Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-06-2015 01 Ran by David at 2015-07-01 16:38:40 Running from C:\Users\David\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1685673173-357443733-221515080-500 - Administrator - Disabled) David (S-1-5-21-1685673173-357443733-221515080-1000 - Administrator - Enabled) => C:\Users\David Guest (S-1-5-21-1685673173-357443733-221515080-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.) ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Dreamweaver CS5 (HKLM-x32\...\{C79312BD-3E76-4474-A10C-1435D1856A4B}) (Version: 11.0 - Adobe Systems Incorporated) Adobe Dreamweaver CS5.5 (HKLM-x32\...\{0215A652-E081-4B09-9333-DC85AAB67FFA}) (Version: 11.5 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated) Adobe Flash Player Packages (HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\Adobe Flash Player Packages) (Version: - ) <==== ATTENTION Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated) Adobe Reader X (10.1.1) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.) Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) ATI Catalyst Install Manager (HKLM\...\{127BEDB9-CFBA-91A2-BCC1-A3A21AFA02F6}) (Version: 3.0.808.0 - ATI Technologies, Inc.) Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG) Battlefield 2 Complete Collection (HKLM-x32\...\Battlefield 2 Complete Collection_R.G._Element_Arts_is1) (Version: 1.5.3153.802.0 - R.G. Element Arts, Zerstoren) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden Broadcom 2070 Bluetooth 3.0 (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation) Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: - Broadcom Corporation) Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden ccc-core-static (x32 Version: 2011.0407.736.11742 - ATI) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cisco Packet Tracer 6.2 Student (HKLM-x32\...\Cisco Packet Tracer 6.2 Student_is1) (Version: - Cisco Systems, Inc.) CodeBlocks (HKU\S-1-5-21-1685673173-357443733-221515080-1000\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team) Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6_is1) (Version: Counter-Strike 1.6 No Steam - KingSOFT DVD) CPUID HWMonitor 1.21 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard) Evernote v. 4.2.2 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.2.3979 - Evernote Corp.) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin) Freemake Video Converter version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation) GDR 2218 for SQL Server 2012 (KB2716442) (64-bit) (HKLM\...\KB2716442) (Version: 11.0.2218.0 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.) Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden HP Connection Manager (HKLM-x32\...\{795AADBF-58C2-42D0-B779-E730702A247E}) (Version: 4.0.45.1 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{B86FB076-3531-4AF4-86CC-68CA36BFF48A}) (Version: 1.1.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent) HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company) HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{EB58480C-0721-483C-B354-9D35A147999F}) (Version: 2.3.6 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13253.3682 - Hewlett-Packard Company) HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E92D47A1-D27D-430A-8368-0BAFD956507D}) (Version: 5.2.9.2 - Hewlett-Packard Company) HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT) IIS Search Engine Optimization Toolkit 1.0 (HKLM\...\{BC5929D3-9D88-4B35-8E37-CD1F2849292C}) (Version: 1.0.0731 - Microsoft Corporation) Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) Java 7 Update 79 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417079FF}) (Version: 7.0.790 - Oracle) Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle) Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle) Java SE Development Kit 7 Update 79 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170790}) (Version: 1.7.0.790 - Oracle) Java(TM) 6 Update 24 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416024FF}) (Version: 6.0.240 - Oracle) Java(TM) 6 Update 24 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216024FF}) (Version: 6.0.240 - Oracle) Java(TM) SE Development Kit 6 Update 1 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.) Java(TM) SE Runtime Environment 6 Update 1 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 8.0.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.0.0 - ) LenovoUsbDriver 1.0.10 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.0.10 - Lenovo) LINE (HKLM-x32\...\LINE) (Version: 4.0.3.367 - LINE Corporation) Macromedia Dreamweaver 8 (HKLM-x32\...\{0837A661-FEC3-48B3-876C-91E7D32048A9}) (Version: 8.0.0.2734 - Macromedia) Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.) Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Lync Web App Plug-in (HKLM\...\{BFEF7F89-A8EF-440A-8CBF-90BE1B7DFB7A}) (Version: 15.8.8928.0 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Report Viewer 2012 Runtime (HKLM-x32\...\{9CCE40CE-A9E6-4916-8729-B008558EEF3F}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{83F2B8F4-5CF3-4BE9-9772-9543EAE4AC5F}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation) Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation) Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{A007BD05-ECFD-4F64-89F6-7E95F91F0DFB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{587F8B5C-D30D-4EEC-849B-FC410EA38AAF}) (Version: 11.0.2218.0 - Microsoft Corporation) Microsoft SQL Server 2012 Policies (HKLM-x32\...\{DC487E40-046E-42A9-9C7C-5D2B1A7EB211}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 RS Add-in for SharePoint (HKLM\...\{1527F893-FB8F-45D1-8B83-488E9F5C516C}) (Version: 11.0.2218.0 - Microsoft Corporation) Microsoft SQL Server 2012 Setup (English) (HKLM\...\{977887EC-1C9B-47FA-8489-88E5E7F43D5E}) (Version: 11.2.5058.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{03A2AE02-CBC9-4746-A376-0F7BF6AF5F39}) (Version: 11.0.2218.0 - Microsoft Corporation) Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{CC8B009A-98C9-497F-99AF-CEBE35D8C0CF}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{F3BBC56F-2282-4464-952F-A89772181F30}) (Version: 10.3.20116.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C3F6F200-6D7B-4879-B9EE-700C0CE1FCDA}) (Version: 10.51.2500.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM-x32\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Express - ENU (HKLM-x32\...\Microsoft Visual C++ 2010 Express - ENU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Shell (Integrated) - ENU (HKLM-x32\...\{012D26C3-E12A-3BDA-8ECE-DF14E721A507}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Shell (Isolated) - ENU (HKLM-x32\...\{D64B6984-242F-32BC-B008-752806E5FC44}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation) Microsoft VSS Writer for SQL Server 2012 (HKLM\...\{3E0DD83F-BE4C-4478-86A0-AD0D79D1353E}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation) Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 16.001.05.00.45 - Huawei Technologies Co.,Ltd) Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) Mystery P.I. - Stolen in San Francisco (x32 Version: 2.2.0.95 - WildTangent) Hidden Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden NBA 2K13 (HKLM-x32\...\{D96B6543-A0C0-4351-AF96-73DEF1DD6820}) (Version: 1.0.0 - 2K Sports) NetBeans IDE 7.2.1 (HKLM\...\nbi-nb-base-7.2.1.0.201210100934) (Version: 7.2.1 - NetBeans.org) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden PointerConnector (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{869b9e4a}) (Version: - PointerConnector) <==== ATTENTION Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.) Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden Rise of Nations Gold (HKLM-x32\...\Rise of Nations Gold_is1) (Version: - Microsoft) SalePluus (HKLM-x32\...\{B696F285-F54E-2524-58B1-E06A70ABE6BE}) (Version: - ) <==== ATTENTION SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - ) Slingo Supreme (x32 Version: 2.2.0.95 - WildTangent) Hidden SQL Server 2012 Analysis Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 BI Development Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Client Tools (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Data quality client (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Data quality service (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Distributed Replay (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Documentation Components (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Full text search (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Integration Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 Master Data Services (Version: 11.0.2218.0 - Microsoft Corporation) Hidden SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 RS_SharePoint_SharedService (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server 2012 SQL Data Quality Common (Version: 11.0.2100.60 - Microsoft Corporation) Hidden SQL Server Browser for SQL Server 2012 (HKLM-x32\...\{4B9E6EB0-0EED-4E74-9479-F982C3254F71}) (Version: 11.0.2100.60 - Microsoft Corporation) Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.4.4 - Synaptics Incorporated) Update 4.0.2 for Microsoft .NET Framework 4 Client Profile (KB2544514) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2544514) (Version: 1 - Microsoft Corporation) Update 4.0.2 for Microsoft .NET Framework 4 Extended (KB2544514) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2544514) (Version: 1 - Microsoft Corporation) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation) VitalSource Bookshelf (HKLM-x32\...\{ACBF0550-A317-4C22-AC93-0DDB73087412}) (Version: 6.01.0018 - Ingram Content Group) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) WindowsMangerProtect20.0.0.1277 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1277 - WindowsProtect LIMITED) <==== ATTENTION WinRAR 4.10 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.1 - win.rar GmbH) WinZipper (HKLM-x32\...\WinZipper) (Version: 1.5.95 - Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ASIA}_is1) (Version: - Wargaming.net) XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1685673173-357443733-221515080-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\David\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File ==================== Restore Points ========================= ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 09:34 - 2009-06-11 04:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {08A1113C-A2DA-4B2A-883C-44BD490449A3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.) Task: {107B4BE5-F490-445A-ACCE-549F256B8EEC} - System32\Tasks\PCRegistryShield_Popup => C:\Program Files (x86)\PC Registry Shield\Splash.exe <==== ATTENTION Task: {15F7E6A4-30D5-4C0A-832D-F257AB53FFD6} - System32\Tasks\PCRegistryShield_Start => C:\Program Files (x86)\PC Registry Shield\PcRegistryShield.exe <==== ATTENTION Task: {25938748-7616-4E43-9632-EC6A53A099FC} - System32\Tasks\{0AB6AF86-822A-4734-BABE-37E5EE267EB9} => C:\Game\Warcraft III\w3l.exe Task: {2ECA2BD1-1A80-41F9-A26C-C4A4B55E6D47} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated) Task: {2ED5F245-5710-49C0-A6F6-B29BD5023A8A} - System32\Tasks\{85BFD318-7D84-4871-A7D2-762BFF77EA25} => C:\Game\Warcraft III\w3l.exe Task: {30DD0ACD-0013-4E52-B72A-3B98C7091978} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Ghost Resign Task => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\HPResignFileLoader.exe [2015-06-17] (Microsoft) Task: {55FA7F85-E46C-410E-9A45-6AAA167EF060} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-23] (CyberLink) Task: {6B53199F-814C-4648-8FB4-6C138DB6F16D} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-01-31] () Task: {6BAB7E0B-06A9-43E3-901A-4F52E67D4328} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2015-01-06] () Task: {70DD3BEB-BE15-4BF4-8D26-FB28695BAB02} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company) Task: {79FF2895-84D2-46F4-9267-F299C3A8339B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-30] (Google Inc.) Task: {81895BEE-A4CF-46D6-934A-A111C0E4F5A3} - System32\Tasks\AppSafe => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== ATTENTION Task: {8FB05FC7-AED1-4BC0-964A-E42D85BDE710} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION Task: {97FCC845-F557-4706-8859-41F6C4775A84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-02-23] (Hewlett-Packard Company) Task: {AB7553D1-A081-4A70-B7C5-14254D501212} - System32\Tasks\Speedial => C:\Users\David\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {B20721BE-F0F3-47D5-9152-9B77291D750C} - System32\Tasks\HPCeeScheduleForDavid => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard) Task: {B47A7F60-50F9-4475-8B2E-8DFFA4B74633} - System32\Tasks\{AD666397-DC06-4640-B0AA-42A4BBE16AFD} => C:\Game\Warcraft III\w3l.exe Task: {D07410B1-FA85-4514-92C5-06F55E48E4E7} - System32\Tasks\{96B35852-3F50-4A28-A954-B03FCA8218EC} => C:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30] (Microsoft Corporation) Task: {D4D36EA5-A92B-4381-B7D6-DD7E4DC58398} - System32\Tasks\AdobeAAMUpdater-1.0-DAVIDHOHO-David => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {F482E15A-101E-47A0-8E53-C739A097BF9E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-06-17] (Microsoft) Task: {F7DF8D19-7D6B-4732-B5F0-26FA08A58452} - System32\Tasks\AutoKMSDaily => C:\Windows\AutoKMS.exe [2015-01-06] () Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AppSafe.job => C:\Program Files (x86)\AppSafe\AppSafe.exe <==== ATTENTION Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\AutoKMSDaily.job => C:\Windows\AutoKMS.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForDavid.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\Speedial.job => C:\Users\David\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION ==================== Loaded Modules (Whitelisted) ============== 2015-06-17 11:33 - 2015-06-17 11:33 - 08016413 _____ () C:\Program Files (x86)\Distressed Stretch\Distressed Stretch.exe 2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2013-03-11 11:18 - 2011-10-18 20:49 - 00193536 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll 2015-01-05 19:49 - 2014-09-11 21:13 - 11021824 _____ () C:\xampp\mysql\bin\mysqld.exe 2011-01-08 07:57 - 2011-01-08 07:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-04-01 19:32 - 2013-04-01 19:32 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-12-02 15:28 - 2014-11-26 10:42 - 00612528 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll 2015-01-05 19:47 - 2014-07-17 18:18 - 00219648 _____ () C:\xampp\apache\bin\pcre.dll 2015-01-05 19:50 - 2014-11-13 08:41 - 00127488 _____ () C:\xampp\php\libpq.dll 2015-01-05 19:47 - 2014-11-13 08:41 - 00117760 _____ () C:\xampp\apache\bin\libssh2.dll 2015-04-09 00:39 - 2015-04-09 00:39 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\67e9010a82d780d45c4fd2d359927737\IsdiInterop.ni.dll 2011-06-23 15:42 - 2011-01-13 07:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Temp:55B41E6A ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1685673173-357443733-221515080-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\David\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^HDDlife.lnk => C:\Windows\pss\HDDlife.lnk.Startup MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup MSCONFIG\startupfolder: C:^Users^David^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WhatsApp.lnk => C:\Windows\pss\WhatsApp.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices MSCONFIG\startupreg: cmpbcsvc => C:\Users\David\AppData\Local\Temp\clicXP32.exe MSCONFIG\startupreg: cngaxapi => C:\Users\David\AppData\Local\Temp\cmicname.exe MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: EaseUS EPM tray => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.2\bin\EpmNews.exe MSCONFIG\startupreg: FDPRO-516 => C:\Program Files (x86)\Fighters\FighterLauncher.exe FDPRO MSCONFIG\startupreg: Google Desktop Search => "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe MSCONFIG\startupreg: HPConnectionManager => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: swg => C:\Program Files (x86)\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: uTorrent => "C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{6B3740EB-5D99-48F1-B0D2-53B539BCED33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{3A4B2587-D697-44D1-BDAE-201688BC23FC}] => (Allow) LPort=2869 FirewallRules: [{809E009A-CE7B-4969-8990-AB43964FE3C3}] => (Allow) LPort=1900 FirewallRules: [{00D5614A-9AE8-4661-8D51-58AA18B43CDE}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{8B3C2753-344A-4D03-935D-71C9463C29C2}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{1CF0B2B8-3D1A-4DF9-99A3-2E739EB20CEB}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K13\nba2k13.exe FirewallRules: [{B4A194DD-D351-40D5-97D5-E3A3DBC4E1C2}] => (Allow) C:\Program Files (x86)\2K Sports\NBA 2K13\nba2k13.exe FirewallRules: [{075ECCBD-73B5-492F-9A78-E2DF6962F3A1}] => (Allow) C:\GAMES\Counter-Strike Online\Bin\cstrike-online.exe FirewallRules: [{1F5DF9C7-81AF-470A-AF90-E01CF3A3BE5A}] => (Allow) C:\GAMES\Counter-Strike Online\Bin\cstrike-online.exe FirewallRules: [{BC998806-E740-403B-A806-9343D22A574D}] => (Allow) C:\GAMES\Counter-Strike Online\Bin\NMService.exe FirewallRules: [{A348BB80-9B62-4C94-8B8E-8745364BB51E}] => (Allow) C:\GAMES\Counter-Strike Online\Bin\NMService.exe FirewallRules: [{614C3048-4256-4F0C-BE16-E97F5D89F7F6}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{7D0CD4F5-8520-42AE-AAD0-A6B5D66134E0}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe FirewallRules: [{A6973349-4389-4418-B8A4-7CF433B910DC}] => (Allow) C:\Users\David\Downloads\Programs\CodecPerformerSetup.exe FirewallRules: [{0990733B-0955-464D-BA6D-AA5B1E8A4BB6}] => (Allow) C:\Users\David\Downloads\Programs\CodecPerformerSetup.exe FirewallRules: [{5ACA60A4-8FD6-4CD8-AAE0-3225CC90C7B4}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe FirewallRules: [{B06B07F3-38CE-4230-8654-4B32EA827074}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe FirewallRules: [{78C78202-E329-413C-9D10-0E1BA507AFC1}] => (Allow) C:\GAMES\AuraKingdom\game.bin FirewallRules: [{DC801EC6-260A-4370-A37E-7E171372DC82}] => (Allow) C:\GAMES\AuraKingdom\game.bin FirewallRules: [TCP Query User{241564F6-FF73-4B71-B5EB-799C3232AE7F}C:\program files (x86)\r.g. element arts\battlefield 2 complete collection\bf2.exe] => (Allow) C:\program files (x86)\r.g. element arts\battlefield 2 complete collection\bf2.exe FirewallRules: [UDP Query User{DB3F80BB-A7D0-4921-965F-0FC7211A06AB}C:\program files (x86)\r.g. element arts\battlefield 2 complete collection\bf2.exe] => (Allow) C:\program files (x86)\r.g. element arts\battlefield 2 complete collection\bf2.exe FirewallRules: [TCP Query User{6A6AB493-35EC-4760-A78C-10A31DC29BD4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{A4913ABD-DCA1-4293-8E51-E34D771EFC9D}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{23F54A62-2D33-4515-AE53-F3E939BAE786}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{2988892D-CE7A-48F9-B41C-7CE19EDC82DB}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe FirewallRules: [{8D91D658-2E6E-451B-BD09-F77639443AA6}] => (Allow) C:\Program Files (x86)\baidu\SparkSafe\Spark.exe FirewallRules: [{AFB0601B-C348-449C-84B9-D230FE4E62F8}] => (Allow) C:\Program Files (x86)\baidu\SparkSafe\Spark.exe FirewallRules: [{190113EB-035D-400E-BBC9-640DE05B4912}] => (Allow) C:\Program Files (x86)\baidu\SparkSafe\CrashUL.exe FirewallRules: [{A5163DA0-3BAA-418D-8346-A8078A68104D}] => (Allow) C:\Program Files (x86)\baidu\SparkSafe\CrashUL.exe FirewallRules: [TCP Query User{ED1F8A2D-2A2B-4798-BD89-34D4101BC132}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [UDP Query User{7936885E-68BF-43DE-88F1-583DEEDE9786}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe FirewallRules: [{A9225E45-8C09-4BE9-A3F3-D31625C802F2}] => (Block) C:\Program Files (x86)\Crysis 3\Bin32\Crysis3.exe FirewallRules: [TCP Query User{5706E12E-4B6B-4364-A277-D4757F8C6D45}C:\program files (x86)\ea\crysis 3\bin32\crysis3.exe] => (Allow) C:\program files (x86)\ea\crysis 3\bin32\crysis3.exe FirewallRules: [UDP Query User{ED49BCDB-8F6D-4785-B9CE-B903DF32EFF3}C:\program files (x86)\ea\crysis 3\bin32\crysis3.exe] => (Allow) C:\program files (x86)\ea\crysis 3\bin32\crysis3.exe FirewallRules: [TCP Query User{705435AC-F8B1-4067-B858-C84D34EC3109}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe FirewallRules: [UDP Query User{7669D051-0976-4C82-A9C9-B247D327DDF8}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe FirewallRules: [TCP Query User{87E9AF7D-6069-4B47-8C77-B9141071385E}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{D0514609-3A98-4491-ACE0-22A875DC9F08}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{0033148A-C5D6-4E99-98BC-B0CE6A55A87D}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [UDP Query User{17EC4BDA-9421-415D-9664-2B46F18D4976}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe FirewallRules: [TCP Query User{92F5E274-3BD1-45B7-B6D5-0B70CD105DA9}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{E81FC4D9-88A6-4FA2-8CED-6CFFCC0261FD}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe FirewallRules: [TCP Query User{8C120001-792A-4D69-8D28-081DE1C0AC57}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe FirewallRules: [UDP Query User{D88BE0EF-6363-4605-BE19-46FF90691F42}C:\windows\system32\javaw.exe] => (Block) C:\windows\system32\javaw.exe FirewallRules: [TCP Query User{DAD03EAB-1478-4202-9222-853B38F16CB0}C:\users\david\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\david\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe FirewallRules: [UDP Query User{72B3BC66-9774-4502-8BB3-E13C5A63579C}C:\users\david\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe] => (Allow) C:\users\david\appdata\local\microsoft\lwaplugin\x86\15.8\lwaplugin.exe FirewallRules: [{D25FBC46-871C-4356-9103-A73308B17BBD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9AA31033-3D4D-43F9-B171-7BF0F36553B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{544CB9E2-03DD-4E62-9A2A-E3780E864A09}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{20A7AF5E-0430-4664-8E13-EEA8F1733061}C:\program files (x86)\counter-strike 1.6\hl.exe] => (Allow) C:\program files (x86)\counter-strike 1.6\hl.exe FirewallRules: [TCP Query User{CBD5C76A-ECBE-47B1-89C2-8069E7A8E352}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{B7CF26EA-3EFC-4ADA-B9CF-ED605D399193}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{915BD1D5-9B87-4EDD-8482-9F43EC773C79}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{689A810A-EDC6-4618-B0F5-80DE851B9066}] => (Allow) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{ACAC4C4F-4C5C-4FF0-9A52-31E7949B1DA3}C:\games\left 4 dead 2\left4dead2.exe] => (Allow) C:\games\left 4 dead 2\left4dead2.exe FirewallRules: [UDP Query User{25266BD3-D02C-47D5-B623-71B833884EF6}C:\games\left 4 dead 2\left4dead2.exe] => (Allow) C:\games\left 4 dead 2\left4dead2.exe FirewallRules: [TCP Query User{D92F72F5-3D5F-4060-A95B-75140A595086}C:\games\needforspeed hot persuit\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\games\needforspeed hot persuit\need for speed(tm) hot pursuit\nfs11.exe FirewallRules: [UDP Query User{23871980-9305-4EB9-949C-BDA231E5054F}C:\games\needforspeed hot persuit\need for speed(tm) hot pursuit\nfs11.exe] => (Allow) C:\games\needforspeed hot persuit\need for speed(tm) hot pursuit\nfs11.exe FirewallRules: [{93765379-A439-4FE3-98DB-B13BFCA5F247}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{00C7B376-0E75-4506-AB6F-F18BDF289FF6}] => (Allow) C:\GAMES\Special Force 2\SpecialForce2\Binaries\Win32\sf2.exe FirewallRules: [{0B144DB6-B19F-4B07-B58C-FEABDCE9077A}] => (Allow) C:\GAMES\Special Force 2\SpecialForce2\Binaries\Win32\sf2.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/01/2015 02:58:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program mpc-hc.exe version 1.5.3.3752 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 7b8 Start Time: 01d0b3d25a9ec63e Termination Time: 33 Application Path: C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe Report Id: 02bed1f9-1fc7-11e5-ae3f-cc52afa0a36e Error: (07/01/2015 09:25:06 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc. Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc. Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc. Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc. Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc. Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc. Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc. Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: An error occurred while writing a trace event to the file, \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc. System errors: ============= Error: (07/01/2015 09:27:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 3 time(s). Error: (07/01/2015 09:26:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. Error: (07/01/2015 09:26:31 AM) (Source: HTTP) (EventID: 15005) (User: ) Description: \Device\Http\ReqQueue[::]:80 Error: (07/01/2015 09:26:31 AM) (Source: HTTP) (EventID: 15005) (User: ) Description: \Device\Http\ReqQueue[::]:80 Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Avira Scheduler service, but this action failed with the following error: %%1058 Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Avira Real-Time Protection service, but this action failed with the following error: %%1058 Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Avira Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Avira Real-Time Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (07/01/2015 09:26:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service. Error: (07/01/2015 09:26:21 AM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: %%5 Microsoft Office: ========================= Error: (07/01/2015 02:58:53 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: mpc-hc.exe1.5.3.37527b801d0b3d25a9ec63e33C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe02bed1f9-1fc7-11e5-ae3f-cc52afa0a36e Error: (07/01/2015 09:25:06 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc Error: (06/30/2015 00:59:51 PM) (Source: MSOLAP$SQL2012) (EventID: 11) (User: ) Description: \\?\C:\Program Files\Microsoft SQL Server\MSAS11.SQL2012\OLAP\Log\FlightRecorderCurrent.trc ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz Percentage of memory in use: 65% Total physical RAM: 4043.86 MB Available physical RAM: 1396.16 MB Total Pagefile: 8085.93 MB Available Pagefile: 4900.14 MB Total Virtual: 8192 MB Available Virtual: 8191.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:231.51 GB) (Free:12.65 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: (David) (Fixed) (Total:220.53 GB) (Free:10.36 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B45026AF) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=231.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=220.5 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=13.4 GB) - (Type=07 NTFS) ==================== End of log ============================