BF82AE2B901}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\LXCTaiox.exe FirewallRules: [{EB0AB5CC-46E4-4D5E-8805-F92614D5F369}] => (Allow) C:\Program Files (x86)\Lexmark 5400 Series\LXCTaiox.exe FirewallRules: [TCP Query User{9E78ED1B-8482-4639-AC6C-257B2F174D8F}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Block) C:\program files (x86)\google\google earth\client\googleearth.exe FirewallRules: [UDP Query User{8C5A97A2-DA86-4D9F-82F2-9BD63EBC6FE3}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Block) C:\program files (x86)\google\google earth\client\googleearth.exe FirewallRules: [{78722316-1559-4B90-83A4-4F63F5B5C589}] => (Allow) LPort=80 FirewallRules: [{60BCB1DE-A434-45B1-BF8B-C9782F078671}] => (Allow) LPort=80 FirewallRules: [{7F015F8E-14E7-4EC3-B32D-C2CB02C4899E}] => (Allow) LPort=80 FirewallRules: [{069EA796-2980-4CD3-B8D3-030D54AE089E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5CB81CA8-4C50-4AC9-A2A9-02CB4E372C17}] => (Allow) LPort=2869 FirewallRules: [{CB781AA3-22A2-4FFB-A168-108EBAF9EE00}] => (Allow) LPort=1900 FirewallRules: [{BB625453-599F-48E5-99B5-DAD9090F1A4B}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe FirewallRules: [{10E73977-6872-4B23-8D62-C8DB373F750A}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe FirewallRules: [{33D9CF4C-A4EE-476C-8587-EEB35F87A904}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe FirewallRules: [TCP Query User{6648DDF6-F7C4-49C2-960D-637BC705E798}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [UDP Query User{9A8AC77C-EB43-4FBF-87C5-901EE36CA75B}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe FirewallRules: [{570348A7-1FBC-4CBE-B23E-040E613414C8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{A8899632-EB13-41BE-8A89-E1D2C9A9E3F2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{62A53D3B-8BFD-49C7-9E31-F3C4C1E439DB}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{1F7931E4-173F-43FD-95C1-F6AE1021D3BA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{2542C51A-269C-498F-81EB-23AEFCEA17C9}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe FirewallRules: [{D4984D06-EE51-4BD7-9DC3-F133CBFA68C1}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe FirewallRules: [{8D1A9553-6CE5-4C3A-BA09-016E8A6A898F}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe FirewallRules: [{C16341FB-806F-4DDA-861F-1B22D8AE0508}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe FirewallRules: [{2DB8B5F2-3905-442E-B9EE-9CC612778802}] => (Allow) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe FirewallRules: [{0E2E06BC-031E-48D2-AA68-5C6CDA35FBBA}] => (Allow) C:\Users\jeff\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A0217D57-A4D6-44DE-92BA-4A97614BB9EE}] => (Allow) C:\Users\jeff\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{00C10383-D48C-4DC8-9CFB-26D420A4325C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{3B651D81-9B10-48BE-AB69-21F39915B1E2}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [TCP Query User{E74A84CB-C3B3-4CF6-8CF2-32F602FDD961}C:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe FirewallRules: [UDP Query User{E0547173-2557-4628-A494-DB6EFA9DB72F}C:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdfssvc.exe FirewallRules: [{B547546E-C374-4BD0-90FB-65C41545FD29}] => (Allow) C:\Users\jeff\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6463ACED-1D59-40FF-8BA7-69FFE6947BC0}] => (Allow) C:\Users\jeff\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{3A203316-03C2-46E1-AC0F-2364798FB2AF}C:\program files (x86)\abc\abc.exe] => (Allow) C:\program files (x86)\abc\abc.exe FirewallRules: [UDP Query User{B8744981-D12E-497A-ABCE-AAF9F1E169D7}C:\program files (x86)\abc\abc.exe] => (Allow) C:\program files (x86)\abc\abc.exe FirewallRules: [{0D069604-5B6D-4AE3-9536-65B32E3D7F6F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8473F546-0681-434C-8A16-82FDEC176454}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{9950FB6C-696E-407C-8EDB-67D4B8A07A14}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{D8C9A343-799C-4099-8FFE-E4B64A6B500D}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe FirewallRules: [{1C63D06A-C6E9-4AFD-A6D6-0B7C9A28BA92}] => (Allow) C:\Users\jeff\AppData\Local\Torch\Application\torch.exe FirewallRules: [{11A1CA6A-373B-431F-9597-A49897C52424}] => (Allow) C:\Users\jeff\AppData\Local\Torch\Application\torch.exe FirewallRules: [{B5413B40-603B-4282-B99F-9938C2032D06}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [{C7DD1E3D-AA3B-4DB7-BBE8-8DC73C63CCC8}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe FirewallRules: [TCP Query User{AEA1D162-4C46-4431-82D0-F36F443F602B}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{EFEA2B89-4D0F-4A58-91A7-15A45927D628}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [{540BAA10-FEDB-4E33-B1E4-CB91AA337E61}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{FAC555BE-038E-45FB-A165-4C032D995EAE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0F48B139-6348-4E98-8342-061C6ED30E0B}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe FirewallRules: [{09B3ADD5-C152-474D-A0EE-FEBF6966689D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (10/13/2015 07:50:53 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (10/13/2015 07:45:32 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/13/2015 06:28:05 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8 Error: (10/13/2015 06:28:04 PM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll8 Error: (10/13/2015 06:28:04 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\system32\bitsperf.dll8 Error: (10/13/2015 05:39:44 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid. hr = 0x80070539. Operation: OnIdentify event Gathering Writer Data Context: Execution Context: Shadow Copy Optimization Writer Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f} Writer Name: Shadow Copy Optimization Writer Writer Instance ID: {79130eb7-69a6-490a-9c87-10f2b3230321} Error: (10/13/2015 05:33:13 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/13/2015 05:33:04 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/13/2015 05:02:30 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (10/13/2015 05:02:30 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. System errors: ============= Error: (10/13/2015 08:01:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExWFailureCommand%%5 Error: (10/13/2015 08:00:53 PM) (Source: nvstor64) (EventID: 5) (User: ) Description: A parity error was detected on \Device\RaidPort0. Error: (10/13/2015 07:54:00 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExWStart%%5 Error: (10/13/2015 07:53:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Windows Update Error: (10/13/2015 07:52:10 PM) (Source: nvstor64) (EventID: 5) (User: ) Description: A parity error was detected on \Device\RaidPort0. Error: (10/13/2015 07:46:45 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Beep eeCtrl Error: (10/13/2015 07:45:33 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Diagnostic Service Host%%1052 Error: (10/13/2015 07:45:33 PM) (Source: Service Control Manager) (EventID: 7003) (User: ) Description: Net.Pipe Listener Adapterwas Error: (10/13/2015 07:42:58 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! Error: (10/13/2015 07:42:36 PM) (Source: volmgr) (EventID: 46) (User: ) Description: Crash dump initialization failed! CodeIntegrity: =================================== Date: 2015-10-13 20:17:52.345 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 20:17:49.361 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 20:17:46.601 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 20:17:43.792 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 20:17:40.111 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 20:17:37.266 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 20:17:34.506 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 20:17:31.529 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 14:56:39.081 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2015-10-13 14:56:38.005 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: AMD Phenom(tm) 9150e Quad-Core Processor Percentage of memory in use: 31% Total physical RAM: 7101.45 MB Available physical RAM: 4889.16 MB Total Virtual: 14503.77 MB Available Virtual: 11538.51 MB ==================== Drives ================================ Drive c: (HP) (Fixed) (Total:583.05 GB) (Free:212.07 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.12 GB) (Free:1.78 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 596.2 GB) (Disk ID: 1549F232) Partition 1: (Active) - (Size=583 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=13.1 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================