Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-09-2015
Ran by Vala (2015-09-09 22:20:18)
Running from C:\Users\Vala\Downloads
Windows 8.1 (X64) (2014-09-07 21:32:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1699397770-1706359949-1841341789-500 - Administrator - Disabled)
Guest (S-1-5-21-1699397770-1706359949-1841341789-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1699397770-1706359949-1841341789-1003 - Limited - Enabled)
Open (S-1-5-21-1699397770-1706359949-1841341789-1006 - Limited - Enabled) => C:\Users\Open
Vala (S-1-5-21-1699397770-1706359949-1841341789-1005 - Administrator - Enabled) => C:\Users\Vala
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: ESET NOD32 Antivirus 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Process Hacker 2.36 (r6153) (HKLM\...\Process_Hacker2_is1) (Version: 2.36.0.6153 - wj32)
Psychonauts (HKLM-x32\...\Psychonauts_is1) (Version: - GOG.com)
PureRef (HKLM-x32\...\PureRef) (Version: 1.6.0 - Idyllic Pixel)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.012 - Dell Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.43 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version: - Punk Software)
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.6.0.13 - GOG.com)
Skype™ 7.9 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.9.103 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1204 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
This War of Mine (HKLM-x32\...\1207666873_is1) (Version: 2.0.0.2 - GOG.com)
Unity Web Player (HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Zombies Monsters Robots (HKLM-x32\...\Steam App 306830) (Version: - Yingpei Games)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
19-08-2015 08:12:49 Scheduled Checkpoint
27-08-2015 15:46:02 Scheduled Checkpoint
04-09-2015 20:14:26 Scheduled Checkpoint
07-09-2015 01:24:12 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
07-09-2015 01:24:55 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
07-09-2015 01:25:28 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
07-09-2015 01:26:13 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2AE5C956-72F6-47D7-BD9F-AF681E10FDD9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {6DDF1087-8018-44BB-B5CE-4926AAF50729} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {830F2AC1-C4BB-41CF-AFF7-7F29A400CF62} - System32\Tasks\SUPERAntiSpyware Scheduled Task 1846d608-a8d3-44e2-aa3c-1776865fb73e => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {9763B52D-131F-468B-B644-53B466672220} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {AC745D74-E436-436A-8B0A-F31896F069E3} - System32\Tasks\AdobeAAMUpdater-1.0-Nick-Vala => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {C5BDEF03-4CF1-4B81-B611-829BE85D3E9F} - System32\Tasks\SUPERAntiSpyware Scheduled Task d3907744-da3e-464f-b879-4172389e63b6 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
Task: {E4C36EB6-6732-47C3-A80A-3914FD6ECE98} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-11-22] (Synaptics Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 1846d608-a8d3-44e2-aa3c-1776865fb73e.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task d3907744-da3e-464f-b879-4172389e63b6.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Loaded Modules (Whitelisted) ==============
2015-06-13 14:17 - 2015-06-13 14:17 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-10-21 06:54 - 2007-09-02 16:58 - 00495616 _____ () C:\Program Files (x86)\RocketDock\RocketDock.exe
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-09-09 08:33 - 2014-12-08 03:21 - 01092296 _____ () C:\Program Files (x86)\MKJogo\MK IM\Bin\ucybl.exe
2015-09-03 20:57 - 2015-08-27 21:56 - 01868104 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libglesv2.dll
2015-09-03 20:57 - 2015-08-27 21:56 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\libegl.dll
2015-09-03 20:57 - 2015-08-27 21:56 - 28659016 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\PepperFlash\pepflashplayer.dll
2015-09-02 19:03 - 2015-09-02 19:03 - 00217568 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe
2015-09-02 19:03 - 2015-09-02 19:03 - 00221152 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\IMVUClient.exe
2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-11-10 12:12 - 2014-11-10 12:12 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-10-21 06:54 - 2007-09-02 16:57 - 00069632 _____ () C:\Program Files (x86)\RocketDock\RocketDock.dll
2015-05-15 16:27 - 2015-05-15 16:27 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-12-08 03:21 - 2014-12-08 03:21 - 00799232 _____ () C:\Program Files (x86)\MKJogo\MK IM\Bin\sqlite3.dll
2014-12-08 03:21 - 2014-12-08 03:21 - 01721856 _____ () C:\Program Files (x86)\MKJogo\MK IM\Bin\RLib.dll
2014-12-08 03:21 - 2014-12-08 03:21 - 01191936 _____ () C:\Program Files (x86)\MKJogo\MK IM\Bin\ACE.dll
2014-12-08 03:21 - 2015-08-31 21:55 - 01017544 _____ () C:\Program Files (x86)\MKJogo\MK IM\LOL\AddonSkin-LOL.dll
2015-05-20 21:19 - 2015-05-20 21:19 - 00098304 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\win32api.pyd
2015-05-20 21:19 - 2015-05-20 21:19 - 00109568 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\pywintypes27.dll
2015-05-20 21:19 - 2015-05-20 21:19 - 00110592 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\win32file.pyd
2015-05-20 21:18 - 2015-05-20 21:18 - 00016896 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\win32event.pyd
2015-05-20 21:19 - 2015-05-20 21:19 - 00087040 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_ctypes.pyd
2015-05-20 21:18 - 2015-05-20 21:18 - 00166912 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\win32gui.pyd
2015-05-20 21:19 - 2015-05-20 21:19 - 00034816 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\win32process.pyd
2015-05-20 21:18 - 2015-05-20 21:18 - 00357888 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\pythoncom27.dll
2015-05-20 21:18 - 2015-05-20 21:18 - 00265216 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\win32com.shell.shell.pyd
2015-05-20 21:19 - 2015-05-20 21:19 - 00016384 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\win32clipboard.pyd
2015-05-20 21:18 - 2015-05-20 21:18 - 00007168 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_win32sysloader.pyd
2015-05-20 21:19 - 2015-05-20 21:19 - 00046080 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_socket.pyd
2015-05-20 21:19 - 2015-05-20 21:19 - 00028160 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_ssl.pyd
2015-05-20 21:18 - 2015-05-20 21:18 - 00659456 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_imaging.pyd
2015-05-20 22:06 - 2015-05-20 22:06 - 00911872 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_cal3d.pyd
2015-05-20 21:29 - 2015-05-20 21:29 - 00216576 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\boost_python.dll
2015-05-20 21:30 - 2015-05-20 21:30 - 00360960 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\cal3d.dll
2015-05-20 21:29 - 2015-05-20 21:29 - 00031744 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\CallStack.dll
2015-08-06 13:48 - 2015-08-06 13:48 - 01892352 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_avatarwindow.pyd
2015-05-20 21:35 - 2015-05-20 21:35 - 00169984 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\zero.dll
2015-05-20 21:35 - 2015-05-20 21:35 - 00052736 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\pixmap.dll
2015-08-06 13:46 - 2015-08-06 13:46 - 00920064 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\SceneWindow.dll
2015-05-20 21:34 - 2015-05-20 21:34 - 00072704 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\ParticleLib.dll
2015-05-20 21:37 - 2015-05-20 21:37 - 00014336 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\MemoryHook.dll
2015-05-20 21:19 - 2015-05-20 21:19 - 00126976 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\pyexpat.pyd
2015-05-20 22:08 - 2015-05-20 22:08 - 00059392 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_sqlite3.pyd
2015-05-20 21:52 - 2015-05-20 21:52 - 00506368 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\sqlite3.dll
2015-05-20 21:19 - 2015-05-20 21:19 - 00010240 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\select.pyd
2015-05-20 22:08 - 2015-05-20 22:08 - 00044032 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_pylzma.pyd
2015-08-06 13:49 - 2015-08-06 13:49 - 00131072 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_imvugecko.pyd
2015-08-06 13:47 - 2015-08-06 13:47 - 00190976 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\imvugecko.dll
2015-05-20 21:07 - 2015-05-20 21:07 - 00872448 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\js3250.dll
2015-05-20 22:08 - 2015-05-20 22:08 - 00135680 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_libzero.pyd
2015-08-06 13:49 - 2015-08-06 13:49 - 00083968 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\_imvuflash.pyd
2015-08-06 13:47 - 2015-08-06 13:47 - 00111104 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\imvuflash.dll
2015-05-20 21:45 - 2015-05-20 21:45 - 00010752 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\nphwndproxy.dll
2015-05-20 21:24 - 2015-05-20 21:24 - 17024688 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\NPSWF32.dll
2015-05-20 21:19 - 2015-05-20 21:19 - 00686080 _____ () C:\Users\Vala\AppData\Roaming\IMVUClient\unicodedata.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\27263692.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\32013379.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\53930880.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\59487981.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\59540859.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\61987929.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\75870151.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\77961255.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80515704.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\81722075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\27263692.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\32013379.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\53930880.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\59487981.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\59540859.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\61987929.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\75870151.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\77961255.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80515704.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\81722075.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com ->
www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com ->
www.123simsen.com
There are 11405 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Vala\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdvancedSystemCareService7 => 3
MSCONFIG\Services: ekrn => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\startupreg: AdobeCS6ServiceManager => "c:\program files (x86)\common files\adobe\cs6servicemanager\cs6servicemanager.exe" -launchedbylogin
MSCONFIG\startupreg: BlueStacks Agent => c:\program files (x86)\bluestacks\hd-agent.exe
MSCONFIG\startupreg: Dxtory Update Checker 2.0 =>
MSCONFIG\startupreg: MouseDriver =>
MSCONFIG\startupreg: RtHDVBg => "c:\program files\realtek\audio\hda\ravbg64.exe" /maxx4
MSCONFIG\startupreg: Skype =>
MSCONFIG\startupreg: SwitchBoard => c:\program files (x86)\common files\adobe\switchboard\switchboard.exe
MSCONFIG\startupreg: uTorrent =>
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "D3DOverrider"
HKLM\...\StartupApproved\Run32: => "uTorrent"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run32: => "WRSVC"
HKLM\...\StartupApproved\Run32: => "UXTheme Launcher"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "MouseDriver"
HKLM\...\StartupApproved\Run32: => "PowerDVD15Agent"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "RocketDock"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "ASCTray.exe"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "ASC.exe"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "GameBooster.exe"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "launcher.exe"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "Advanced SystemCare 8"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "CCleaner"
HKU\S-1-5-21-1699397770-1706359949-1841341789-1005\...\StartupApproved\Run: => "Process Hacker 2"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{B0C26D87-DFF9-497C-A69F-7F4598236976}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{2DC76815-2D26-4A59-BD67-6D1FC165C9BF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D8C0D86B-9B7C-4359-9A4B-ACFD8BF71ECF}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{A066DE20-33A8-4C43-BBD3-48DF251FAACA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{732FF684-EFA4-4D50-BF03-C154ED171FBA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F58AD488-2E23-4924-BD0A-D0E0812782B3}] => (Allow) LPort=2869
FirewallRules: [{8A0B7691-3A37-4A76-935E-9DEBA2A8CA58}] => (Allow) LPort=1900
FirewallRules: [{5762D2FB-EB17-4DE1-9F2A-D88140A837DE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7F0DB825-BCA6-495C-8419-9FFD3E7DE5A8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{795524D8-D277-4587-9232-24410F04BAE1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C321CD08-402E-4878-B79C-5B530A02F96D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E320C745-75BB-4920-8FFF-D012F69D0FF6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5198B202-3731-49C0-AE75-3C76238F5B07}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6A9A32EA-D582-45E0-98E6-52F5329C28E5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2A8CF148-5FFC-4534-8FE4-DC5F731BB8D8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0532BB4E-0328-4171-85EC-A8366ABDD1DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{F56BA8D9-CF19-4BE1-A668-BBA7D8551C20}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{08015EFD-85FE-4368-B395-3BBC2F63D86A}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{433CEA71-757D-4394-8366-02370C902E2E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{7F9F1F20-1A79-4633-906A-1CA2EF28EE64}] => (Allow) C:\Users\Vala\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CDF34A80-9350-4AFA-8E3B-BBBD43327C22}] => (Allow) C:\Users\Vala\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8832BAA9-34FC-44A7-96B4-CBF16F8C91C6}] => (Allow) %SystemDrive%\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{706989A1-EE0E-4800-BFC9-A58FAA700D5B}] => (Allow) %SystemDrive%\Riot Games\League of Legends\lol.launcher.exe
FirewallRules: [{492D1A93-86A2-45EC-B09C-0D383DFBB9D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{F1EB0A55-968F-4242-B8BD-ACA3B4F1B962}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{F37EF24A-ECA4-4949-9408-7740F6082D02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{0D1CD10D-8B54-4D9B-AF13-7930D6985345}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{82F72679-A078-4279-9BEF-CFBED42AF969}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{5E789CBB-5017-4079-8E04-F6B9008DA058}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{F00BF2A4-99D6-4685-BCDF-806291EBB969}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A52BA5C6-8EBF-4558-963A-CBF0EC7BD5A2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4593F805-0A8C-45C2-B26E-426AD06ECCF1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{80590668-F7C5-4EC1-85A5-A27C1D47816A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{2BC3CF39-2B5A-4856-93BA-7179D8F1262E}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{97C15DE6-6C01-44F9-90E7-6464750DB3AF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{991A258E-F01D-4D7D-B12D-8F864C09CF39}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{D0C4BC97-363C-4634-BC1A-6963361A01E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E3A0E76F-4985-4E6E-A876-EDC14338E718}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8CFAB8F5-772A-436F-85B2-3139CB00C240}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A79B8270-FA6F-49EF-BE68-F78D3A1FBF9B}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{F34E2B90-C198-454E-B365-8621ACBF1993}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{97BC925E-8BA9-40B8-BFAF-C1BF061E20AF}] => (Allow) C:\Program Files (x86)\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{C8972B06-44E6-4AF3-80EE-0325CCD54FE1}] => (Allow) C:\Program Files (x86)\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{F6E4ED8D-7475-4355-8353-5DE83C59733A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{08BB8D10-1D58-42C8-B6C3-A59F45020BE6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{E80BF7A6-7C66-4D00-A691-493C53CCF04A}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{69B114FA-A677-4538-87EA-CAA2684641E7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{780BA432-2237-4249-92AC-9A3AAF3F59AE}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{C094E686-BAD0-4E0A-9CCB-91E236CDA41A}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7A8070E2-A2BA-4583-ACB0-F3678B24408B}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2AD21110-C905-4499-B91D-B67163E3DB73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{92BADAB4-CA82-4EF2-AC73-39C145ADCF75}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{10B2DAAE-6CE4-421D-813F-D6A368A8328B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D0906913-E17B-454A-89A5-2F25514EE279}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{3027982F-857F-4933-830D-B02EE863C610}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{31E72819-1BD4-493F-BE83-2F233909C84C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6028C91F-580D-4743-B14D-B1EF1EA77752}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/09/2015 10:24:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 834
Start Time: 01d0e951af99fa28
Termination Time: 0
Application Path: C:\WINDOWS\Explorer.EXE
Report Id: 27c16ba4-56fe-11e5-82a7-74867a0f02b0
Faulting package full name:
Faulting package-relative application ID:
Error: (09/09/2015 10:00:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.17.0.329, time stamp: 0x55e8a593
Faulting module name: League of Legends.exe, version: 5.17.0.329, time stamp: 0x55e8a593
Exception code: 0xc0000005
Fault offset: 0x00d7af28
Faulting process id: 0x40f8
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5
Error: (09/08/2015 10:58:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: League of Legends.exe, version: 5.17.0.329, time stamp: 0x55e8a593
Faulting module name: League of Legends.exe, version: 5.17.0.329, time stamp: 0x55e8a593
Exception code: 0xc0000005
Fault offset: 0x00d7af28
Faulting process id: 0xef0
Faulting application start time: 0xLeague of Legends.exe0
Faulting application path: League of Legends.exe1
Faulting module path: League of Legends.exe2
Report Id: League of Legends.exe3
Faulting package full name: League of Legends.exe4
Faulting package-relative application ID: League of Legends.exe5
Error: (09/07/2015 05:42:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: egui.exe, version: 8.0.319.0, time stamp: 0x559d2313
Faulting module name: ToastNotify.dll, version: 8.0.319.0, time stamp: 0x559d2398
Exception code: 0xc0000005
Fault offset: 0x0000000000002f3e
Faulting process id: 0x374
Faulting application start time: 0xegui.exe0
Faulting application path: egui.exe1
Faulting module path: egui.exe2
Report Id: egui.exe3
Faulting package full name: egui.exe4
Faulting package-relative application ID: egui.exe5
Error: (09/07/2015 01:26:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1699397770-1706359949-1841341789-1001.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {5217d51a-fda1-417d-bbdf-07b93638f178}
Error: (09/07/2015 01:25:29 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1699397770-1706359949-1841341789-1001.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {5217d51a-fda1-417d-bbdf-07b93638f178}
Error: (09/07/2015 01:24:58 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1699397770-1706359949-1841341789-1001.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {5217d51a-fda1-417d-bbdf-07b93638f178}
Error: (09/07/2015 01:24:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-1699397770-1706359949-1841341789-1001.bak). hr = 0x80070539, The security ID structure is invalid.
.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {5217d51a-fda1-417d-bbdf-07b93638f178}
Error: (09/07/2015 01:20:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Skype.exe, version: 7.7.0.103, time stamp: 0x55b7d8c2
Faulting module name: mshtml.dll, version: 11.0.9600.17842, time stamp: 0x5565cf99
Exception code: 0xc0000005
Fault offset: 0x0021f3d4
Faulting process id: 0xe90
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
Faulting package full name: Skype.exe4
Faulting package-relative application ID: Skype.exe5
Error: (09/07/2015 01:15:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Skype.exe, version: 7.7.0.103, time stamp: 0x55b7d8c2
Faulting module name: mshtml.dll, version: 11.0.9600.17842, time stamp: 0x5565cf99
Exception code: 0xc0000005
Fault offset: 0x0021f3d4
Faulting process id: 0x3b0
Faulting application start time: 0xSkype.exe0
Faulting application path: Skype.exe1
Faulting module path: Skype.exe2
Report Id: Skype.exe3
Faulting package full name: Skype.exe4
Faulting package-relative application ID: Skype.exe5
System errors:
=============
Error: (09/07/2015 06:15:27 PM) (Source: DCOM) (EventID: 10010) (User: Nick)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (09/07/2015 06:14:57 PM) (Source: DCOM) (EventID: 10010) (User: Nick)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (09/07/2015 10:31:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/07/2015 06:45:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/07/2015 06:45:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/07/2015 06:27:39 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s).
Error: (09/07/2015 05:42:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1069
Error: (09/07/2015 05:42:25 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The WSearch service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
%%50
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
Error: (09/07/2015 05:42:15 AM) (Source: DCOM) (EventID: 10010) (User: Nick)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (09/07/2015 05:41:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office:
=========================
Error: (09/09/2015 10:24:56 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1766783401d0e951af99fa280C:\WINDOWS\Explorer.EXE27c16ba4-56fe-11e5-82a7-74867a0f02b0
Error: (09/09/2015 10:00:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.17.0.32955e8a593League of Legends.exe5.17.0.32955e8a593c000000500d7af2840f801d0eb04af6c80a9C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.103\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.103\deploy\League of Legends.exe18bdd342-56fb-11e5-82a7-74867a0f02b0
Error: (09/08/2015 10:58:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: League of Legends.exe5.17.0.32955e8a593League of Legends.exe5.17.0.32955e8a593c000000500d7af28ef001d0ea44d294ff4cC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.103\deploy\League of Legends.exeC:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.103\deploy\League of Legends.exe0854c6e5-563a-11e5-82a7-74867a0f02b0
Error: (09/07/2015 05:42:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: egui.exe8.0.319.0559d2313ToastNotify.dll8.0.319.0559d2398c00000050000000000002f3e37401d0e8ea6c1c7487C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exeC:\Program Files\ESET\ESET NOD32 Antivirus\ToastNotify.dllbbbb7ede-5544-11e5-82a6-74867a0f02b0
Error: (09/07/2015 01:26:14 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1699397770-1706359949-1841341789-1001.bak)0x80070539, The security ID structure is invalid.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {5217d51a-fda1-417d-bbdf-07b93638f178}
Error: (09/07/2015 01:25:29 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1699397770-1706359949-1841341789-1001.bak)0x80070539, The security ID structure is invalid.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {5217d51a-fda1-417d-bbdf-07b93638f178}
Error: (09/07/2015 01:24:58 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1699397770-1706359949-1841341789-1001.bak)0x80070539, The security ID structure is invalid.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {5217d51a-fda1-417d-bbdf-07b93638f178}
Error: (09/07/2015 01:24:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-1699397770-1706359949-1841341789-1001.bak)0x80070539, The security ID structure is invalid.
Operation:
OnIdentify event
Gathering Writer Data
Context:
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {5217d51a-fda1-417d-bbdf-07b93638f178}
Error: (09/07/2015 01:20:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe7.7.0.10355b7d8c2mshtml.dll11.0.9600.178425565cf99c00000050021f3d4e9001d0e92c56c389b3C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Windows\SYSTEM32\mshtml.dll28544f83-5520-11e5-82a6-74867a0f02b0
Error: (09/07/2015 01:15:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Skype.exe7.7.0.10355b7d8c2mshtml.dll11.0.9600.178425565cf99c00000050021f3d43b001d0e8ea6c5a7380C:\Program Files (x86)\Skype\Phone\Skype.exeC:\Windows\SYSTEM32\mshtml.dll72088e7d-551f-11e5-82a6-74867a0f02b0
CodeIntegrity:
===================================
Date: 2015-01-18 14:13:03.005
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-09 21:10:30.260
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-01-03 21:05:28.345
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-25 13:20:33.756
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-21 09:43:08.365
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-20 20:45:37.977
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-20 01:01:26.070
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-19 12:17:35.602
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-09 09:19:54.495
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-03 04:13:25.915
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 1007U @ 1.50GHz
Percentage of memory in use: 66%
Total physical RAM: 4001.27 MB
Available physical RAM: 1329.07 MB
Total Virtual: 7353.48 MB
Available Virtual: 3641.75 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:287.29 GB) (Free:69.79 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: FCAA072E)
Partition: GPT.
==================== End of Addition.txt ============================