Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Cursor going crazy
Message
<blockquote data-quote="melen001" data-source="post: 212089" data-attributes="member: 11572"><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2014</p><p>Ran by melen at 2014-06-19 08:59:48</p><p>Running from C:\Users\melen\Desktop</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Security Center ========================</p><p></p><p>AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}</p><p>AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)</p><p>Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden</p><p>Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)</p><p>Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)</p><p>Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - )</p><p>Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>Artweaver Free 4 (HKLM-x32\...\{6567E404-A019-4D0C-BD18-10564126A579}_is1) (Version: 4.0 - Boris Eyrich Software)</p><p>Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG)</p><p>AT&T Labs' Natural Voices 1.4 - Desktop Runtime (HKLM-x32\...\AT&T Labs' Natural Voices 1.4 - Desktop Runtime_is1) (Version: 1.4.0916 - AT&T Labs)</p><p>Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)</p><p>BB FlashBack Express (HKLM-x32\...\BB FlashBack Express) (Version: 4.1.10.3209 - Blueberry)</p><p>Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)</p><p>CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)</p><p>CintaNotes 2.6.1 (HKLM-x32\...\CintaNotes_is1) (Version: - Cinta Software)</p><p>D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden</p><p>Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft)</p><p>Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)</p><p>DeskMarker (HKLM-x32\...\4_is1) (Version: 2.0 - delight software gmbh)</p><p>Duplicate Cleaner Free 3.2.4 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.4 - DigitalVolcano Software Ltd)</p><p>EaseUS Data Recovery Wizard 7.5 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.5_is1) (Version: - EaseUS)</p><p>Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsisoft GmbH)</p><p>Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)</p><p>FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)</p><p>FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)</p><p>FotoSketcher 2.85 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON)</p><p>GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.57.5189 - Gretech Corporation)</p><p>Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)</p><p>HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)</p><p>HWiNFO64 Version 4.36 (HKLM\...\HWiNFO64_is1) (Version: 4.36 - Martin Malík - REALiX)</p><p>ICA (x32 Version: 14.0.0.345 - Corel Corporation) Hidden</p><p>Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)</p><p>Intel(R) PRO/Wireless Driver (Version: 16.11.0000.1384 - Intel Corporation) Hidden</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)</p><p>Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.10.0.0136 - Intel Corporation) Hidden</p><p>Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)</p><p>Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)</p><p>Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)</p><p>Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation)</p><p>Intel(R) WiDi (HKLM\...\{62E7C369-64FF-452C-8F46-6BE9B77FF097}) (Version: 4.0.18.0 - Intel Corporation)</p><p>Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )</p><p>Intel® PROSet/Wireless Software (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation)</p><p>Intel® PROSet/Wireless WiFi Software (Version: 16.10.0.0307 - Intel Corporation) Hidden</p><p>Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden</p><p>IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit)</p><p>IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit)</p><p>IPM_PSP_COM (x32 Version: 14.0.0.345 - Corel Corporation) Hidden</p><p>Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)</p><p>Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle)</p><p>Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden</p><p>JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.68.0 - JMicron Technology Corp.)</p><p>Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Kingsoft Office 2013 (9.1.0.4550) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4550 - Kingsoft Corp.)</p><p>LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass)</p><p>LightBox Free Image Editor (HKLM-x32\...\LightBox Free Image Editor) (Version: - )</p><p>Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.)</p><p>Macrium Reflect Free Edition (Version: 5.2.6515 - Paramount Software (UK) Ltd.) Hidden</p><p>Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)</p><p>MFC RunTime files x64 (Version: 1.0.0 - Extensoft) Hidden</p><p>Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)</p><p>Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden</p><p>Microsoft Access Runtime 2010 (HKLM\...\Office14.AccessRT) (Version: 14.0.7015.1000 - Microsoft Corporation)</p><p>Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Access Runtime 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Access Runtime MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden</p><p>Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Mozilla Firefox 24.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)</p><p>MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden</p><p>MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden</p><p>MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden</p><p>MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden</p><p>MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels)</p><p>Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.3.0.12 - Symantec Corporation)</p><p>PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - )</p><p>Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software)</p><p>PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)</p><p>PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)</p><p>PSPPContent (x32 Version: 14.0.0.345 - Corel Corporation) Hidden</p><p>PSPPHelp (x32 Version: 14.0.0.345 - Corel Corporation) Hidden</p><p>PSPPro64 (Version: 14.0.0.345 - Corel Corporation) Hidden</p><p>Puran File Recovery 1.2 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software)</p><p>Q-Dir (HKLM\...\Q-Dir) (Version: - )</p><p>Q-Dir (HKLM-x32\...\Q-Dir) (Version: - )</p><p>QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)</p><p>RealDownloader (x32 Version: 17.0.10 - RealNetworks, Inc.) Hidden</p><p>RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden</p><p>RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden</p><p>RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden</p><p>RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks)</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)</p><p>RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden</p><p>Reboot Delete File Ex v1.3 (HKLM-x32\...\Reboot Delete File Ex_is1) (Version: 1.3.0.0 - DVDAVITools)</p><p>Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)</p><p>Reor version 1.2 (HKLM-x32\...\{0BFA4F28-1D22-4B56-B993-D3ABA390C0F3}_is1) (Version: 1.2 - Ajay Menon)</p><p>Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH)</p><p>Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{08798025-46CC-4EB0-A0B3-4E25DA3BBC10}) (Version: - Microsoft)</p><p>Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden</p><p>Setup (x32 Version: 14.0.0.345 - Corel Corporation) Hidden</p><p>Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)</p><p>Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)</p><p>SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)</p><p>Soluto (HKLM\...\{037C627B-384E-450E-866C-95BAB3CDEA17}) (Version: 1.3.1494.0 - Soluto)</p><p>Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB)</p><p>SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)</p><p>SRS Premium Sound Control Panel (HKLM\...\{75A43A49-A6A1-4FCB-A41E-02D76E166691}) (Version: 1.12.0800 - SRS Labs, Inc.)</p><p>System Explorer 5.7.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)</p><p>System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)</p><p>TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29327 - TeamViewer)</p><p>TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)</p><p>TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.1 - TOSHIBA CORPORATION)</p><p>TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)</p><p>TOSHIBA Bulletin Board (Version: 1.6.11.64 - TOSHIBA Corporation) Hidden</p><p>TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)</p><p>TOSHIBA Hardware Setup (HKLM\...\HWSetup_is1) (Version: 1.0.64.6 - TOSHIBA CORPORATION)</p><p>TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.2.15 - TOSHIBA Corporation)</p><p>TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.12 - TOSHIBA Corporation)</p><p>TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)</p><p>TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)</p><p>TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)</p><p>TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)</p><p>TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION)</p><p>TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)</p><p>TOSHIBA ReelTime (Version: 1.7.21.64 - TOSHIBA Corporation) Hidden</p><p>TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.3.03 - TOSHIBA Corporation)</p><p>TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.3.0 - TOSHIBA)</p><p>TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.0022.000104 - TOSHIBA Corporation)</p><p>TOSHIBA Supervisor Password (HKLM\...\SVPW_is1) (Version: 1.0.64.6 - TOSHIBA CORPORATION)</p><p>TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)</p><p>TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0023.640204 - TOSHIBA Corporation)</p><p>TOSHIBA Value Added Package (Version: 1.6.0023.640204 - TOSHIBA Corporation) Hidden</p><p>TOSHIBA Value Added Package (x32 Version: 1.6.0023.640204 - TOSHIBA Corporation) Hidden</p><p>TOSHIBA VIDEO PLAYER (HKLM\...\{27C3DB42-A9C1-4B44-A164-93849D160D12}) (Version: 5.3.18.82 - Toshiba Corporation)</p><p>TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.35 - TOSHIBA Corporation)</p><p>TOSHIBA Web Camera Application (x32 Version: 2.0.3.35 - TOSHIBA Corporation) Hidden</p><p>TOSHIBA Wireless Display Monitor (HKLM-x32\...\{617773AE-ADBA-4479-BB04-65FE7758B35C}) (Version: 1.0.1 - TOSHIBA CORPORATION)</p><p>TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.9 - TOSHIBA)</p><p>Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.5 - Tweaking.com)</p><p>Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)</p><p>Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft)</p><p>Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft)</p><p>Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft)</p><p>UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden</p><p>Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)</p><p>Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden</p><p>Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)</p><p>Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden</p><p>WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 31.0.2014.0 - BillP Studios)</p><p>Wise Registry Cleaner 8.12 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.12 - WiseCleaner.com, Inc.)</p><p>Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)</p><p>Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )</p><p>Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.)</p><p>Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: 16.0.1.5 - ZONER software)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>17-06-2014 10:37:40 IObit Uninstaller restore point</p><p>18-06-2014 01:21:52 IObit Uninstaller restore point</p><p>18-06-2014 02:15:06 Configured TOSHIBA ReelTime</p><p>18-06-2014 02:16:14 Configured TOSHIBA ReelTime</p><p>18-06-2014 02:18:26 Installed TOSHIBA ReelTime</p><p>18-06-2014 03:08:26 Configured TOSHIBA ReelTime</p><p>18-06-2014 03:10:25 Installed TOSHIBA ReelTime</p><p>19-06-2014 12:18:49 Installed HiJackThis</p><p></p><p>==================== Hosts content: ==========================</p><p></p><p>2009-07-13 22:34 - 2014-06-14 23:45 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts</p><p>127.0.0.1 localhost</p><p></p><p>==================== Scheduled Tasks (whitelisted) =============</p><p></p><p>Task: {23A805B4-6380-4E78-9E48-03BEB1FB240D} - System32\Tasks\WpsUpdateTask_melen => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe [2014-03-30] (Zhuhai Kingsoft Office Software Co.,Ltd)</p><p>Task: {39A6F86E-6377-41D2-AC14-A1DF53140E9A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe</p><p>Task: {5396FAFB-DC74-410E-87B5-3126BF6C7875} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()</p><p>Task: {5771F0DD-259A-4EAC-AD1C-F1B35035A427} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)</p><p>Task: {5D9DC44F-84B2-4204-810D-C17C4E90F296} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-05-21] (IObit)</p><p>Task: {602785DA-81E9-41BD-B0CA-C99835519994} - System32\Tasks\WpsNotifyTask_melen => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe [2014-03-30] (Zhuhai Kingsoft Office Software Co.,Ltd)</p><p>Task: {64B0E495-AE33-49C6-AA7C-EDC52E37798B} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-05-13] (RealNetworks, Inc.)</p><p>Task: {6ADC336B-FE06-4467-806A-419DF1628E00} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)</p><p>Task: {6B4604D6-F11C-49C4-93BF-D5ECBA2CFC45} - System32\Tasks\TOSHIBA Wireless Display Monitor => C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe [2010-12-25] (TOSHIBA CORPORATION)</p><p>Task: {7025644A-1DDE-4AEF-AC53-78F803606F24} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)</p><p>Task: {76F15679-A3CA-4BB9-932C-3DF9074C156B} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-05-13] (RealNetworks, Inc.)</p><p>Task: {7EF0C0E7-7352-4357-B35A-201A0AED8200} - System32\Tasks\{D8C3F3D6-E77B-476A-B82D-07A5FD7162B1} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2014-03-31] (Microsoft Corporation)</p><p>Task: {8943085F-E25F-46D9-8A5B-84C75688E843} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-05-13] (RealNetworks, Inc.)</p><p>Task: {940D7671-4B76-475E-8407-EEDDB21EDF20} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()</p><p>Task: {95D68145-586A-4921-8203-D5A04698B5AF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-10] (Adobe Systems Incorporated)</p><p>Task: {9D1AFFF9-ECEF-46CF-8EA7-AB0838D9FAA3} - System32\Tasks\{500D4E0F-ACAF-47FA-9AEC-38833FDA2752} => C:\Program Files\TOSHIBA\ReelTime\TosReelTime.exe [2011-06-28] (TOSHIBA Corporation)</p><p>Task: {ADADC4FA-E17C-48F5-9C4C-F72E0C3830FF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)</p><p>Task: {B0369A49-BAF1-4698-82FE-3E2C57972368} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)</p><p>Task: {B84CC2A0-EBEA-4ED1-8FB8-BDDC1BBB2D76} - System32\Tasks\{CFCE1706-F261-41EA-A808-6C172F63151A} => C:\Program Files\TOSHIBA\ReelTime\TosReelTime.exe [2011-06-28] (TOSHIBA Corporation)</p><p>Task: {C291C569-8DE4-421F-B04B-82552EA6869C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup</p><p>Task: {D834F957-CE5A-4841-93F2-3A6B5EE1752A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.)</p><p>Task: {D95B6B18-6C4C-41F8-A0D4-FD56DA12FDED} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)</p><p>Task: {DC334054-2E94-4746-BE45-97512C224ED3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.)</p><p>Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\windows\Tasks\WpsNotifyTask_melen.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe</p><p>Task: C:\windows\Tasks\WpsUpdateTask_melen.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe</p><p></p><p>==================== Loaded Modules (whitelisted) =============</p><p></p><p>2013-09-20 05:01 - 2013-08-23 22:42 - 00559864 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll</p><p>2014-03-29 15:15 - 2014-03-29 15:15 - 03672064 _____ () C:\windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\a568bcbc3f03090813d1338635ee29ef\PCGPreCompiled.ni.dll</p><p>2014-03-29 15:16 - 2014-03-29 15:16 - 00267264 _____ () C:\windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\f5bee53ddbcdc57d61ef82dbb4627072\PCGAppControlPluginLoader.ni.dll</p><p>2014-03-29 15:16 - 2014-03-29 15:16 - 00068096 _____ () C:\windows\assembly\NativeImages_v2.0.50727_64\SignalRWrapper\601a6f0e1fdf662c61c25ba3d4533771\SignalRWrapper.ni.dll</p><p>2013-11-14 14:26 - 2013-11-14 14:26 - 00090688 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll</p><p>2014-06-08 01:26 - 2014-06-08 01:26 - 00573528 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll</p><p>2014-05-09 12:24 - 2014-06-18 06:51 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll</p><p>2014-05-18 08:09 - 2014-05-18 08:09 - 01020928 _____ () C:\Users\melen\AppData\Roaming\Mozilla\Firefox\Profiles\yqwqyau9.default-1383896576037\extensions\<a href="mailto:support@lastpass.com">support@lastpass.com</a>\platform\WINNT_x86-msvc\components\lpxpcom.dll</p><p></p><p>==================== Alternate Data Streams (whitelisted) =========</p><p></p><p>AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1</p><p>AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2</p><p>AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3</p><p>AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4</p><p>AlternateDataStreams: C:\ProgramData\TEMP:07BF512B</p><p>AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51</p><p>AlternateDataStreams: C:\ProgramData\TEMP:5C321E34</p><p>AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6</p><p></p><p>==================== Safe Mode (whitelisted) ===================</p><p></p><p></p><p>==================== EXE Association (whitelisted) =============</p><p></p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items =========</p><p></p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (06/19/2014 01:46:09 AM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".</p><p>Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.</p><p>Please use sxstrace.exe for detailed diagnosis.</p><p></p><p>Error: (06/18/2014 01:00:27 AM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".</p><p>Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.</p><p>Please use sxstrace.exe for detailed diagnosis.</p><p></p><p>Error: (06/17/2014 09:04:36 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program Explorer.exe version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 594</p><p></p><p>Start Time: 01cf8a9057301d5a</p><p></p><p>Termination Time: 0</p><p></p><p>Application Path: C:\windows\Explorer.exe</p><p></p><p>Report Id: 7598eb88-f684-11e3-9594-001edef7ed0f</p><p></p><p>Error: (06/17/2014 08:57:56 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 41c</p><p></p><p>Start Time: 01cf8a17bd840480</p><p></p><p>Termination Time: 0</p><p></p><p>Application Path: C:\windows\Explorer.EXE</p><p></p><p>Report Id: 82dea189-f683-11e3-9594-001edef7ed0f</p><p></p><p>Error: (06/17/2014 08:07:21 AM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".</p><p>Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.</p><p>Please use sxstrace.exe for detailed diagnosis.</p><p></p><p>Error: (06/17/2014 06:33:21 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4</p><p>Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000</p><p>Exception code: 0xc000041d</p><p>Fault offset: 0x0000000002cb0fd8</p><p>Faulting process id: 0x850</p><p>Faulting application start time: 0xexplorer.exe0</p><p>Faulting application path: explorer.exe1</p><p>Faulting module path: explorer.exe2</p><p>Report Id: explorer.exe3</p><p></p><p>Error: (06/17/2014 06:33:19 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4</p><p>Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0000000002cb0fd8</p><p>Faulting process id: 0x850</p><p>Faulting application start time: 0xexplorer.exe0</p><p>Faulting application path: explorer.exe1</p><p>Faulting module path: explorer.exe2</p><p>Report Id: explorer.exe3</p><p></p><p>Error: (06/15/2014 02:46:40 PM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".</p><p>Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.</p><p>Please use sxstrace.exe for detailed diagnosis.</p><p></p><p>Error: (06/15/2014 02:46:18 PM) (Source: SideBySide) (EventID: 80) (User: )</p><p>Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.</p><p>A component version required by the application conflicts with another component version already active.</p><p>Conflicting components are:.</p><p>Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.</p><p>Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.</p><p></p><p>Error: (06/15/2014 00:10:03 PM) (Source: SideBySide) (EventID: 80) (User: )</p><p>Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.</p><p>A component version required by the application conflicts with another component version already active.</p><p>Conflicting components are:.</p><p>Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.</p><p>Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (06/15/2014 10:04:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has stopped unexpectedly.</p><p></p><p>Module Path: C:\windows\System32\IWMSSvc.dll</p><p></p><p>Error: (06/15/2014 10:04:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has stopped unexpectedly.</p><p></p><p>Module Path: C:\windows\System32\IWMSSvc.dll</p><p></p><p>Error: (06/15/2014 09:23:47 AM) (Source: DCOM) (EventID: 10005) (User: )</p><p>Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}</p><p></p><p>Error: (06/15/2014 09:23:47 AM) (Source: DCOM) (EventID: 10005) (User: )</p><p>Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}</p><p></p><p>Error: (06/15/2014 09:23:44 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\windows\System32\IWMSSvc.dll</p><p>Error Code: 21</p><p></p><p>Error: (06/15/2014 09:23:45 AM) (Source: DCOM) (EventID: 10005) (User: )</p><p>Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}</p><p></p><p>Error: (06/15/2014 09:23:39 AM) (Source: DCOM) (EventID: 10005) (User: )</p><p>Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}</p><p></p><p>Error: (06/15/2014 09:23:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: )</p><p>Description: The following boot-start or system-start driver(s) failed to load:</p><p>BHDrvx64</p><p>ccSet_NAV</p><p>discache</p><p>eeCtrl</p><p>IDSVia64</p><p>Soluto</p><p>spldr</p><p>SRTSPX</p><p>SymIRON</p><p>SymNetS</p><p>Wanarpv6</p><p></p><p>Error: (06/15/2014 03:59:14 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)</p><p>Description: WLAN Extensibility Module has failed to start.</p><p></p><p>Module Path: C:\windows\System32\IWMSSvc.dll</p><p>Error Code: 21</p><p></p><p>Error: (06/15/2014 03:59:08 AM) (Source: DCOM) (EventID: 10005) (User: )</p><p>Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}</p><p></p><p></p><p>Microsoft Office Sessions:</p><p>=========================</p><p>Error: (06/19/2014 01:46:09 AM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{DDA3E863-CD90-4180-80A2-A1522ECC9531}\recordingmanager.exe</p><p></p><p>Error: (06/18/2014 01:00:27 AM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{DDA3E863-CD90-4180-80A2-A1522ECC9531}\recordingmanager.exe</p><p></p><p>Error: (06/17/2014 09:04:36 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: Explorer.exe6.1.7601.1756759401cf8a9057301d5a0C:\windows\Explorer.exe7598eb88-f684-11e3-9594-001edef7ed0f</p><p></p><p>Error: (06/17/2014 08:57:56 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: Explorer.EXE6.1.7601.1756741c01cf8a17bd8404800C:\windows\Explorer.EXE82dea189-f683-11e3-9594-001edef7ed0f</p><p></p><p>Error: (06/17/2014 08:07:21 AM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{DDA3E863-CD90-4180-80A2-A1522ECC9531}\recordingmanager.exe</p><p></p><p>Error: (06/17/2014 06:33:21 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c000041d0000000002cb0fd885001cf8a166650ef17C:\windows\explorer.exeunknowncd39b821-f60a-11e3-9a58-001edef7ed0f</p><p></p><p>Error: (06/17/2014 06:33:19 AM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000002cb0fd885001cf8a166650ef17C:\windows\explorer.exeunknowncbec777b-f60a-11e3-9a58-001edef7ed0f</p><p></p><p>Error: (06/15/2014 02:46:40 PM) (Source: SideBySide) (EventID: 33) (User: )</p><p>Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{DDA3E863-CD90-4180-80A2-A1522ECC9531}\recordingmanager.exe</p><p></p><p>Error: (06/15/2014 02:46:18 PM) (Source: SideBySide) (EventID: 80) (User: )</p><p>Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe</p><p></p><p>Error: (06/15/2014 00:10:03 PM) (Source: SideBySide) (EventID: 80) (User: )</p><p>Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$RECYCLE.BIN\S-1-5-21-1788189479-468527142-828844343-1000\$R6VUKQD.exe</p><p></p><p></p><p>CodeIntegrity Errors:</p><p>===================================</p><p> Date: 2014-06-14 23:43:02.973</p><p> Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.</p><p></p><p> Date: 2014-06-14 23:43:02.926</p><p> Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.</p><p></p><p> Date: 2014-06-13 05:14:13.670</p><p> Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.</p><p></p><p> Date: 2014-06-13 05:14:13.623</p><p> Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.</p><p></p><p></p><p>==================== Memory info ===========================</p><p></p><p>Percentage of memory in use: 32%</p><p>Total physical RAM: 6039.3 MB</p><p>Available physical RAM: 4090.64 MB</p><p>Total Pagefile: 12076.79 MB</p><p>Available Pagefile: 10194.1 MB</p><p>Total Virtual: 8192 MB</p><p>Available Virtual: 8191.81 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (TI106399W0G) (Fixed) (Total:683.57 GB) (Free:636.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 5F2052F4)</p><p>Partition 1: (Active) - (Size=1 GB) - (Type=27)</p><p>Partition 2: (Not Active) - (Size=684 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=14 GB) - (Type=17)</p><p></p><p>==================== End Of Log ============================</p></blockquote><p></p>
[QUOTE="melen001, post: 212089, member: 11572"] Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2014 Ran by melen at 2014-06-19 08:59:48 Running from C:\Users\melen\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB} AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - ) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Artweaver Free 4 (HKLM-x32\...\{6567E404-A019-4D0C-BD18-10564126A579}_is1) (Version: 4.0 - Boris Eyrich Software) Ashampoo Burning Studio 2014 v.12.0.5 (HKLM-x32\...\{91B33C97-280F-B76D-E27B-E712D7041B76}_is1) (Version: 12.0.5 - Ashampoo GmbH & Co. KG) AT&T Labs' Natural Voices 1.4 - Desktop Runtime (HKLM-x32\...\AT&T Labs' Natural Voices 1.4 - Desktop Runtime_is1) (Version: 1.4.0916 - AT&T Labs) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.) BB FlashBack Express (HKLM-x32\...\BB FlashBack Express) (Version: 4.1.10.3209 - Blueberry) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform) CintaNotes 2.6.1 (HKLM-x32\...\CintaNotes_is1) (Version: - Cinta Software) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{2A16B95F-7377-410A-B961-EFD9394E1AF3}) (Version: - Microsoft) Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform) DeskMarker (HKLM-x32\...\4_is1) (Version: 2.0 - delight software gmbh) Duplicate Cleaner Free 3.2.4 (HKLM-x32\...\Duplicate Cleaner Free) (Version: 3.2.4 - DigitalVolcano Software Ltd) EaseUS Data Recovery Wizard 7.5 (HKLM-x32\...\EaseUS Data Recovery Wizard 7.5_is1) (Version: - EaseUS) Emsisoft HiJackFree 4.5 (HKLM-x32\...\Emsisoft HiJackFree_is1) (Version: 4.5 - Emsisoft GmbH) Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited) FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft) FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes) FotoSketcher 2.85 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.57.5189 - Gretech Corporation) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) HWiNFO64 Version 4.36 (HKLM\...\HWiNFO64_is1) (Version: 4.36 - Martin Malík - REALiX) ICA (x32 Version: 14.0.0.345 - Corel Corporation) Hidden Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation) Intel(R) PRO/Wireless Driver (Version: 16.11.0000.1384 - Intel Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 16.10.0.0136 - Intel Corporation) Hidden Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.10.255 - Intel Corporation) Intel(R) WiDi (HKLM\...\{62E7C369-64FF-452C-8F46-6BE9B77FF097}) (Version: 4.0.18.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless Software (HKLM-x32\...\{eddf4201-b72e-4e94-9e7b-ac1ba97c029f}) (Version: 16.11.0 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (Version: 16.10.0.0307 - Intel Corporation) Hidden Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.8.2663 - IObit) IObit Unlocker (HKLM-x32\...\IObit Unlocker_is1) (Version: 1.1 - IObit) IPM_PSP_COM (x32 Version: 14.0.0.345 - Corel Corporation) Hidden Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.68.0 - JMicron Technology Corp.) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kingsoft Office 2013 (9.1.0.4550) (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4550 - Kingsoft Corp.) LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version: - LastPass) LightBox Free Image Editor (HKLM-x32\...\LightBox Free Image Editor) (Version: - ) Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.2 - Paramount Software (UK) Ltd.) Macrium Reflect Free Edition (Version: 5.2.6515 - Paramount Software (UK) Ltd.) Hidden Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) MFC RunTime files x64 (Version: 1.0.0 - Extensoft) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Access Runtime 2010 (HKLM\...\Office14.AccessRT) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office Access Runtime 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Runtime MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Mozilla Firefox 24.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 24.0 (x86 en-US)) (Version: 24.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MyDefrag v4.3.1 (HKLM\...\MyDefrag v4.3.1_is1) (Version: 4.0.0.0 - J.C. Kessels) Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.3.0.12 - Symantec Corporation) PandoraRecovery (Remove Only) (HKLM-x32\...\PandoraRecovery) (Version: - ) Perfect Effects 8 (HKLM-x32\...\{C982ACFF-5997-4B7D-B3E1-CF7273A06FB2}) (Version: 8.1.0 - onOne Software) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PSPPContent (x32 Version: 14.0.0.345 - Corel Corporation) Hidden PSPPHelp (x32 Version: 14.0.0.345 - Corel Corporation) Hidden PSPPro64 (Version: 14.0.0.345 - Corel Corporation) Hidden Puran File Recovery 1.2 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software) Q-Dir (HKLM\...\Q-Dir) (Version: - ) Q-Dir (HKLM-x32\...\Q-Dir) (Version: - ) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) RealDownloader (x32 Version: 17.0.10 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Reboot Delete File Ex v1.3 (HKLM-x32\...\Reboot Delete File Ex_is1) (Version: 1.3.0.0 - DVDAVITools) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Reor version 1.2 (HKLM-x32\...\{0BFA4F28-1D22-4B56-B993-D3ABA390C0F3}_is1) (Version: 1.2 - Ajay Menon) Secure Eraser (HKLM-x32\...\Secure Eraser_is1) (Version: 4.2.0.1 - ASCOMP Software GmbH) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{08798025-46CC-4EB0-A0B3-4E25DA3BBC10}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden Setup (x32 Version: 14.0.0.345 - Corel Corporation) Hidden Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.) Soluto (HKLM\...\{037C627B-384E-450E-866C-95BAB3CDEA17}) (Version: 1.3.1494.0 - Soluto) Spotify (HKCU\...\Spotify) (Version: 0.9.10.14.g578d350b - Spotify AB) SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC) SRS Premium Sound Control Panel (HKLM\...\{75A43A49-A6A1-4FCB-A41E-02D76E166691}) (Version: 1.12.0800 - SRS Labs, Inc.) System Explorer 5.7.0 (HKLM-x32\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group) System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29327 - TeamViewer) TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA) TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.1 - TOSHIBA CORPORATION) TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation) TOSHIBA Bulletin Board (Version: 1.6.11.64 - TOSHIBA Corporation) Hidden TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation) TOSHIBA Hardware Setup (HKLM\...\HWSetup_is1) (Version: 1.0.64.6 - TOSHIBA CORPORATION) TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.2.15 - TOSHIBA Corporation) TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.12 - TOSHIBA Corporation) TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION) TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION) TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation) TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION) TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation) TOSHIBA ReelTime (Version: 1.7.21.64 - TOSHIBA Corporation) Hidden TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.3.03 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.3.0 - TOSHIBA) TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.0022.000104 - TOSHIBA Corporation) TOSHIBA Supervisor Password (HKLM\...\SVPW_is1) (Version: 1.0.64.6 - TOSHIBA CORPORATION) TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA) TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0023.640204 - TOSHIBA Corporation) TOSHIBA Value Added Package (Version: 1.6.0023.640204 - TOSHIBA Corporation) Hidden TOSHIBA Value Added Package (x32 Version: 1.6.0023.640204 - TOSHIBA Corporation) Hidden TOSHIBA VIDEO PLAYER (HKLM\...\{27C3DB42-A9C1-4B44-A164-93849D160D12}) (Version: 5.3.18.82 - Toshiba Corporation) TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.35 - TOSHIBA Corporation) TOSHIBA Web Camera Application (x32 Version: 2.0.3.35 - TOSHIBA Corporation) Hidden TOSHIBA Wireless Display Monitor (HKLM-x32\...\{617773AE-ADBA-4479-BB04-65FE7758B35C}) (Version: 1.0.1 - TOSHIBA CORPORATION) TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.9 - TOSHIBA) Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 2.7.5 - Tweaking.com) Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{79C725A1-3964-421C-A528-78C1C083C7C7}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{95BE5D45-A3DD-4CB1-8C35-D75DD7B4D862}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{4AD36582-256B-433D-8593-F31773A15CA4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-001C-0000-1000-0000000FF1CE}_Office14.AccessRT_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878225) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{8A6BDA63-4D23-4485-A466-8979E10BCF49}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{3029C408-1DD1-4273-8E58-87CB1B638FC8}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.AccessRT_{77374F16-2DC6-4EEF-AFAD-C59FDA2E010D}) (Version: - Microsoft) UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 31.0.2014.0 - BillP Studios) Wise Registry Cleaner 8.12 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 8.12 - WiseCleaner.com, Inc.) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.) Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_EN_is1) (Version: 16.0.1.5 - ZONER software) ==================== Restore Points ========================= 17-06-2014 10:37:40 IObit Uninstaller restore point 18-06-2014 01:21:52 IObit Uninstaller restore point 18-06-2014 02:15:06 Configured TOSHIBA ReelTime 18-06-2014 02:16:14 Configured TOSHIBA ReelTime 18-06-2014 02:18:26 Installed TOSHIBA ReelTime 18-06-2014 03:08:26 Configured TOSHIBA ReelTime 18-06-2014 03:10:25 Installed TOSHIBA ReelTime 19-06-2014 12:18:49 Installed HiJackThis ==================== Hosts content: ========================== 2009-07-13 22:34 - 2014-06-14 23:45 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {23A805B4-6380-4E78-9E48-03BEB1FB240D} - System32\Tasks\WpsUpdateTask_melen => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe [2014-03-30] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {39A6F86E-6377-41D2-AC14-A1DF53140E9A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe Task: {5396FAFB-DC74-410E-87B5-3126BF6C7875} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {5771F0DD-259A-4EAC-AD1C-F1B35035A427} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd) Task: {5D9DC44F-84B2-4204-810D-C17C4E90F296} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-05-21] (IObit) Task: {602785DA-81E9-41BD-B0CA-C99835519994} - System32\Tasks\WpsNotifyTask_melen => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe [2014-03-30] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {64B0E495-AE33-49C6-AA7C-EDC52E37798B} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-05-13] (RealNetworks, Inc.) Task: {6ADC336B-FE06-4467-806A-419DF1628E00} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {6B4604D6-F11C-49C4-93BF-D5ECBA2CFC45} - System32\Tasks\TOSHIBA Wireless Display Monitor => C:\Program Files (x86)\TOSHIBA\widimon\widimon.exe [2010-12-25] (TOSHIBA CORPORATION) Task: {7025644A-1DDE-4AEF-AC53-78F803606F24} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation) Task: {76F15679-A3CA-4BB9-932C-3DF9074C156B} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-05-13] (RealNetworks, Inc.) Task: {7EF0C0E7-7352-4357-B35A-201A0AED8200} - System32\Tasks\{D8C3F3D6-E77B-476A-B82D-07A5FD7162B1} => C:\Program Files (x86)\Windows Live\Mail\wlmail.exe [2014-03-31] (Microsoft Corporation) Task: {8943085F-E25F-46D9-8A5B-84C75688E843} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-05-13] (RealNetworks, Inc.) Task: {940D7671-4B76-475E-8407-EEDDB21EDF20} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] () Task: {95D68145-586A-4921-8203-D5A04698B5AF} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-10] (Adobe Systems Incorporated) Task: {9D1AFFF9-ECEF-46CF-8EA7-AB0838D9FAA3} - System32\Tasks\{500D4E0F-ACAF-47FA-9AEC-38833FDA2752} => C:\Program Files\TOSHIBA\ReelTime\TosReelTime.exe [2011-06-28] (TOSHIBA Corporation) Task: {ADADC4FA-E17C-48F5-9C4C-F72E0C3830FF} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation) Task: {B0369A49-BAF1-4698-82FE-3E2C57972368} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {B84CC2A0-EBEA-4ED1-8FB8-BDDC1BBB2D76} - System32\Tasks\{CFCE1706-F261-41EA-A808-6C172F63151A} => C:\Program Files\TOSHIBA\ReelTime\TosReelTime.exe [2011-06-28] (TOSHIBA Corporation) Task: {C291C569-8DE4-421F-B04B-82552EA6869C} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {D834F957-CE5A-4841-93F2-3A6B5EE1752A} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.) Task: {D95B6B18-6C4C-41F8-A0D4-FD56DA12FDED} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated) Task: {DC334054-2E94-4746-BE45-97512C224ED3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1788189479-468527142-828844343-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\WpsNotifyTask_melen.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe Task: C:\windows\Tasks\WpsUpdateTask_melen.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-09-20 05:01 - 2013-08-23 22:42 - 00559864 _____ () C:\Program Files (x86)\ASCOMP Software\Secure Eraser\SecEraser64.dll 2014-03-29 15:15 - 2014-03-29 15:15 - 03672064 _____ () C:\windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\a568bcbc3f03090813d1338635ee29ef\PCGPreCompiled.ni.dll 2014-03-29 15:16 - 2014-03-29 15:16 - 00267264 _____ () C:\windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\f5bee53ddbcdc57d61ef82dbb4627072\PCGAppControlPluginLoader.ni.dll 2014-03-29 15:16 - 2014-03-29 15:16 - 00068096 _____ () C:\windows\assembly\NativeImages_v2.0.50727_64\SignalRWrapper\601a6f0e1fdf662c61c25ba3d4533771\SignalRWrapper.ni.dll 2013-11-14 14:26 - 2013-11-14 14:26 - 00090688 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll 2014-06-08 01:26 - 2014-06-08 01:26 - 00573528 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll 2014-05-09 12:24 - 2014-06-18 06:51 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-05-18 08:09 - 2014-05-18 08:09 - 01020928 _____ () C:\Users\melen\AppData\Roaming\Mozilla\Firefox\Profiles\yqwqyau9.default-1383896576037\extensions\[email]support@lastpass.com[/email]\platform\WINNT_x86-msvc\components\lpxpcom.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4 AlternateDataStreams: C:\ProgramData\TEMP:07BF512B AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 AlternateDataStreams: C:\ProgramData\TEMP:C31F31E6 ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (06/19/2014 01:46:09 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/18/2014 01:00:27 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/17/2014 09:04:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Explorer.exe version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 594 Start Time: 01cf8a9057301d5a Termination Time: 0 Application Path: C:\windows\Explorer.exe Report Id: 7598eb88-f684-11e3-9594-001edef7ed0f Error: (06/17/2014 08:57:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 41c Start Time: 01cf8a17bd840480 Termination Time: 0 Application Path: C:\windows\Explorer.EXE Report Id: 82dea189-f683-11e3-9594-001edef7ed0f Error: (06/17/2014 08:07:21 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/17/2014 06:33:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc000041d Fault offset: 0x0000000002cb0fd8 Faulting process id: 0x850 Faulting application start time: 0xexplorer.exe0 Faulting application path: explorer.exe1 Faulting module path: explorer.exe2 Report Id: explorer.exe3 Error: (06/17/2014 06:33:19 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0000000002cb0fd8 Faulting process id: 0x850 Faulting application start time: 0xexplorer.exe0 Faulting application path: explorer.exe1 Faulting module path: explorer.exe2 Report Id: explorer.exe3 Error: (06/15/2014 02:46:40 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1". Dependent Assembly rpshellextension.1.0,language="*",type="win32",version="1.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (06/15/2014 02:46:18 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (06/15/2014 00:10:03 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Activation context generation failed for "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Component 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (06/15/2014 10:04:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll Error: (06/15/2014 10:04:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\windows\System32\IWMSSvc.dll Error: (06/15/2014 09:23:47 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (06/15/2014 09:23:47 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} Error: (06/15/2014 09:23:44 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21 Error: (06/15/2014 09:23:45 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF} Error: (06/15/2014 09:23:39 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC} Error: (06/15/2014 09:23:29 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: BHDrvx64 ccSet_NAV discache eeCtrl IDSVia64 Soluto spldr SRTSPX SymIRON SymNetS Wanarpv6 Error: (06/15/2014 03:59:14 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY) Description: WLAN Extensibility Module has failed to start. Module Path: C:\windows\System32\IWMSSvc.dll Error Code: 21 Error: (06/15/2014 03:59:08 AM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} Microsoft Office Sessions: ========================= Error: (06/19/2014 01:46:09 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{DDA3E863-CD90-4180-80A2-A1522ECC9531}\recordingmanager.exe Error: (06/18/2014 01:00:27 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{DDA3E863-CD90-4180-80A2-A1522ECC9531}\recordingmanager.exe Error: (06/17/2014 09:04:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.exe6.1.7601.1756759401cf8a9057301d5a0C:\windows\Explorer.exe7598eb88-f684-11e3-9594-001edef7ed0f Error: (06/17/2014 08:57:56 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Explorer.EXE6.1.7601.1756741c01cf8a17bd8404800C:\windows\Explorer.EXE82dea189-f683-11e3-9594-001edef7ed0f Error: (06/17/2014 08:07:21 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{DDA3E863-CD90-4180-80A2-A1522ECC9531}\recordingmanager.exe Error: (06/17/2014 06:33:21 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c000041d0000000002cb0fd885001cf8a166650ef17C:\windows\explorer.exeunknowncd39b821-f60a-11e3-9a58-001edef7ed0f Error: (06/17/2014 06:33:19 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000002cb0fd885001cf8a166650ef17C:\windows\explorer.exeunknowncbec777b-f60a-11e3-9a58-001edef7ed0f Error: (06/15/2014 02:46:40 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{DDA3E863-CD90-4180-80A2-A1522ECC9531}\recordingmanager.exe Error: (06/15/2014 02:46:18 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (06/15/2014 00:10:03 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\$RECYCLE.BIN\S-1-5-21-1788189479-468527142-828844343-1000\$R6VUKQD.exe CodeIntegrity Errors: =================================== Date: 2014-06-14 23:43:02.973 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-14 23:43:02.926 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-13 05:14:13.670 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-06-13 05:14:13.623 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 32% Total physical RAM: 6039.3 MB Available physical RAM: 4090.64 MB Total Pagefile: 12076.79 MB Available Pagefile: 10194.1 MB Total Virtual: 8192 MB Available Virtual: 8191.81 MB ==================== Drives ================================ Drive c: (TI106399W0G) (Fixed) (Total:683.57 GB) (Free:636.53 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 5F2052F4) Partition 1: (Active) - (Size=1 GB) - (Type=27) Partition 2: (Not Active) - (Size=684 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=14 GB) - (Type=17) ==================== End Of Log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top