Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-07-2015 Ran by hans (2015-07-31 15:44:12) Running from C:\Users\hans\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2207518888-2136318659-246449119-500 - Administrator - Disabled) Guest (S-1-5-21-2207518888-2136318659-246449119-501 - Limited - Disabled) hans (S-1-5-21-2207518888-2136318659-246449119-1000 - Administrator - Enabled) => C:\Users\hans HomeGroupUser$ (S-1-5-21-2207518888-2136318659-246449119-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 4.0 (Disabled - Out of date) {CB0F8167-5331-BA19-698E-64816B6801A5} AS: ESET NOD32 Antivirus 4.0 (Disabled - Out of date) {706E6083-750B-B597-533E-5FF310EF4B18} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) @BIOS Ver.2.06 (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.06 - GIGABYTE) Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 2.1.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.1.102.55 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Reader 9.5.0 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.0 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.1.629 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI AVIVO64 Codecs (Version: 10.10.0.41006 - ATI Technologies Inc.) Hidden AutoGreen B09.1014.2 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE) AutoGreen B09.1014.2 (x32 Version: 1.00.0000 - GIGABYTE) Hidden bl (x32 Version: 1.0.0 - Your Company Name) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - ) Color Efex Pro 3.0 Complete (HKLM-x32\...\Color Efex Pro 3.0 Complete) (Version: 3.1.0.0 - Nik Software, Inc.) Debugging Tools for Windows (x64) (HKLM\...\{DBFC6AAE-DCCB-4C23-B01C-3EDDDC03298B}) (Version: 6.12.2.633 - Microsoft Corporation) DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte) Dfine 2.0 (HKLM-x32\...\Dfine 2.0) (Version: 2.1.0.2 - Nik Software, Inc.) Dropbox (HKU\S-1-5-21-2207518888-2136318659-246449119-1000\...\Dropbox) (Version: 3.8.5 - Dropbox, Inc.) Easy Tune 6 B10.0420.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE) Easy Tune 6 B10.0420.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.1.0.7705 - Thomson Reuters) ESET NOD32 Antivirus (HKLM\...\{66F644DA-4ED8-4D03-83D2-A7156AA562BC}) (Version: 4.0.437.0 - ESET, spol s r. o.) Gigabyte Raid Configurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.) Google Chrome (HKU\S-1-5-21-2207518888-2136318659-246449119-1000\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.) GraphPad Prism 5 (HKLM-x32\...\{35B73650-6899-11DA-6784-00232A9018BE}) (Version: 5.03 - GraphPad Software) HydraVision (x32 Version: 4.2.114.0 - ATI Technologies Inc.) Hidden iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.) iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.) J2SE Runtime Environment 5.0 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0150000}) (Version: 1.5.0 - Sun Microsystems, Inc.) Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216021FF}) (Version: 6.0.220 - Oracle) M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player v 1.1 (HKLM-x32\...\M4a/Flac/Ogg/Ape/Mpc Tag Support Plugin for Media Player_is1) (Version: 1 - Softpointer Inc) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2007 Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version: - Microsoft) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation) MUSHclient (remove only) (HKLM-x32\...\MUSHclient) (Version: - ) NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.18.0 - NEC Electronics Corporation) NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.18.0 - NEC Electronics Corporation) Hidden ON_OFF Charge B10.0422.2 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) Panda Antivirus Pro 2015 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.01.00.0002 - Panda Security) Panda Antivirus Pro 2015 (Version: 7.82.00.0000 - Panda Security) Hidden Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.04 - Panda Security) Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC) ph (x32 Version: 1.0.0 - Your Company Name) Hidden Photomatix Pro version 4.2.6 (HKLM-x32\...\PhotomatixPro42x32_is1) (Version: 4.2.6 - HDRsoft Ltd) Razer Copperhead (HKLM-x32\...\{28A946E1-E83B-4662-BC7C-23451851489E}) (Version: 6.10 - Razer USA Ltd.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.) ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters) Silver Efex Pro (HKLM-x32\...\Silver Efex Pro) (Version: 1.001 - Nik Software, Inc.) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Smart 6 B10.0422.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE) SPSS 16.0 for Windows (HKLM-x32\...\{621025AE-3510-478E-BC27-1A647150976F}) (Version: 16.0.1 - SPSS Inc.) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Stellarium 0.12.4 (HKLM-x32\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team) Sunny Explorer (HKLM-x32\...\{0854AE6B-9CDA-4676-B8E8-C926B515A6C4}) (Version: 1.7.17 - SMA Solar Technology AG) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden The Lord of the Rings FREE Trial (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden The WFDB Toolbox for MATLAB (HKU\S-1-5-21-2207518888-2136318659-246449119-1000\...\The WFDB Toolbox for MATLAB) (Version: - Harvard-MIT Division of HST) True Image WD Edition (HKLM-x32\...\{7EE23901-C380-4BF2-BE7D-96516CA0A106}) (Version: 16.0.5958 - Acronis) Unity Web Player (HKU\S-1-5-21-2207518888-2136318659-246449119-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB2284654) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Viveza (HKLM-x32\...\Viveza) (Version: 1.002 - Nik Software, Inc.) VLC media player 1.0.5 (HKLM-x32\...\VLC media player) (Version: 1.0.5 - VideoLAN Team) Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.5.0.0 - Azureus Software, Inc.) WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies) WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - ) Xiph.Org Open Codecs 0.84.17338 (HKLM-x32\...\Open Codecs) (Version: 0.84.17338 - Xiph.Org) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\hans\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\hans\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\hans\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\hans\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\hans\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\hans\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\hans\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\hans\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2207518888-2136318659-246449119-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\hans\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File ==================== Restore Points ========================= ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 12:04 - 2012-10-08 20:56 - 00000911 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {25916F31-75F9-48EB-BBEE-FFAB76B8CC9D} - System32\Tasks\{74232537-E28F-44CC-9B70-98A3324CD60D} => E:\Nik Software Complete Collection\NIKSOFTWARE_SHARPENER_PRO_V3.001-XFORCE\SharpenerPro3-rev3.001EN.exe Task: {33995B9C-CF07-46BD-8257-8ED30E88D82C} - System32\Tasks\{F5F7C5C3-8FE0-4CC1-9D8D-2A1EA9F0F47A} => pcalua.exe -a C:\Users\hans\Desktop\Vuze_Installer.exe -d C:\Users\hans\Desktop Task: {41446395-C0E0-4AFD-AD50-49372A1B0B91} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2207518888-2136318659-246449119-1000UA => C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.) Task: {4C41A81D-2F8E-4ECC-B529-F4220560B9C1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2207518888-2136318659-246449119-1000Core => C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.) Task: {53CE514B-AEC4-44DF-84D5-47878B3977FF} - System32\Tasks\AdobeAAMUpdater-1.0-hans-PC-hans => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated) Task: {786599B8-386F-4D3F-A12F-93D9874F9F68} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRFilter => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SRFilter.exe" /GBSMART6 -kdl Task: {7F0CEAF8-4F6A-49DA-B736-31094862FC3E} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2207518888-2136318659-246449119-1000Core => C:\Users\hans\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-31] (Dropbox, Inc.) Task: {A7E81868-DF32-4EDE-BC66-6A269C223DA7} - System32\Tasks\{B8A029F6-4F69-4B80-8E9D-DB1FE8FF0EBD} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-29] (Skype Technologies S.A.) Task: {C230CD40-C46F-4B4B-A422-F1DA17FB5AE4} - System32\Tasks\{B80B0559-924B-4DBE-93C9-C3F183AFEF94} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2015-06-29] (Skype Technologies S.A.) Task: {C8646F04-7137-4961-9E5F-2BC7DB9C4E99} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2207518888-2136318659-246449119-1000UA => C:\Users\hans\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-07-31] (Dropbox, Inc.) Task: {FD3A2028-ABF4-4C55-9F49-1348DC7EFC1C} - System32\Tasks\Microsoft\Windows\SmartRecovery\SRCreate => Rundll32.exe CommCmd.dll,RunScript "%ProgramFiles%\GIGABYTE\Smart6\Recovery\SrCmdCLR.exe" -c 1 (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2207518888-2136318659-246449119-1000Core.job => C:\Users\hans\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2207518888-2136318659-246449119-1000UA.job => C:\Users\hans\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2207518888-2136318659-246449119-1000Core.job => C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2207518888-2136318659-246449119-1000UA.job => C:\Users\hans\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2010-05-21 00:49 - 2009-06-17 16:13 - 00068136 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe 2010-05-21 00:46 - 2010-01-19 12:01 - 00072304 ____R () C:\Windows\SysWOW64\XSrvSetup.exe 2010-06-11 23:18 - 2009-11-19 18:43 - 00135168 _____ () C:\Program Files (x86)\Razer\Copperhead\razerhid.exe 2010-06-11 23:18 - 2009-11-16 13:25 - 00131072 _____ () C:\Program Files (x86)\Razer\Copperhead\razertra.exe 2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2010-05-21 00:49 - 2009-05-04 17:56 - 00102400 _____ () C:\Program Files (x86)\GIGABYTE\EnergySaver2\ycc.dll 2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll 2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll 2015-07-31 15:39 - 2015-07-31 15:39 - 00071168 _____ () c:\users\hans\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpntqms4.dll 2015-03-05 07:15 - 2015-07-17 10:01 - 00012800 _____ () C:\Users\hans\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-05 07:15 - 2015-07-17 10:01 - 00779776 _____ () C:\Users\hans\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-07-31 13:58 - 2015-07-17 10:01 - 00056320 _____ () C:\Users\hans\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-03-05 07:15 - 2015-07-17 10:01 - 00012288 _____ () C:\Users\hans\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2010-06-11 23:18 - 2005-08-17 13:23 - 00151552 _____ () C:\Program Files (x86)\Razer\Copperhead\download.dll 2009-07-14 06:33 - 2009-07-14 10:45 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll 2013-12-12 22:30 - 2013-12-12 22:30 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2015-07-30 10:30 - 2015-07-25 18:16 - 01405768 _____ () C:\Users\hans\AppData\Local\Google\Chrome\Application\44.0.2403.125\libglesv2.dll 2015-07-30 10:30 - 2015-07-25 18:16 - 00081224 _____ () C:\Users\hans\AppData\Local\Google\Chrome\Application\44.0.2403.125\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\Microsoft:cF2dHFN7xVyswzGu1dhIT AlternateDataStreams: C:\ProgramData\Microsoft:TdeL5Ft6Vg13bZP9JV8SpdOH AlternateDataStreams: C:\Users\hans\AppData\Local\Temp:Uwk60KN30RuPpAsCuBu ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2207518888-2136318659-246449119-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\hans\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.231.203.132 - 192.231.203.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Canon LBP2900 Status Window.lnk => C:\Windows\pss\Canon LBP2900 Status Window.lnk.CommonStartup MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{39417393-2D14-42A1-80EE-9310CE71D37F}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe FirewallRules: [{2F9824DA-1583-4869-AD8F-C01B0362392D}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe FirewallRules: [{FCBAB7E0-7C1C-48EC-8AD7-3A13578E6605}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop CS5\Photoshop.exe FirewallRules: [{DBFDF1FF-B0C9-4C78-8CD8-1CBA7C0BBB72}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe FirewallRules: [TCP Query User{34440C21-CA7F-4FC0-BCCD-A8F0C0EAC7E7}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe FirewallRules: [UDP Query User{B7EC9B4B-CCF1-48DA-9601-366BBD8D26B1}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe FirewallRules: [TCP Query User{332F7ACA-37E6-4D24-8EBB-FB91EDEF6415}D:\lancraft.exe] => (Allow) D:\lancraft.exe FirewallRules: [UDP Query User{2457E13C-4340-4874-B004-6707C95C3397}D:\lancraft.exe] => (Allow) D:\lancraft.exe FirewallRules: [{A79568E0-2AC9-44E0-9A52-FECB5A5A2971}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE FirewallRules: [{7535C1E3-ACAD-435B-966C-996A842EF7AC}] => (Allow) C:\Windows\System32\CNAB4RPD.EXE FirewallRules: [{BC9354C1-4D46-455B-85F1-AA37081EFD9E}] => (Allow) C:\Program Files (x86)\SPSSInc\SPSS16\SPSSWinWrapIDE.exe FirewallRules: [{EB715DED-31AC-4E35-BE0D-72DBD3836CA5}] => (Allow) C:\Program Files (x86)\SPSSInc\SPSS16\SPSSWinWrapIDE.exe FirewallRules: [{5E9D74FB-1F85-49E6-9354-71D06C94DAE2}] => (Allow) C:\Program Files (x86)\SPSSInc\SPSS16\spss.com FirewallRules: [{37DE320B-1369-4136-86D9-50C71EB5E9A4}] => (Allow) C:\Program Files (x86)\SPSSInc\SPSS16\spss.com FirewallRules: [{2E90F3F0-E21A-47E3-931B-3E22785B7DD8}] => (Allow) C:\Program Files (x86)\SPSSInc\SPSS16\spss.exe FirewallRules: [{0CFBF560-2286-4A2A-9F08-D01A81EEF053}] => (Allow) C:\Program Files (x86)\SPSSInc\SPSS16\spss.exe FirewallRules: [TCP Query User{3FEBEA6E-E0BA-4AA7-81AC-3B4004EBA3F6}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe FirewallRules: [UDP Query User{4E3EDB32-8CEC-49F3-A093-4386B0317047}C:\program files (x86)\vuze\azureus.exe] => (Allow) C:\program files (x86)\vuze\azureus.exe FirewallRules: [TCP Query User{2FF30D18-0CF3-442A-8A92-EFC0EA8B8EB2}C:\program files (x86)\warcraft iii\pickup.listchecker.exe] => (Allow) C:\program files (x86)\warcraft iii\pickup.listchecker.exe FirewallRules: [UDP Query User{2250A305-F115-4C6C-AEB2-4F96CEC2BD02}C:\program files (x86)\warcraft iii\pickup.listchecker.exe] => (Allow) C:\program files (x86)\warcraft iii\pickup.listchecker.exe FirewallRules: [TCP Query User{14B5CDC1-B04D-494B-A1DE-4892A0625D31}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe FirewallRules: [UDP Query User{28A1160F-7871-4847-BEAA-91FE21A0C577}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe FirewallRules: [{6EF449BA-2920-4BC5-8C73-A1CFE0C5C08D}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe FirewallRules: [{32D26BE8-42C8-4E9D-BB1D-E9944391A470}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe FirewallRules: [{335E96FD-D5B9-4B31-AC04-C8D4D18905BD}] => (Allow) C:\Program Files (x86)\World of Warcraft\Blizzard Downloader.exe FirewallRules: [{A999A944-CC74-46C2-9ED0-82929B4F1BB0}] => (Allow) C:\Program Files (x86)\World of Warcraft\Blizzard Downloader.exe FirewallRules: [{D3C638F5-5E4A-41B4-AA5F-5A5037CF1AB7}] => (Allow) LPort=3724 FirewallRules: [{25136544-1404-421A-BD58-8A22F2269B2C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C3825BC4-FC07-4D18-AC8D-ADB5C8DC3655}] => (Allow) C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe FirewallRules: [{E3139C71-12B4-4CCB-ADBF-E4E97168A139}] => (Allow) D:\World of Warcraft\Launcher.exe FirewallRules: [{3895D612-75A3-4484-93CC-B1C8C826D685}] => (Allow) D:\World of Warcraft\Launcher.exe FirewallRules: [{3C99913D-3EF6-45C4-86DB-CBF9A9534B0B}] => (Allow) D:\World of Warcraft\Launcher.patch.exe FirewallRules: [{AFEC59C8-1ED0-48FA-A1A9-5EC695A9054B}] => (Allow) D:\World of Warcraft\Launcher.patch.exe FirewallRules: [{73479347-225E-4082-B0BB-BD26C9EF5A41}] => (Allow) C:\Users\hans\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{770706A6-91E2-4852-8BEB-4FD0121E0845}] => (Allow) C:\Users\hans\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{B33F7829-38F3-4C08-85E9-9122422182E1}C:\users\hans\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\hans\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{F6BAB3C4-466F-4B86-BB87-80128D553EB7}C:\users\hans\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\hans\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{B4DC1946-013D-480F-91B2-AFA7A1D9AF6C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7677AAD4-0706-4666-A6B6-5D2738C34151}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{BD18FA33-4616-4A33-921B-3485F79AFA52}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{AFE38CB8-0F27-4D83-BFAD-884BB7C2953D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{15C354AB-B893-4E94-9C33-7F7CAAE059F6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe FirewallRules: [{5C0DC098-07ED-4F07-A71C-5FEBBE96A16D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe FirewallRules: [{5C2DC68F-E0D1-428C-A60F-85506E5A12B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe FirewallRules: [{39F11CE1-2F6B-47BB-A29C-4150E505B153}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.868\Agent.exe FirewallRules: [TCP Query User{85D58E43-3DF8-4E97-8BAA-11E7B43FA5E7}C:\users\hans\downloads\diablo-iii-8370-enus-installer-downloader.exe] => (Allow) C:\users\hans\downloads\diablo-iii-8370-enus-installer-downloader.exe FirewallRules: [UDP Query User{490B31C9-98E3-453B-AFA2-AF29D52EEF15}C:\users\hans\downloads\diablo-iii-8370-enus-installer-downloader.exe] => (Allow) C:\users\hans\downloads\diablo-iii-8370-enus-installer-downloader.exe FirewallRules: [{BA15F5BC-BC2F-4D37-911D-CD0FE6718C10}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe FirewallRules: [{EE40D190-8F2B-41FC-B654-BF5E0BE25AA9}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe FirewallRules: [{AA2934A8-580F-4B64-BFB5-C8DF2BD476A9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.913\Agent.exe FirewallRules: [{FB0831CE-514A-4780-AD65-6BB0632C1A5C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.913\Agent.exe FirewallRules: [{F27FA3B2-86F8-4F79-966C-DB2E36DF01CA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe FirewallRules: [{AE6C9B66-B1DD-4867-89BF-984A219D263F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.954\Agent.exe FirewallRules: [{DD49B066-1780-4E7E-9B66-6F2E74068E9B}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{A794DF35-91F0-47E1-8188-824A7A696178}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{86737786-45A5-442B-A1B9-EC84109BC89C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe FirewallRules: [{B003BE9D-DFB9-4874-9CDE-926577326012}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.976\Agent.exe FirewallRules: [{432FD617-DF98-41CC-AD8F-AAFD680D9213}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe FirewallRules: [{DAA05528-FEC1-4D2D-849E-5C4BBF81E186}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.998\Agent.exe FirewallRules: [{948D20B6-37D0-4164-A51B-08FC9DE43DBD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe FirewallRules: [{CC03BEE2-4384-4E58-94A0-5F2CBC482032}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe FirewallRules: [{76EB1164-ADE9-4E2E-98FF-4DF6D1F1D621}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe FirewallRules: [{837002F4-2318-4059-AB81-541DE2D243B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe FirewallRules: [{5DB57884-2DEA-4A42-8792-54B3E14D0889}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe FirewallRules: [{533D261B-7A0D-4AD3-B141-D6C479FF8B99}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe FirewallRules: [{DFC7AB3A-2A10-4F54-B544-C2DAD23D9DA6}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{026114C7-B84E-489C-B13F-7B64E46AC8A0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{577C954F-6477-4B1E-95B5-EE8B8F030654}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{460F1C71-5E93-45D3-8DC4-856194DC16AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6C87D6F2-67AA-4E2E-BC36-5FD3EE2670AF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FE04B061-64D3-4E1F-8263-EA61CD38972A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe FirewallRules: [{0D8AE1B6-DF9D-4F74-911C-4D8302FC845E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{D0F5A46F-CFE5-4FE8-8928-56799BB708E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe FirewallRules: [{930B4EB8-CA4A-47A4-B898-F6B86CA96120}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{4F599070-17EC-4872-B4CC-6E6F0B383CC6}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [TCP Query User{AE5E24D3-BE58-4467-BB1C-BF1A10287BC9}C:\program files (x86)\gigabyte\et6\updexe.exe] => (Block) C:\program files (x86)\gigabyte\et6\updexe.exe FirewallRules: [UDP Query User{39D15867-6527-4D76-9BD5-CB3007AE2DB9}C:\program files (x86)\gigabyte\et6\updexe.exe] => (Block) C:\program files (x86)\gigabyte\et6\updexe.exe FirewallRules: [TCP Query User{0A557632-BB25-4F0C-A669-714E81C11BC3}C:\program files (x86)\gigabyte\et6\gbtupd.exe] => (Block) C:\program files (x86)\gigabyte\et6\gbtupd.exe FirewallRules: [UDP Query User{A9274B43-3A43-492F-A6F6-E3FB7819B90A}C:\program files (x86)\gigabyte\et6\gbtupd.exe] => (Block) C:\program files (x86)\gigabyte\et6\gbtupd.exe FirewallRules: [{DCE33B07-4E4C-47A3-8217-235797BE83D4}] => (Allow) C:\Program Files (x86)\SMA\Sunny Explorer\SMA.Multicasting.IGMP.QuerierService.exe FirewallRules: [{39A48325-9D90-46EF-9A7C-82DBC5ECD51C}] => (Allow) C:\Program Files (x86)\SMA\Sunny Explorer\SunnyExplorer.exe FirewallRules: [{84DF0512-1B01-40CE-899B-5ADE951E4C8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{189B180F-0CFF-4201-BC13-A6A8171A084E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DCB8EA33-16C7-455C-9D22-E9EA221A31DC}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe FirewallRules: [{F07E94B9-C0A0-4DEA-8A2C-84BBE25D6C55}] => (Allow) C:\Program Files (x86)\Vuze\Azureus.exe FirewallRules: [{42EAA842-1017-410D-B99D-B2911ED68993}] => (Allow) C:\Users\hans\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Ethernet Controller Description: Ethernet Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/31/2015 03:44:00 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1312) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:44:00 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1312) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:26:11 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1320) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:26:11 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1320) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:26:11 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1320) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:26:11 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1320) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:26:11 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1320) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:26:11 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1320) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:26:11 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1320) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. Error: (07/31/2015 03:26:11 PM) (Source: ESENT) (EventID: 412) (User: ) Description: wuaueng.dll (1320) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -546. System errors: ============= Error: (07/31/2015 03:39:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Panda Product Service service failed to start due to the following error: %%1053 Error: (07/31/2015 03:39:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Panda Product Service service to connect. Error: (07/31/2015 03:39:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Panda Protection Service service failed to start due to the following error: %%1053 Error: (07/31/2015 03:39:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Panda Protection Service service to connect. Error: (07/31/2015 03:39:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The ESET Service service failed to start due to the following error: %%1053 Error: (07/31/2015 03:39:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the ESET Service service to connect. Error: (07/31/2015 03:38:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (07/31/2015 03:38:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Smart TimeLock Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. Error: (07/31/2015 03:38:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Acronis Sync Agent Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/31/2015 03:38:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Microsoft Office: ========================= Error: (08/08/2010 07:37:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1234 seconds with 720 seconds of active time. This session ended with a crash. CodeIntegrity: =================================== Date: 2015-07-31 14:09:37.589 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-31 14:05:48.604 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-07-30 10:14:04.865 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-27 18:41:17.379 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-04-27 18:32:26.123 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-25 19:58:59.640 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-23 09:12:47.026 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-19 07:59:22.281 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 18:55:59.371 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. Date: 2015-03-18 18:39:54.595 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\RtkAPO64.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7 CPU 930 @ 2.80GHz Percentage of memory in use: 22% Total physical RAM: 12286.42 MB Available physical RAM: 9462.89 MB Total Virtual: 24572.84 MB Available Virtual: 21484.39 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:781.13 GB) (Free:421.48 GB) NTFS Drive d: () (Fixed) (Total:1081.79 GB) (Free:271.85 GB) NTFS Drive i: (NIKON D800) (Removable) (Total:29.79 GB) (Free:27.99 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 3D5805C1) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=781.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=1081.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 29.8 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End of log ============================