Additional scan result of Farbar Recovery Scan Tool (x86) Version: 25-02-2015 01 Ran by Pat at 2015-02-25 18:35:39 Running from E:\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-4048412729-2036225566-221526367-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) 32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden AC3Filter 1.62b (HKLM\...\AC3Filter_is1) (Version: 1.62b - Alexander Vigovsky) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated) Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Dreamweaver CS5.5 (HKLM\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Professional CS5 (HKLM\...\{CFC9F871-7C40-40B6-BE4A-B98A5B309716}) (Version: 11.0 - Adobe Systems Incorporated) Adobe Illustrator CS6 (HKLM\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) AirPlus G DWL-G510 (HKLM\...\{8B128562-681D-4FFA-BEBF-A825985B2CB9}) (Version: 1.0.24 - D-Link) Akamai NetSession Interface (HKU\S-1-5-21-4048412729-2036225566-221526367-1001\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Catalyst Install Manager (HKLM\...\{D9D94C72-AC7C-4225-7984-B91432592CBC}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.) Apple Mobile Device Support (HKLM\...\{235EBB33-3DA1-46DF-AADE-9955123409CB}) (Version: 8.0.5.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AVI ReComp 1.5.3 (HKLM\...\AVI ReComp) (Version: 1.5.3 - Mateusz Gola (aka Prozac)) AviSynth 2.5 (HKLM\...\Avisynth) (Version: - ) BankBrowser (HKU\S-1-5-21-4048412729-2036225566-221526367-1001\...\BankBrowser) (Version: 3.6 - DialCom24 Sp. z o.o.) Battlefield: Bad Company™ 2 (HKLM\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts) Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Brydż 3000 (HKLM\...\Brydz3000) (Version: - ) Call of Duty: Black Ops (HKLM\...\Call of Duty: Black Ops_is1) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP) CDex extraction audio (HKLM\...\CDex) (Version: - ) CeRegEditor 0.0.5.1 (HKLM\...\CeRegEditor_is1) (Version: - ) ChomikBox (HKLM\...\{26050F54-3928-4D9C-849A-C48A9E831E6F}) (Version: 2.0.5.0 - Chomikuj.pl) Compiled Driver Disk (Samsung) 1.0 (HKLM\...\{3DCF00F5-04A5-4543-A088-705480811206}_is1) (Version: 1.0.4.0 - COMPELSON Labs) Corel Graphics - Windows Shell Extension (HKLM\...\_{51DD370C-6690-424E-9674-5F14468B323F}) (Version: 15.0.0.487 - Corel Corporation) Corel Graphics - Windows Shell Extension (Version: 15.0.487 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Capture (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Common (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Connect (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Draw (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - EN (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Filters (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - FontNav (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - IPM (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Redist (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VBA (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - VSTA (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 - WT (Version: 15.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X5 (Version: 15.0 - Corel Corporation) Hidden CorelDRAW(R) Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.0.0.486 - Corel Corporation) Daum PotPlayer 1.5.37776 (HKLM\...\PotPlayer) (Version: - ) DJ_SF_06_D1600_SW_Min (Version: 140.0.690.000 - Hewlett-Packard) Hidden DVD Decrypter (Remove Only) (HKLM\...\DVD Decrypter) (Version: - ) empikfoto.pl (HKLM\...\Empik_empikfoto.pl) (Version: - ) FileZilla Client 3.7.4.1 (HKLM\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse) Gadu-Gadu 7.7 (HKLM\...\Gadu-Gadu) (Version: - ) Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (Version: 8.64 - Corel Corporation) Hidden GnuWin32: Wget-1.11.4-1 (HKLM\...\Wget-1.11.4-1_is1) (Version: 1.11.4-1 - GnuWin32) Google Chrome (HKLM\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden HL-2130 (HKLM\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.) HP Deskjet D1600 Printer Driver 14.0 Rel. 6 (HKLM\...\{96178C0A-BAF9-4E49-A2A5-CDE76722105B}) (Version: 14.0 - HP) HTC BMP USB Driver (HKLM\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC) HTC Driver Installer (HKLM\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.021 - HTC Corporation) HTC Sync (HKLM\...\{AB77DFDE-9949-4AEF-B180-BE322C3E65D0}) (Version: 3.2.20 - HTC Corporation) iCloud (HKLM\...\{760BB327-3973-4608-85C8-88162E2FF3B6}) (Version: 4.0.6.28 - Apple Inc.) IrfanView (remove only) (HKLM\...\IrfanView) (Version: - ) ISO to USB (HKLM\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com) iTunes (HKLM\...\{5D928931-D1D2-4A93-A82D-BF60D0E7CFA5}) (Version: 12.0.1.26 - Apple Inc.) Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Macromedia Extension Manager (HKLM\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.) Malwarebytes Anti-Malware wersja 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation) Microsoft .NET Framework 1.1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mobile Internet blueconnect (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.1 - ZTE Corporation) Mozilla Firefox 35.0.1 (x86 pl) (HKLM\...\Mozilla Firefox 35.0.1 (x86 pl)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.4 - F.J. Wechselberger) MySQL Installer (HKLM\...\{271688E7-319B-4A89-B633-318380EB8798}) (Version: 1.3.4.0 - Oracle Corporation) MySQL Server 5.6 (HKLM\...\{C21176A2-2DDB-4D06-A0BF-35FC8701A8F2}) (Version: 5.6.15 - Oracle Corporation) NapiProjekt (2.1.0.2287) (HKLM\...\NapiProjekt_is1) (Version: - ) Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia) Nokia Internet Modem (HKLM\...\{AF91A56A-A775-4183-99C5-E9320263B612}) (Version: 3.8.149.40 - SmartCom) Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.5.34.0 - Nokia) Nokia Suite (Version: 3.5.34.0 - Nokia) Hidden Notepad++ (HKLM\...\Notepad++) (Version: 5.6.7 - ) Obsługa programów Apple (HKLM\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.) OpenAL (HKLM\...\OpenAL) (Version: - ) PC Connectivity Solution (HKLM\...\{7390478C-8581-415E-92E9-2997D9306B81}) (Version: 12.0.32.0 - Nokia) PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden PhotoScape (HKLM\...\PhotoScape) (Version: - ) PIT Format 2013 (HKLM\...\PIT Format 2013_is1) (Version: - Biuro Informatyki Stosowanej FORMAT) PlayReady PC Runtime x86 (HKLM\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) Podatnik.info PIT pro 2013 wersja 2.0.19.29343 (HKLM\...\{B239B43B-3E99-40B0-80BF-1B1BCA868D4E}_is1) (Version: 2.0.19.29343 - Podatnik.info Sp. z o.o.) PowerISO (HKLM\...\PowerISO) (Version: 5.4 - Power Software Ltd) PRO100 ver. 4.42 Demo i Nowy Rozkrój ver. 6 Demo (HKLM\...\PRO100 i NR Demo_is1) (Version: 4.42 - Ecru Oprogramowanie) QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Rapture3D 2.4.4 Game (HKLM\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound) Real Alternative 2.0.2 (HKLM\...\RealAlt_is1) (Version: 2.0.2 - ) Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.) Samsung Kies (Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.) Hidden SeaTools for Windows (HKLM\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.7 - Seagate Technology) SeaTools for Windows (HKLM\...\SeaTools for Windows) (Version: - Seagate Technology) Splash Lite (HKLM\...\{8B4A6011-BB10-4918-B561-3F6CF5712B37}) (Version: 1.7.1 - Mirillis) SpyHunter (HKLM\...\{46B04D53-4E34-4388-B6EE-80FAB66AEF9B}) (Version: 4.12.13.4202 - Enigma Software Group USA, LLC) Steinberg Cubase 5 (HKLM\...\{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.2 - Steinberg Media Technologies GmbH) Steinberg Groove Agent ONE Content (HKLM\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH) Steinberg HALionOne (HKLM\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne Expression Set (HKLM\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH) Steinberg HALionOne GM Drum Set (HKLM\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne GM Set (HKLM\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne Pro Set (HKLM\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne Studio Drum Set (HKLM\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg HALionOne Studio Set (HKLM\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH) Steinberg LoopMash Content (HKLM\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 - Steinberg Media Technologies GmbH) SWiSH Max2 (HKLM\...\SWiSH Max2) (Version: - ) TagCheck HTML and XML Tag Checker V1.5 (HKLM\...\TagCheck HTML and XML Tag Checker V1.5_is1) (Version: - ) Toolbox (Version: 140.0.428.000 - Hewlett-Packard) Hidden Unity Web Player (HKU\S-1-5-21-4048412729-2036225566-221526367-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) VBA (2627.01) (Version: 6.03.00.9188 - Microsoft Corporation) Hidden VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team) VobSub 2.23 (HKLM\...\VobSub) (Version: 2.23 - Gabest) Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation) Windows Movie Maker 2.6 (HKLM\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation) WinHTTrack Website Copier 3.46-1 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.46.1 - HTTrack) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) Xvid 1.3.0 (HKLM\...\Xvid_is1) (Version: 1.3.0 - Xvid Solutions) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-4048412729-2036225566-221526367-1001_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-4048412729-2036225566-221526367-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb.dll () ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2014-03-02 11:53 - 00001864 ___RA C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com 3dns.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.adobe.com activate.wip.adobe.com activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com adobe-dns-4.adobe.com adobe-dns.adobe.com adobeereg.com crl.verisign.net ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com lm.licenses.adobe.com lmlicenses.wip4.adobe.com na2m-pr.licenses.adobe.com 127.0.0.1 ood.opsource.net practivate.adobe practivate.adobe.com practivate.adobe.ipp practivate.adobe.newoa practivate.adobe.ntp wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com wwis-dubc1-vip60.adobe.com www.adobeereg.com www.wip.adobe.com www.wip1.adobe.com 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {5B920ADD-4E2F-4CEE-BEB2-76E432BD151E} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe [2012-04-17] () Task: {6A3FE468-090B-49AE-B210-E5B571899427} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-04] (Piriform Ltd) Task: {6C953D9E-5BAC-419A-97FF-AB37C092E765} - System32\Tasks\AdobeAAMUpdater-1.0-PLNY7-Pat => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {8014FDF0-E3A9-4857-93F0-F1AF598BFA64} - System32\Tasks\{693EC7DF-A134-44B8-9FB8-72A7AA864B07} => pcalua.exe -a K:\Autorun.exe -d K:\ Task: {8D79348D-429D-47F8-A027-658DBCE04869} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.) Task: {A43E3F50-1C0E-4F14-B61A-06FC44768BB8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated) Task: {E4280E5E-AC44-4C19-9F90-D320553141F8} - System32\Tasks\{6E671F07-AFAD-420A-BDC6-FDA16D16C598} => pcalua.exe -a "E:\Skispringen 2007\skispringen2007.exe" -d "E:\Skispringen 2007" Task: {FA162368-9F1F-420C-8706-037B40584C97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============== 2014-01-01 18:27 - 2013-07-08 11:38 - 00213504 _____ () c:\Apache24\bin\pcre.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-11-17 19:31 - 2013-11-17 19:31 - 10964480 _____ () D:\MySQL\MySQL Server 5.6\bin\mysqld.exe 2012-03-23 13:25 - 2012-03-23 13:25 - 00087040 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe 2014-01-01 18:27 - 2013-07-08 11:38 - 00213504 _____ () C:\Apache24\bin\pcre.dll 2014-02-11 20:29 - 2014-02-11 20:29 - 00093696 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2012-09-20 17:14 - 2009-12-17 10:24 - 00066512 _____ () C:\Program Files\Common Files\SmartCom\DragnDropCopyHook.dll 2009-12-17 10:23 - 2009-12-17 10:23 - 02099664 _____ () C:\Program Files\Nokia\Nokia Internet Modem\Smartcom.dll 2009-12-17 10:23 - 2009-12-17 10:23 - 00543184 _____ () C:\Program Files\Nokia\Nokia Internet Modem\WellphoneLib.dll 2014-10-17 09:23 - 2014-10-17 09:23 - 00181760 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Commonc65c5a95#\d408c1d56f5492e9c47813a2a6f844b6\Kies.Common.DeviceServiceLib.Interface.ni.dll 2014-10-17 09:23 - 2014-10-17 09:23 - 15398912 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\3595da365f1d8c1ab720565125bf880f\Kies.Theme.ni.dll 2014-10-17 09:22 - 2014-10-17 09:22 - 01628160 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\1783416c5b768ff0b0fa5c035aa58347\Kies.UI.ni.dll 2014-10-17 09:22 - 2014-10-17 09:22 - 00081920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\f81029bc00e55fe829a80ce0c3cf7fc6\Kies.MVVM.ni.dll 2014-10-17 09:23 - 2014-10-17 09:23 - 00236032 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\6815ff93472d008087880a6462931188\ASF_cSharpAPI.ni.dll 2012-08-31 09:52 - 2012-08-31 09:52 - 00021432 _____ () C:\kiess\Kies\External\FirmwareUpdate\KiesPDLR.exe 2014-01-26 21:09 - 2014-01-26 21:09 - 00115137 _____ () C:\Users\Pat\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll 2012-07-04 01:16 - 2012-07-04 01:16 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2015-01-26 21:17 - 2015-01-26 21:17 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:12EA4DC9 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4048412729-2036225566-221526367-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^Pat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Pat\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup MSCONFIG\startupreg: Malwarebytes Anti-Malware (reboot) => "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript MSCONFIG\startupreg: Nokia Internet Modem => "C:\Program Files\Nokia\Nokia Internet Modem\WellPhone2.exe" /background MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE ==================== Accounts: ============================= Administrator (S-1-5-21-4048412729-2036225566-221526367-500 - Administrator - Disabled) ASPNET (S-1-5-21-4048412729-2036225566-221526367-1004 - Limited - Enabled) Guest (S-1-5-21-4048412729-2036225566-221526367-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-4048412729-2036225566-221526367-1008 - Limited - Enabled) Pat (S-1-5-21-4048412729-2036225566-221526367-1001 - Administrator - Enabled) => C:\Users\Pat ==================== Faulty Device Manager Devices ============= Name: Microsoft Virtual WiFi Miniport Adapter Description: Microsoft Virtual WiFi Miniport Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller Description: Marvell Yukon 88E8053 PCI-E Gigabit Ethernet Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Marvell Service: yukonw7 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/24/2015 01:18:16 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/24/2015 01:17:51 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Dependent Assembly Microsoft.VC90.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (02/22/2015 09:17:24 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: Windows cannot access the file C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3ED819D0F93BE77F36DC56808D6945A62B9DD2EB.bin.VE0 for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Antimalware Service Executable because of this error. Program: Antimalware Service Executable File: C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3ED819D0F93BE77F36DC56808D6945A62B9DD2EB.bin.VE0 The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C000007F Disk type: 3 Error: (02/22/2015 09:17:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb2053 Faulting module name: mpengine.dll, version: 1.1.11400.0, time stamp: 0x54ca003f Exception code: 0xc0000006 Fault offset: 0x0014faee Faulting process id: 0x1884 Faulting application start time: 0xMsMpEng.exe0 Faulting application path: MsMpEng.exe1 Faulting module path: MsMpEng.exe2 Report Id: MsMpEng.exe3 Error: (02/22/2015 09:17:14 PM) (Source: Application Error) (EventID: 1005) (User: ) Description: Windows cannot access the file C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3ED819D0F93BE77F36DC56808D6945A62B9DD2EB.bin.VE0 for one of the following reasons: there is a problem with the network connection, the disk that the file is stored on, or the storage drivers installed on this computer; or the disk is missing. Windows closed the program Antimalware Service Executable because of this error. Program: Antimalware Service Executable File: C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3ED819D0F93BE77F36DC56808D6945A62B9DD2EB.bin.VE0 The error value is listed in the Additional Data section. User Action 1. Open the file again. This situation might be a temporary problem that corrects itself when the program runs again. 2. If the file still cannot be accessed and - It is on the network, your network administrator should verify that there is not a problem with the network and that the server can be contacted. - It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer. 3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER. 4. If the problem persists, restore the file from a backup copy. 5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for further assistance. Additional Data Error value: C000007F Disk type: 3 Error: (02/22/2015 09:17:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MsMpEng.exe, version: 4.7.205.0, time stamp: 0x54cb2053 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000006 Fault offset: 0x1b87a921 Faulting process id: 0x3a0 Faulting application start time: 0xMsMpEng.exe0 Faulting application path: MsMpEng.exe1 Faulting module path: MsMpEng.exe2 Report Id: MsMpEng.exe3 Error: (02/22/2015 04:22:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 15975 Error: (02/22/2015 04:22:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 15975 Error: (02/22/2015 04:22:09 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/22/2015 04:22:08 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 14977 System errors: ============= Error: (02/25/2015 06:04:16 PM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (02/25/2015 05:53:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Eset Trial Reset service failed to start due to the following error: %%1053 Error: (02/25/2015 05:53:51 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Eset Trial Reset service to connect. Error: (02/24/2015 01:26:28 PM) (Source: atapi) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Ide\IdePort3. Error: (02/24/2015 01:16:11 PM) (Source: volsnap) (EventID: 36) (User: ) Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit. Error: (02/24/2015 00:46:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Eset Trial Reset service failed to start due to the following error: %%1053 Error: (02/24/2015 00:46:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Eset Trial Reset service to connect. Error: (02/22/2015 09:30:32 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (02/22/2015 09:25:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Eset Trial Reset service failed to start due to the following error: %%1053 Error: (02/22/2015 09:25:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Eset Trial Reset service to connect. Microsoft Office Sessions: ========================= Error: (05/24/2012 00:41:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 9618 seconds with 1320 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Core(TM)2 Duo CPU E8400 @ 3.00GHz Percentage of memory in use: 47% Total physical RAM: 3070.18 MB Available physical RAM: 1597.95 MB Total Pagefile: 33068.47 MB Available Pagefile: 31064.36 MB Total Virtual: 2047.88 MB Available Virtual: 1869.68 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.66 GB) (Free:1.8 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (Programs) (Fixed) (Total:195.31 GB) (Free:103.37 GB) NTFS Drive e: (Games) (Fixed) (Total:195.31 GB) (Free:84.98 GB) NTFS Drive f: (Movies) (Fixed) (Total:292.97 GB) (Free:35.55 GB) NTFS Drive l: (New Volume) (Fixed) (Total:150.25 GB) (Free:67.65 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CD9651E6) Partition 1: (Active) - (Size=97.7 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=443.2 GB) - (Type=OF Extended) ==================== End Of Log ============================