Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-06-2015 01 Ran by user at 2015-07-03 14:26:07 Running from C:\Users\user\Saved Games\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-623903606-2496640028-3754115147-500 - Administrator - Disabled) Guest (S-1-5-21-623903606-2496640028-3754115147-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-623903606-2496640028-3754115147-1002 - Limited - Enabled) user (S-1-5-21-623903606-2496640028-3754115147-1000 - Administrator - Enabled) => C:\Users\user ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 1.3M HD WebCam (HKLM\...\Sunplus SPUVCb) (Version: 3.3.6.04 - SunplusIT) Adobe Acrobat XI Pro (HKLM\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.09 - Adobe Systems) Adobe After Effects CS4 (HKLM\...\Adobe_3dcb365ab9e01871fb8c6f27b0ea079) (Version: 9 - Adobe Systems Incorporated) Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated) Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated) Adobe Illustrator CC (HKLM\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated) Adobe InDesign CC (HKLM\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated) Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Premiere Pro CS4 (HKLM\...\Adobe_26b63376f4efc354dae41af6b5e3343) (Version: 4 - Adobe Systems Incorporated) Adobe Reader XI (11.0.11) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.) Adobe® Content Viewer (HKLM\...\com.adobe.dmp.contentviewer) (Version: 3.3.0 - Adobe Systems Incorporated) AHD Subtitles Maker Professional (HKLM\...\{BBED3109-B4CC-490A-B3A1-2CC45AFAA536}) (Version: 5.7.500.32 - AHD) Anatomy & Physiology (HKLM\...\{7255B844-E03F-4B87-B27F-0E4699D4893C}) (Version: 1.5.04 - Visible Body) Apple Application Support (32-bit) (HKLM\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{E1DB0812-2D60-43DB-AE09-6C7027D93B28}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) BitTorrent (HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\BitTorrent) (Version: 7.9.3.40299 - BitTorrent Inc.) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.4.1 - Broadcom Corporation) CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source) CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) Connectify Hotspot (HKLM\...\Connectify) (Version: 3.7.1.25486 - Connectify) CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd) Dev-C++ (HKLM\...\Dev-C++) (Version: 5.8.1 - Bloodshed Software) Duplicate Cleaner Free 3.2.1 (HKLM\...\Duplicate Cleaner Free) (Version: 3.2.1 - DigitalVolcano Software Ltd) <==== ATTENTION Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) Google Drive (HKLM\...\{CBC9F5FD-5CFA-4A33-81CD-369EAB77E3A6}) (Version: 1.22.9403.0223 - Google, Inc.) Google Earth Plug-in (HKLM\...\{EA561FC0-A965-11E2-94D3-B8AC6F98CCE3}) (Version: 7.1.1.1580 - Google) Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden IBM SPSS Statistics 19 (HKLM\...\{06C43FAA-7226-41EF-A05E-9AE0AA849FFE}) (Version: 19.0.0 - SPSS Inc., an IBM Company) IBM SPSS Statistics 20 (HKLM\...\{F4247229-CCB7-4CA5-A700-4A0057F67CF4}_is1) (Version: - IBM) iCloud (HKLM\...\{DA7DF8E2-4B8F-4286-97FE-DE3FFFE9B728}) (Version: 1.1.0.40 - Apple Inc.) ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.) iTunes (HKLM\...\{3A9FE6B1-EE7F-40AC-B831-AC7C9ABB58A0}) (Version: 12.1.1.4 - Apple Inc.) Java 8 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Java SE Development Kit 7 Update 45 (HKLM\...\{32A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle) K-Lite Codec Pack 9.3.0 (Full) (HKLM\...\KLiteCodecPack_is1) (Version: 9.3.0 - ) League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (Version: 3.0.1 - Riot Games) Hidden Lightshot-5.2.1.1 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Language Interface Pack 2013 - shqip (HKLM\...\{95150000-00FF-041C-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Research Mesh Virtual WIFI (HKLM\...\{3F586E56-913B-4C6D-889B-F591485E069D}) (Version: 1.0.0 - Microsoft Corp) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 35.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) NTFS Undelete v0.94 (HKLM\...\NTFS Undelete_is1) (Version: 0.94 - Atola Technology) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden PhotoScape (HKLM\...\PhotoScape) (Version: - ) Photoshop Camera Raw (Version: 5.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.) Prezi (HKLM\...\{BD44409B-A691-4B97-B33D-F07E1DE791F3}) (Version: 5.1.1 - Prezi.com) Rainmeter (HKLM\...\Rainmeter) (Version: 3.0.2 r2161 - ) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.) Realtek WLAN Driver (HKLM\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0019 - REALTEK Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.) Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.) Skype Click to Call (HKLM\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation) Skype™ 7.0 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB) Sony PC Companion 2.10.221 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.221 - Sony) Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - ) Suite Shared Configuration CS4 (Version: 1.0 - Adobe Systems Incorporated) Hidden swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab CYRI (HKLM\...\{906B34E5-573C-445A-A5D3-40B6BF0A2EC4}) (Version: 6.0.21.0 - Husdawg, LLC) System Requirements Lab for Intel (HKLM\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC) TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.43879 - TeamViewer) TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.3020.7 - TuneUp Software) TuneUp Utilities 2013 (Version: 13.0.3020.7 - TuneUp Software) Hidden TuneUp Utilities Language Pack (en-US) (Version: 13.0.3020.7 - TuneUp Software) Hidden Unity Web Player (HKU\S-1-5-21-623903606-2496640028-3754115147-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version: - Microsoft) Update for Skype for Business 2015 (KB3054791) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{04ADDEC1-208F-4295-AA61-16789EA56814}) (Version: - Microsoft) Veetle TV (HKLM\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc) Veglat e kontrollit gjuhësor të Microsoft Office 2013 - shqip (HKLM\...\{90150000-001F-041C-0000-0000000FF1CE}) (Version: 15.0.4454.1006 - Microsoft Corporation) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-623903606-2496640028-3754115147-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-623903606-2496640028-3754115147-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\user\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-623903606-2496640028-3754115147-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\user\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.) CustomCLSID: HKU\S-1-5-21-623903606-2496640028-3754115147-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\user\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited) CustomCLSID: HKU\S-1-5-21-623903606-2496640028-3754115147-1000_Classes\CLSID\{AB246BE9-1623-4A84-ABDA-CFF4D4A273CB}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-623903606-2496640028-3754115147-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:04 - 2015-07-02 23:29 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {03F9DE53-028E-4B8B-8F9E-0CF621F0B507} - System32\Tasks\{EEE951B8-5996-4C63-99CC-6B197286635D} => pcalua.exe -a C:\Users\user\Downloads\sketchupwen.exe -d C:\Users\user\Downloads Task: {08A60BB3-87E9-4A68-A8B5-CA27293E6AEF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {10AA04B1-EB16-4020-B09C-81F6A59989CF} - System32\Tasks\{27D66184-5A4C-4B21-8385-AEA8CD984E31} => pcalua.exe -a "C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" -d "C:\Program Files\VS Revo Group\Revo Uninstaller Pro" Task: {1DC27EC9-E070-4CD0-903F-C702EF0C32D9} - System32\Tasks\{4B6A5C52-8D01-49BA-97F4-DF1FEB139A29} => pcalua.exe -a C:\Users\user\Downloads\cain20.exe -d C:\Users\user\Downloads Task: {28CCCB62-2439-40C7-A031-C41DDC547FB0} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {2E141444-AFD2-4225-8DB6-527F505EB14C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated) Task: {3AA35EC6-7163-474C-BF1B-74D57790531B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-623903606-2496640028-3754115147-1000UA => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-14] (Facebook Inc.) Task: {46FE516F-3C92-4F9A-8F01-41BA5BBC6A15} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2013-01-31] (TuneUp Software) Task: {4EE00A3D-387A-4C08-95C7-B7A0B46E7D85} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-24] (Adobe Systems Incorporated) Task: {64836B68-83A1-4C7B-A5BB-A5DE28EEC737} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {6CDBA73D-8373-4903-906B-1ADEFEE71B61} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {70D6447C-5475-43BD-A94D-66A995FC9A6F} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe Task: {711EC200-1954-47CF-833C-1621EDFB9EBF} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files\Razer\Razer Game Booster\AutoUpdate.exe Task: {766761A1-4356-4952-AF37-891DE416F6E6} - System32\Tasks\AdobeAAMUpdater-1.0-ORGES-user => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {968A44ED-72C3-4F3A-8D5F-E1558D208A19} - System32\Tasks\{6F40733D-18F5-4E30-B92B-176C98E96A88} => pcalua.exe -a C:\Users\user\Downloads\realtek_819xce_1005.37_2000.2-w7-8(www.station-drivers.com)\Setup.exe -d C:\Users\user\Downloads\realtek_819xce_1005.37_2000.2-w7-8(www.station-drivers.com) Task: {9F461762-0E5C-4288-BF62-5A3600136B7F} - System32\Tasks\Google Updater and Installer => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe Task: {A48A5F08-68DC-4CA2-98EA-8C4DD2B5B23E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.) Task: {AA7DF1A1-E9A7-420E-8DA0-9EFFA2A1D2F4} - System32\Tasks\{41C49894-CCD0-47A3-8708-F87947182DDC} => C:\Program Files\Adobe\Adobe Photoshop CS6\Photoshop.exe [2012-08-08] (Adobe Systems, Incorporated) Task: {BE9BFC23-858A-4CC7-B5BE-249F2EFD2805} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {D1BCA1D3-5F09-4F82-9BE0-8EECDAE42A7E} - System32\Tasks\Games\UpdateCheck_S-1-5-21-623903606-2496640028-3754115147-1000 Task: {E8354A31-691B-45D7-A8EC-213891642777} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-15] (Google Inc.) Task: {EBFDFD43-ED3C-4A0A-909A-EC5F8E1379D4} - System32\Tasks\{92BA03E0-6B54-454C-8111-4A7564B2560B} => msiexec.exe /package "C:\Users\user\Downloads\VirtualRouterInstaller.msi" Task: {ED3484AE-908D-4295-A6F8-B8626F68E3C0} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {F12F3862-6EF1-4BF6-B131-53EB0B7BA451} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-623903606-2496640028-3754115147-1000Core => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-14] (Facebook Inc.) Task: {F1C4BBA7-F604-4930-B184-AF6B457BCE24} - System32\Tasks\{8E365181-98FB-4E19-A998-6B67FD27D066} => pcalua.exe -a C:\Users\user\Downloads\ek_install.exe -d C:\Users\user\Downloads Task: {F51A7FA1-6D7C-419B-8351-3F553213856A} - System32\Tasks\{890807EF-0B22-49B5-A3E6-95375A3E5582} => pcalua.exe -a C:\Users\user\AppData\Local\Temp\Temp1_ca5.zip\setup.exe Task: {F8F3ECBC-EAAB-4EAC-AEAF-EF2ADCD8E80F} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-04-30] (Oracle Corporation) Task: {F9DE2C46-D3DC-4066-8AA3-599B4258EC03} - System32\Tasks\{23F4C4C7-F6A0-40E3-A4B8-CEDD3FDEE65B} => pcalua.exe -a "D:\Adobe Photoshop Cs4\Adobe Photoshop CS4 Extended Edition\Photoshop CS4 Install\payloads\AdobeAIR1.0\AdobeAIRInstaller.exe" -d "C:\Program Files\Common Files\Adobe\Installers\faf656ef605427ee2f42989c3ad31b8" -c -silent (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-623903606-2496640028-3754115147-1000Core.job => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-623903606-2496640028-3754115147-1000UA.job => C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 01044776 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-12-13 13:20 - 2013-12-13 13:20 - 02602864 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x86.dll 2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 00065536 _____ () C:\Program Files\Connectify\ConnectifyService.exe 2014-12-13 14:51 - 2012-11-09 21:30 - 00090472 _____ () C:\Program Files\Connectify\NativeLibrary.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 00035176 _____ () C:\Program Files\Connectify\DriverLib.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 01068904 _____ () C:\Program Files\Connectify\ConnectifyNAT.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 00185704 _____ () C:\Program Files\Connectify\LibDispatch.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 00010240 _____ () C:\Program Files\Connectify\BuildProps.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 00777064 _____ () C:\Program Files\Connectify\Vendors.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 00024936 _____ () C:\Program Files\Connectify\gma.Windows.Firewall.dll 2012-09-28 22:01 - 2011-10-21 18:49 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 00054120 _____ () C:\Program Files\Connectify\Scannify.dll 2015-06-16 10:41 - 2011-03-16 15:09 - 00122974 _____ () C:\Games\Counter-Strike\filesystem_steam.dll 2015-06-16 10:41 - 2010-01-23 19:48 - 01840440 _____ () C:\Games\Counter-Strike\hw.dll 2015-06-16 10:41 - 2011-03-16 15:09 - 00352256 _____ () C:\Games\Counter-Strike\vgui.dll 2015-06-16 10:41 - 2011-03-16 15:09 - 00351744 _____ () C:\Games\Counter-Strike\mss32.dll 2015-06-16 10:41 - 2013-03-11 06:27 - 00070656 _____ () C:\Games\Counter-Strike\hwpatcher.dll 2015-06-16 10:41 - 2012-04-30 10:41 - 00392704 _____ () c:\games\counter-strike\steamclient.dll 2015-06-16 10:41 - 2012-04-28 14:09 - 00147456 _____ () C:\Games\Counter-Strike\revSrvBrowser.dll 2015-06-16 10:40 - 2010-11-09 18:47 - 01074496 ____R () c:\games\counter-strike\cstrike\cl_dlls\client.dll 2015-06-16 10:41 - 2011-03-16 15:09 - 00081920 _____ () c:\games\counter-strike\valve\cl_dlls\particleman.dll 2015-06-16 10:41 - 2012-04-10 10:28 - 00845112 _____ () c:\games\counter-strike\cstrike\cl_dlls\GameUI.dll 2015-06-16 10:41 - 2011-03-16 15:09 - 00245819 _____ () C:\Games\Counter-Strike\vgui2.dll 2015-06-16 10:41 - 2011-03-16 15:09 - 00090112 _____ () C:\Games\Counter-Strike\demoplayer.dll 2015-06-16 10:41 - 2011-03-16 15:09 - 00258106 _____ () C:\Games\Counter-Strike\core.dll 2015-06-16 10:41 - 2011-03-16 15:14 - 00535552 _____ () c:\games\counter-strike\platform\Servers\serverbrowser.dll 2015-06-16 10:41 - 2011-03-16 15:09 - 00344064 _____ () C:\Games\Counter-Strike\tier0.dll 2015-06-16 10:39 - 2011-03-16 15:09 - 00125952 _____ () C:\Games\Counter-Strike\Mp3dec.asi 2015-06-16 10:39 - 2011-03-16 15:09 - 00142848 _____ () C:\Games\Counter-Strike\Mssv12.asi 2015-06-16 10:39 - 2011-03-16 15:09 - 00161792 _____ () C:\Games\Counter-Strike\Mssv29.asi 2015-06-16 10:41 - 2011-03-16 15:09 - 00139264 _____ () C:\Games\Counter-Strike\voice_speex.dll 2014-12-13 14:51 - 2012-11-09 21:30 - 00353640 _____ () C:\Program Files\Connectify\ConnectifyNetServices.exe 2014-04-16 14:49 - 2015-01-27 18:21 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData:gs5sys AlternateDataStreams: C:\Windows:nlsPreferences AlternateDataStreams: C:\Users\All Users:gs5sys AlternateDataStreams: C:\Users\user:gs5sys AlternateDataStreams: C:\ProgramData\Application Data:gs5sys AlternateDataStreams: C:\ProgramData\TEMP:261DD7EA AlternateDataStreams: C:\ProgramData\TEMP:5C493F5A AlternateDataStreams: C:\ProgramData\TEMP:82F50D1C AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys AlternateDataStreams: C:\Users\user\Application Data:gs5sys AlternateDataStreams: C:\Users\user\Cookies:gs5sys AlternateDataStreams: C:\Users\user\Local Settings:gs5sys AlternateDataStreams: C:\Users\user\Templates:gs5sys AlternateDataStreams: C:\Users\user\AppData\Local:gs5sys AlternateDataStreams: C:\Users\user\AppData\Roaming:gs5sys AlternateDataStreams: C:\Users\user\AppData\Local\Application Data:gs5sys AlternateDataStreams: C:\Users\user\AppData\Local\History:gs5sys AlternateDataStreams: C:\Users\user\Documents\desktop.ini:gs5sys ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-623903606-2496640028-3754115147-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 - 8.8.4.4 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^Users^user^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeUpdate => wscript "C:\Users\user\AppData\Roaming\AdobeX\invis.vbs" "C:\Users\user\AppData\Roaming\AdobeX\bat.bat" MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount MSCONFIG\startupreg: BitTorrent => "C:\Users\user\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: IDMan => C:\Program Files\Internet Download Manager\IDMan.exe /onboot MSCONFIG\startupreg: Lingoes => MSCONFIG\startupreg: MobileDocuments => C:\Program Files\Common Files\Apple\Internet Services\ubd.exe MSCONFIG\startupreg: msnmsgr => MSCONFIG\startupreg: SFAUpdater => "C:\Program Files\Smart File Advisor\SFAUpdater.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe" /Background MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{C8F7A217-EB61-4212-B7C1-3930652B72C0}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{CD00C997-A8EF-4150-8F4C-CB23330B4B22}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{2413314E-BFFD-4352-891A-E2F3CA64AA89}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe FirewallRules: [{2DBC95D7-5BD2-438A-B5B0-96060B4253D7}] => (Allow) LPort=2869 FirewallRules: [{5563D673-0408-4413-B729-3675F41A233B}] => (Allow) LPort=1900 FirewallRules: [{F3365F75-9CCF-42AB-B656-21249C9A66D9}] => (Allow) C:\Windows\System32\msiexec.exe FirewallRules: [{9BDBD36D-D8A2-408D-B6A6-D6DDB52904D3}] => (Allow) C:\Windows\System32\msiexec.exe FirewallRules: [TCP Query User{5D2967A5-26EB-4035-8826-77578522C0B8}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe FirewallRules: [UDP Query User{A4BD6EA3-1CFF-4F12-817C-7486DE3C181A}C:\program files\connectify\connectify.exe] => (Allow) C:\program files\connectify\connectify.exe FirewallRules: [{D32D48B8-3BD1-409F-A888-8C45326505C6}] => (Block) C:\program files\connectify\connectify.exe FirewallRules: [{F0033B4C-66B6-42B7-8902-26E7CA4CBCF9}] => (Block) C:\program files\connectify\connectify.exe FirewallRules: [{B10CFDB1-32A8-4E88-BFE5-AF9B55240E4C}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{EAE1F542-8C5F-4FD3-A08D-9C376D223191}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{81124667-D673-4975-A79F-FB285E4B0EFB}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [{0526568E-206D-4464-BA1B-D80AE7CF1A4A}] => (Allow) C:\Riot Games\League of Legends\lol.launcher.exe FirewallRules: [TCP Query User{425C5529-B85B-4280-B6CC-5894F1EB4AED}C:\users\user\appdata\roaming\adobex3\xptproxy.exe] => (Block) C:\users\user\appdata\roaming\adobex3\xptproxy.exe FirewallRules: [UDP Query User{5B21014F-6228-456F-B742-D034C2A5B5AA}C:\users\user\appdata\roaming\adobex3\xptproxy.exe] => (Block) C:\users\user\appdata\roaming\adobex3\xptproxy.exe FirewallRules: [{1FA6D973-1DA2-480B-A0C3-F9A117AB0042}] => (Allow) C:\Users\user\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe FirewallRules: [{75A6569E-871F-4603-8072-C35C9B9E864C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{16282DCB-FB44-4347-A54C-5FC5B4E5EB85}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe FirewallRules: [{63493E86-10DF-43EF-8A63-B8789FF123A3}] => (Allow) C:\Users\user\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{213357B0-6258-4464-934B-BC6070F525F1}] => (Allow) C:\Users\user\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{8B855C47-5DCA-496E-B525-5F5E8C17907F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe FirewallRules: [{80745021-2894-41DC-AE59-19D50BFD6713}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2638\Agent.exe FirewallRules: [{157EC818-608D-4B0C-BFAB-128EC74FB982}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{B24FB5F4-87C9-429B-A416-611995F98F9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{ACE7176A-5D2E-4FD1-912F-2A7FFF8FA39D}] => (Allow) C:\Program Files\Veetle\Player\VeetleNet.exe FirewallRules: [{1B34CFBA-25A1-4DC0-B5A6-3EA01ABA7E25}] => (Allow) C:\Program Files\Internet Download Manager\IDMan.exe FirewallRules: [{7D98B7E7-BCCD-4211-B484-623C6EA27D4C}] => (Allow) C:\Program Files\Internet Download Manager\IDMan.exe FirewallRules: [{0EE61C89-ED93-4878-94D6-3AAE555300BD}] => (Allow) C:\Program Files\Internet Download Manager\IDMan.exe FirewallRules: [{6B51C279-5509-4A77-B1BD-F302CA26797B}] => (Allow) C:\Program Files\Internet Download Manager\IDMan.exe FirewallRules: [{4A6E1CF3-83F6-49C5-9A1E-A569820C444D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{53556426-7CF7-47BB-B53C-243B4B1C54B3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{E8995B3A-4CFB-4120-BA6C-9EBA9C11E33B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D59143BE-E163-41E6-87A7-5133DBC45FF5}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{93CCA844-F475-4DE6-826F-67EE4B11C08B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5162BA3B-9980-4BD7-9005-F901ADB8A96A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5E0B0FAC-AC4D-4AB9-913E-F8501D7124C3}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{7AC8C7EE-2629-4A94-9DD5-E90CE3A6E309}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [TCP Query User{FBB2119F-BE09-403F-B756-0E057CA7A00C}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [UDP Query User{D04CFFA6-3C35-4920-9379-5C59117ECC10}C:\games\counter-strike\hl.exe] => (Allow) C:\games\counter-strike\hl.exe FirewallRules: [{738C3078-1B03-434F-B440-0C4692C0D0E7}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{235BC560-1375-4909-9B3B-38FD11381EA0}] => (Allow) C:\Program Files\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{563C4689-D868-4EDC-B7BB-1CB5F2D53EB9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4F96DD3F-BBD1-4571-8144-18CDDFE4EECA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CF65CEB5-B56B-41C0-905A-DD07FDB2F695}] => (Allow) C:\Program Files\Connectify\Connectify.exe FirewallRules: [{646A93E2-C93A-4361-B8A7-4F95B108DD3E}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{19686881-6C4C-46CD-886A-2600444234F5}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{AD944BBB-3D04-45C1-9552-22D901F6915C}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{D0911518-72EB-4077-B900-C4C863A1BE38}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{7FA7C76B-149A-43D8-B51E-0CEDBB581D4E}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{CC1CBCF3-3566-40EC-9300-7103EDB61147}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{9B4D8EE6-6259-41F9-85B5-86DC2207B6D3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F7F6B8C9-3274-4059-B0C5-A037386D60D5}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{CDA07C40-8D52-4EB0-A306-BF39EEFC23DE}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{402CA2B8-6B0E-4FFE-8499-F9AB36E8C30F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{7C499C6A-03BC-44ED-B410-E541F7AE210F}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{AD947CC8-E472-4514-9FAD-3195C1A2052C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{22C81DEB-F882-4483-AC22-659BF47C6508}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe FirewallRules: [UDP Query User{9BF651F5-D705-4EBB-B01E-D6B247282F2F}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe FirewallRules: [TCP Query User{444C4BF2-CFB2-4B88-8220-635598D21B23}C:\program files\ibm\spss\statistics\19\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\19\stats.exe FirewallRules: [UDP Query User{63A96EE7-14AC-4130-852F-65ABF1DF4BF5}C:\program files\ibm\spss\statistics\19\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\19\stats.exe FirewallRules: [TCP Query User{1697B310-12FB-4D77-954D-9A938927462A}C:\program files\ibm\spss\statistics\19\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\19\stats.exe FirewallRules: [UDP Query User{479A305A-7695-4B7A-A79D-38EDACA2C22B}C:\program files\ibm\spss\statistics\19\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\19\stats.exe FirewallRules: [TCP Query User{5B5235E6-9C95-411F-81F1-B88530C21E95}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe FirewallRules: [UDP Query User{91089103-C951-406D-BBC3-EEA6D7F91CAA}C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe] => (Block) C:\program files\ibm\spss\statistics\19\jre\bin\javaw.exe FirewallRules: [TCP Query User{75C23019-0D01-4D43-B6E1-85C386FEABF2}C:\program files\ibm\spss\statistics\20\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\20\stats.exe FirewallRules: [UDP Query User{2FE40AB8-29F6-4A1D-AE43-F8243116E59B}C:\program files\ibm\spss\statistics\20\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\20\stats.exe FirewallRules: [TCP Query User{7B2358E3-E72D-42E9-A01F-EE3912991C0C}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe FirewallRules: [UDP Query User{218D7C90-69D3-4C34-B5B6-65C78AB178FE}C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\20\jre\bin\javaw.exe FirewallRules: [TCP Query User{01DDC579-8C02-4A0F-A577-9F15A694C076}C:\games\counter-strike\hlds.exe] => (Allow) C:\games\counter-strike\hlds.exe FirewallRules: [UDP Query User{A236DFEC-EE9D-4A74-BF08-7F368365A2E3}C:\games\counter-strike\hlds.exe] => (Allow) C:\games\counter-strike\hlds.exe FirewallRules: [{0889F101-2E9F-490A-B598-4367B6BDD9E0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{5BDAAD1D-66DE-4032-AC21-D69637F16558}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{5004D426-A0A5-4DA2-8EF5-D684B18A33D6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FB659D39-1978-42AF-B642-61ED6EAE06F5}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{50AD14CF-E45C-4986-9BFC-ADFB2E3BF5E0}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{CDAE484F-6922-4E3A-9E1A-844E4A4229AB}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{54271DA5-8360-4CDA-A10E-E5D479ED7842}] => (Allow) C:\Program Files\Connectify\Connectifyd.exe FirewallRules: [{230DF34A-6345-4F4E-8201-454EC0DDE7F3}] => (Allow) C:\Program Files\Connectify\Connectifyd.exe FirewallRules: [{26D00433-7834-4823-A1F7-30BC67042C60}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{D6958E41-CB7D-44D7-B722-E249FF1181BB}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe FirewallRules: [{AA50BFFE-1201-48CD-9BF6-CA3B8EB70345}] => (Allow) C:\Program Files\Connectify\ConnectifyNetServices.exe ==================== Faulty Device Manager Devices ============= Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/03/2015 02:26:57 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. ]. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (07/03/2015 02:26:57 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. ] Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (07/03/2015 02:20:33 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FRST.exe version 28.6.2015.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: f74 Start Time: 01d0b58a0efc7f6d Termination Time: 21 Application Path: C:\Users\user\Saved Games\Desktop\FRST.exe Report Id: 95614142-217d-11e5-a260-dc0ea12e46a3 Error: (07/03/2015 00:58:48 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program firefox.exe version 35.0.1.5500 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 818 Start Time: 01d0b57834fe7774 Termination Time: 106 Application Path: C:\Program Files\Mozilla Firefox\firefox.exe Report Id: Error: (07/03/2015 10:06:41 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (07/03/2015 01:36:25 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: TuneUpUtilitiesService32.exe, version: 13.0.3020.7, time stamp: 0x510a3acc Faulting module name: IMM32.DLL, version: 6.1.7601.17514, time stamp: 0x4ce7b845 Exception code: 0xc0000005 Fault offset: 0x00001468 Faulting process id: 0xd18 Faulting application start time: 0xTuneUpUtilitiesService32.exe0 Faulting application path: TuneUpUtilitiesService32.exe1 Faulting module path: TuneUpUtilitiesService32.exe2 Report Id: TuneUpUtilitiesService32.exe3 Error: (07/03/2015 01:02:39 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418225 Error: (07/02/2015 11:04:41 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. ]. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (07/02/2015 11:04:41 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} and name SW_PROV cannot be started. [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. ] Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator Error: (07/02/2015 10:34:06 PM) (Source: VSS) (EventID: 12292) (User: ) Description: Volume Shadow Copy Service error: Error creating the Shadow Copy Provider COM class with CLSID {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} [0x80070422, The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. ]. Operation: Obtain a callable interface for this provider List interfaces for all providers supporting this context Query Shadow Copies Context: Provider ID: {b5946137-7b9f-4925-af80-51abd60b20d5} Class ID: {65ee1dba-8ff4-4a58-ac1c-3470ee2f376a} Snapshot Context: 13 Snapshot Context: 13 Execution Context: Coordinator System errors: ============= Error: (07/03/2015 01:29:42 PM) (Source: ipnathlp) (EventID: 31004) (User: ) Description: 0 Error: (07/03/2015 01:01:05 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (07/03/2015 01:00:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (07/03/2015 01:00:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 40. Error: (07/03/2015 00:04:49 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80070422 Error: (07/03/2015 10:47:20 AM) (Source: BROWSER) (EventID: 8032) (User: ) Description: The browser service has failed to retrieve the backup list too many times on transport \Device\NetBT_Tcpip_{FD598358-3B98-4C3B-8C53-37A5CC0112AF}. The backup browser is stopping. Error: (07/03/2015 10:29:45 AM) (Source: NetBT) (EventID: 4321) (User: ) Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.0.126. The computer with the IP address 192.168.0.135 did not allow the name to be claimed by this computer. Error: (07/03/2015 10:29:38 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80070422 Error: (07/03/2015 10:29:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: %%1058 Error: (07/03/2015 10:29:29 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: ) Description: WMPNetworkSvc0x80070422 Microsoft Office: ========================= Error: (01/23/2013 05:27:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 272 seconds with 120 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU B815 @ 1.60GHz Percentage of memory in use: 80% Total physical RAM: 2669.86 MB Available physical RAM: 529.57 MB Total Virtual: 5338.03 MB Available Virtual: 2025.27 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:200.43 GB) (Free:35.55 GB) NTFS Drive d: () (Fixed) (Total:97.56 GB) (Free:39.28 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2BD2C32A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=200.4 GB) - (Type=07 NTFS) ==================== End of log ============================