Additional scan result of Farbar Recovery Scan Tool (x64) Version:24-10-2015
Ran by Devan (2015-10-24 15:04:03)
Running from C:\Users\Devan\Downloads
Windows 8.1 (X64) (2014-10-31 22:39:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3712499783-581391182-1704282419-500 - Administrator - Disabled)
Devan (S-1-5-21-3712499783-581391182-1704282419-1001 - Administrator - Enabled) => C:\Users\Devan
Guest (S-1-5-21-3712499783-581391182-1704282419-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3712499783-581391182-1704282419-1006 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\uTorrent) (Version: 3.4.2.38656 - BitTorrent Inc.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH)
Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - )
Adobe Reader X (10.1.16) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.16 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.4.1245.72462 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 4.4.1245.72462 - Alcor Micro Corp.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5D42947B-E961-C0B5-5A70-EA0F753331EB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Quick Stream (HKLM\...\{E9EED4AE-682B-4501-9574-D09A21717599}_is1) (Version: 3.4.4.2 - AppEx Networks)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{5dfbeba9-9f22-463d-8c95-c861911810a2}) (Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.47.11018 - Avira Operations GmbH & Co. KG) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Driver Support (HKLM-x32\...\{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1 - PC Drivers Headquarters, LP)
DTS Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
Elgato Game Capture HD (HKLM-x32\...\{B3837224-9767-4976-8148-3C72E96FF527}) (Version: 2.10.72.879 - Elgato Systems GmbH)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
Game Capture HD60 v2.1.1.3 (HKLM-x32\...\Software_Elgato_Game Capture HD60) (Version: 2.1.1.3 - Elgato Systems)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.80 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
IDT Audio Driver (HKLM\...\{588A747E-CFF6-46B3-9207-CD754F9473AF}) (Version: 6.10.6491.0 - IDT)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41504) (Version: 3.8.0.41504.23 - Intel)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OEM Application Profile (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time)
Popcorn Time (HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\Popcorn Time) (Version:  - Popcorn Official)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0021 - REALTEK Semiconductor Corp.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1208 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
TheSkyX First Light Edition (HKLM-x32\...\{ECE3188A-3B11-4332-B1B9-43FAA9A02626}) (Version: 10.0.2 - Software Bisque, Inc.)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.15.4 - Toshiba Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 2.0.0001 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.341 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124  - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
ZoneAlarm Firewall (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.052.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

09-10-2015 21:31:22 Installed TheSkyX First Light Edition.
15-10-2015 20:50:22 Windows Update
20-10-2015 12:00:08 Windows Update
24-10-2015 14:25:28 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1545B3A6-9827-4FCA-A300-B68F9914AFB5} - System32\Tasks\SUPERAntiSpyware Scheduled Task ad572c2a-894d-4383-b3f5-fd46ec8a7ebc => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {1EE96351-4DFD-4236-B61B-8136067F0087} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {2E540EB4-9783-4A34-8A72-3289BD7F5DC8} - System32\Tasks\Driver Support-RTMUpdater => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2015-09-27] (PC Drivers Headquarters)
Task: {6858D621-4A6A-42B6-8C17-A61CA838ED6C} - System32\Tasks\Driver Support-RTMRules => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2015-09-27] (PC Drivers Headquarters)
Task: {7D387BC5-16C8-4D1E-9772-3565981DBC18} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-15] (Microsoft Corporation)
Task: {8208C186-292B-4DCB-8EB5-71D97E74E486} - System32\Tasks\Driver Support => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2015-09-27] (PC Drivers Headquarters)
Task: {9004BBFD-620D-4050-9196-BA22B5573E69} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {902C2D40-67A3-467D-B3CF-442A4C7F0708} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {CAF19129-4EA6-4768-B539-265F6B7851BB} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2014-08-06] (Synaptics Incorporated)
Task: {CE814863-D671-48E6-AA4C-500AE9EDB2E8} - System32\Tasks\SUPERAntiSpyware Scheduled Task 248fc983-e742-427e-9fb0-2003cae7b68b => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {D67269D7-7E85-49C3-A417-9DF68407A44E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {D6FD76C9-9159-406E-A53D-206113751CE6} - System32\Tasks\Driver Support-RTMScan => C:\Program Files (x86)\Driver Support\Driver Support\DriverSupport.exe [2015-09-27] (PC Drivers Headquarters)
Task: {D77E6B1F-98DC-4735-9AD5-98C8E940E03E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {DB778CCA-F8A3-43C6-9BD0-BF7D05C95DC2} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 248fc983-e742-427e-9fb0-2003cae7b68b.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task ad572c2a-894d-4383-b3f5-fd46ec8a7ebc.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (Whitelisted) ==============

2013-03-27 19:53 - 2013-03-27 19:53 - 00163168 _____ () C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-10 12:54 - 2013-09-10 12:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2015-04-01 15:36 - 2015-09-27 21:19 - 00354592 _____ () C:\Program Files (x86)\Driver Support\Driver Support\Agent.Common.XmlSerializers.dll
2014-05-22 13:14 - 2015-09-27 21:19 - 00485664 _____ () C:\Program Files (x86)\Driver Support\Driver Support\Agent.Communication.XmlSerializers.dll
2014-05-22 13:14 - 2015-09-27 21:19 - 00035104 _____ () C:\Program Files (x86)\Driver Support\Driver Support\Agent.ExceptionLogging.XmlSerializers.dll
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2015-10-23 14:15 - 2015-10-20 10:08 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libglesv2.dll
2015-10-23 14:15 - 2015-10-20 10:08 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\libegl.dll
2015-10-23 14:15 - 2015-10-20 10:08 - 16493384 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.80\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

IE trusted site: HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\driversupport.com -> hxxp://apps.driversupport.com
IE trusted site: HKU\S-1-5-21-3712499783-581391182-1704282419-1001\...\driversupport.com -> hxxps://apps.driversupport.com

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3712499783-581391182-1704282419-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\TOSHIBA\TOSHIBA1.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{01139214-E379-4536-8A01-6FF210951893}] => (Allow) C:\Users\Devan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BBC220F0-F85B-402E-88CF-24792377FC67}] => (Allow) C:\Users\Devan\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{10AA6DC1-FC29-4B2D-A9DC-F47D60351023}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{84E33C39-FDA4-4245-9825-810BCDFB653C}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [TCP Query User{1FA95F93-F8AD-4C26-8BBF-76F08746D697}C:\users\devan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\devan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{01BA4A13-DE7E-4069-ACD2-5A1044A9478C}C:\users\devan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\devan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{5C06F4A7-631F-439E-B804-024A069715B8}C:\users\devan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\devan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{79665D0C-6B99-412B-8294-BB090ABEA7E5}C:\users\devan\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\devan\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{B1785EC1-A611-48D7-8C7B-32AEDDBCAE51}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7CE5BCEA-4689-4E6B-9385-C230D6C4221D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{99BF1994-12D2-48C5-88D7-704DAB47AAFF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2B0ECFA9-914C-49DA-BBA0-BDA805025879}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FF79FE56-EA21-425C-9931-0075B7F9CA67}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{39E1F026-3065-42F1-A8B8-EEACFF96400A}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{91D99E08-4BF4-4C3B-A22F-D65DC7C21A1A}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{5E426B1D-947F-467C-81BB-04F568EEFD53}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [TCP Query User{00320D6D-4361-4F8D-ADC3-894E958018BA}C:\users\devan\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\devan\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{C9BF010F-9341-4243-9EA3-032FB5F3E310}C:\users\devan\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\devan\appdata\local\popcorn time\nw.exe
FirewallRules: [TCP Query User{9DD053FA-DD52-425E-9635-75CAE3C42152}C:\users\devan\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\devan\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{61E58CA4-280E-4530-A747-FB78FB5EF0BB}C:\users\devan\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\devan\appdata\local\popcorn time\nw.exe
FirewallRules: [{B6D4312C-4C23-49A2-9A1F-24FD5A5A24D0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EB9112E0-B7A0-4EBF-85ED-96C47036898B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8611EE91-E198-4AF2-92F0-79D6C7047D08}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{23ADEAD4-62D1-48CD-810C-B07F95BA5761}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1196B685-EF7B-4F0A-AC3E-35CF39924EA8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{178FF9C0-2C7C-4280-AAC6-32DB11A35086}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F1C78B68-7E19-4DC0-8A14-614DA6AC8FA2}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{3A8AB80B-2FC6-40D9-8745-E2DD87BC854C}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [TCP Query User{0BA99DB2-81C0-45A3-B37F-63F099BFDC37}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [UDP Query User{44A19586-8E1B-43BC-87C8-896B835B6B3B}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [TCP Query User{BAB1C233-6A00-4B60-A395-985E646F9D91}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{375B4F73-2D39-4EA8-B482-FED487AE946B}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/24/2015 02:17:28 PM) (Source: Driver Support) (EventID: 100) (User: )
Description: Timestamp: 2015-10-24 6:17:28 PM
Message: An exception occured and was caught: InvalidOperationException
---------Exception Information----------
Local Time: 2015-10-24 2:17:28 PM
Type: ExceptionLogging, Version=4.0.0.84, Culture=neutral, PublicKeyToken=null
Message: Unable to generate a temporary class (result=1).
error CS0016: Could not write to output file 'c:\Users\Devan\AppData\Local\Temp\vrlqp-s4.dll' -- 'The process cannot access the file because it is being used by another process. '

Source: Microsoft.ApplicationBlocks.Updater
Target Site: Void LogAndThrowException(System.Exception)
Stack Trace:    at Microsoft.ApplicationBlocks.Updater.Logger.LogAndThrowException(Exception ex)
	
   at Microsoft.ApplicationBlocks.Updater.ManifestManager.ValidateAndDeserialize(Type type, Uri location, String schemaResource)
	
   at Microsoft.ApplicationBlocks.Updater.ManifestManager.GetValidManifests(Uri location, String applicationId)
	
   at Microsoft.ApplicationBlocks.Updater.ManifestManager.GetManifests(Uri location, String applicationId)
	
   at Microsoft.ApplicationBlocks.Updater.ApplicationUpdaterManager.CheckForUpdates(Uri location)
	
   at DriversHQ.DriverDetective.Client.k.a()
--------------------------------------
Additional Information
Machine Name: SHIZNIT
Assembly: ExceptionLogging, Version=4.0.0.84, Culture=neutral, PublicKeyToken=null
Application Domain: DriverSupport.exe
Thread Identity: SHIZNIT\Devan
Thread Name: 
Windows Identity: SHIZNIT\Devan
Process Name:

Error: (10/24/2015 02:17:27 PM) (Source: Driver Detective) (EventID: 1000) (User: )
Description: 

Error: (10/24/2015 02:39:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15171

Error: (10/24/2015 02:39:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15171

Error: (10/24/2015 02:39:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (10/24/2015 12:12:28 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (10/23/2015 10:56:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHIZNIT)
Description: Activation of app 6560AmiguinhoDesign.Shiftv_vsw6txc2pcwng!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/23/2015 10:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Shiftv.exe, version: 1.0.0.0, time stamp: 0x5626e925
Faulting module name: combase.dll, version: 6.3.9600.17415, time stamp: 0x54503d84
Exception code: 0xc000027b
Fault offset: 0x0012123d
Faulting process id: 0x1bf0
Faulting application start time: 0xShiftv.exe0
Faulting application path: Shiftv.exe1
Faulting module path: Shiftv.exe2
Report Id: Shiftv.exe3
Faulting package full name: Shiftv.exe4
Faulting package-relative application ID: Shiftv.exe5

Error: (10/23/2015 10:43:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHIZNIT)
Description: Activation of app 6560AmiguinhoDesign.Shiftv_vsw6txc2pcwng!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/23/2015 10:43:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Shiftv.exe, version: 1.0.0.0, time stamp: 0x5626e925
Faulting module name: combase.dll, version: 6.3.9600.17415, time stamp: 0x54503d84
Exception code: 0xc000027b
Fault offset: 0x0012123d
Faulting process id: 0x1bb4
Faulting application start time: 0xShiftv.exe0
Faulting application path: Shiftv.exe1
Faulting module path: Shiftv.exe2
Report Id: Shiftv.exe3
Faulting package full name: Shiftv.exe4
Faulting package-relative application ID: Shiftv.exe5


System errors:
=============
Error: (10/24/2015 01:47:12 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (10/23/2015 10:34:03 PM) (Source: DCOM) (EventID: 10010) (User: SHIZNIT)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (10/20/2015 08:34:59 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x0000007e (0xffffffffc0000005, 0xfffff80044a085da, 0xffffd00020968658, 0xffffd00020967e60)C:\WINDOWS\MEMORY.DMP102015-35750-01

Error: (10/16/2015 10:56:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The GamesAppIntegrationService service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/16/2015 10:55:00 PM) (Source: DCOM) (EventID: 10010) (User: SHIZNIT)
Description: App

Error: (10/16/2015 12:05:57 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:58:56 AM on ‎10/‎16/‎2015 was unexpected.

Error: (10/10/2015 01:37:08 AM) (Source: Ntfs) (EventID: 138) (User: )
Description: The transaction resource manager at C:\ encountered a fatal error and was shut down.  The data contains the error code.

Error: (10/09/2015 12:51:24 PM) (Source: DCOM) (EventID: 10010) (User: SHIZNIT)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (10/09/2015 12:51:24 PM) (Source: DCOM) (EventID: 10010) (User: SHIZNIT)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (10/09/2015 12:44:07 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.0.14.
The computer with the IP address 192.168.0.36 did not allow the name to be claimed by
this computer.


==================== Memory info =========================== 

Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 29%
Total physical RAM: 7374.26 MB
Available physical RAM: 5203.54 MB
Total Virtual: 14798.26 MB
Available Virtual: 11712.55 MB

==================== Drives ================================

Drive c: (TI80141400B) (Fixed) (Total:919.13 GB) (Free:510.73 GB) NTFS
Drive d: (01 03 2008) (CDROM) (Total:0.07 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================