Here is the Addition log:
Thanks!
Additional scan result of Farbar Recovery Scan Tool (x86) Version:10-10-2015
Ran by mnar (2015-10-10 17:10:15)
Running from C:\Users\mnar\Documents\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2007-12-06 01:28:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-714856783-1908625882-2316339518-500 - Administrator - Disabled)
Guest (S-1-5-21-714856783-1908625882-2316339518-501 - Limited - Disabled)
mnar (S-1-5-21-714856783-1908625882-2316339518-1000 - Administrator - Enabled) => C:\Users\mnar
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
4660_4680_Help (Version: 1.00.0000 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader X (10.1.15) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM\...\{1BDC9633-895B-4842-BCB6-8FA1EC2A3C5A}) (Version: 10.2.0.023 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
BPD_HPSU (Version: 1.00.0000 - Hewlett-Packard) Hidden
bpd_scan (Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (Version: 1.00.0000 - Hewlett-Packard) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 5.10.38.26 - Broadcom Corporation)
BufferChm (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.36.7.60 - Conexant)
CustomerResearchQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1002 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Destination Component (Version: 100.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocMgr (Version: 100.0.201.000 - Hewlett-Packard) Hidden
DocProc (Version: 10.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.0928 - CyberLink Corp.)
EA Link (HKLM\...\InstallShield_{F5577101-33CC-4711-8235-3A95BCD49DB0}) (Version: 3.1.1.4 - Electronic Arts)
EA Link (Version: 3.1.1.4 - Electronic Arts) Hidden
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
ESU for Microsoft Vista (HKLM\...\{68471BF2-F1F7-4C89-BBBA-400B94996596}) (Version: 2.0.10.1 - Hewlett-Packard)
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fax (Version: 100.0.272.000 - Hewlett-Packard) Hidden
FoneSync (HKLM\...\FoneSync) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 45.0.2454.101 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
GoToMeeting 7.3.0.3499 (HKU\S-1-5-21-714856783-1908625882-2316339518-1000\...\GoToMeeting) (Version: 7.3.0.3499 - CitrixOnline)
GPBaseService (Version: 100.0.187.000 - Hewlett-Packard) Hidden
Hauppauge MCE XP/Vista Software Encoder (2.0.25149) (HKLM\...\Hauppauge MCE2005 Software Encoder) (Version: 2.0.25149 - Hauppauge Computer Works, Inc.)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_HERMOSA_HSF) (Version: - )
Hewlett-Packard ACLM.NET v1.1.0.0 (Version: 1.00.0000 - Hewlett-Packard) Hidden
Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden
HP Active Support Library (HKLM\...\{11BB336F-0E58-4977-B866-F24FA334616B}) (Version: 2.3.0.2 - Hewlett-Packard)
HP Customer Experience Enhancements (HKLM\...\{BD0E2B92-3814-46F0-893B-4612EA010C7E}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Customer Participation Program 10.0 (HKLM\...\HPExtendedCapabilities) (Version: 10.0 - HP)
HP Doc Viewer (HKLM\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.02.0001 - Hewlett-Packard)
HP Document Manager 1.0 (HKLM\...\HP Document Manager) (Version: 1.0 - HP)
HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP Help and Support (HKLM\...\{28EDCE9C-3304-4331-8AB3-F3EBE94C35B4}) (Version: 1.5.1 - Hewlett-Packard)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Officejet All-In-One Series (HKLM\...\{67335AB1-6341-4f87-A5B4-7FA92CEB77A4}) (Version: 1.0 - HP)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Quick Launch Buttons 6.40 H2 (HKLM\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP QuickPlay 3.6 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version: - )
HP QuickTouch 1.00 C4 (HKLM\...\{7DC4A410-9986-4329-9E5D-687B2C42CA39}) (Version: 1.0.7 - Hewlett-Packard)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 3.5 - HP)
HP Solution Center 10.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 10.0 - HP)
HP Total Care Advisor (HKLM\...\{b02df929-29a7-4fd2-9a70-81a644b635f7}) (Version: 1.4.19.2433 - Hewlett-Packard)
HP Update (HKLM\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0087 (HKLM\...\{4D49757C-367A-4333-BDB3-68966162B14E}) (Version: 1.02.0000 - Hewlett-Packard )
HP Wireless Assistant (HKLM\...\{CBAE4F50-9FC9-4557-AB36-9826DF3C103C}) (Version: 3.00 H2 - Hewlett-Packard)
HPNetworkAssistant (HKLM\...\{228C6B46-64E2-404E-898A-EF0830603EF4}) (Version: 1.1.70 - Hewlett-Packard.)
HPPhotoSmartDiscLabel_PaperLabel (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_PrintOnDisc (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabel_Tattoo (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.02.0000 - Hewlett-Packard) Hidden
hpphotosmartdisclabelplugin (Version: 2.02.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookHolidayPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookModernPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookPlayfulPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookScrapbookPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 100.0.170.000 - Hewlett-Packard) Hidden
HPSSupply (Version: 100.0.170.000 - Hewlett-Packard) Hidden
J4680 (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.450 - Oracle)
Java 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java 6 Update 30 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216030FF}) (Version: 6.0.300 - Oracle)
JavaFX 2.0.3 (HKLM\...\{1111706F-666A-4037-7777-203328764D10}) (Version: 2.0.3 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.20.2128 - CyberLink Corp.)
LAV Filters 0.55.3 (HKLM\...\lavfilters_is1) (Version: 0.55.3 - Hendrik Leppkes)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Money 2001 (HKLM\...\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}) (Version: 9.0.0.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft Works 2001 Setup Launcher (HKLM\...\Works2001Setup) (Version: - )
Microsoft Works Suite Add-in for Microsoft Word (HKLM\...\{5F629FE8-5B4C-4863-937A-AFC2961F7DD3}) (Version: 2.0.0.0000 - Microsoft Corporation)
Mozilla Firefox 19.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 19.0.2 (x86 en-US)) (Version: 19.0.2 - Mozilla)
MSCU for Microsoft Vista (HKLM\...\{F7F3B252-E772-48AA-93EB-7964BC326067}) (Version: 1.0.1.9 - Hewlett-Packard)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
muvee autoProducer 6.1 (HKLM\...\{250E9609-E830-43EB-B379-DAB7546A2422}) (Version: 6.10.050 - muvee Technologies)
My HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: HPCMPQ1902 - WildTangent)
NetDeviceManager (Version: 100.0.170.000 - Hewlett-Packard) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.46 - BVRP Software, Inc)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.4 - NVIDIA Corporation)
OCR Software by I.R.I.S. 10.0 (HKLM\...\HPOCR) (Version: 10.0 - HP)
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3327 - CyberLink Corp.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2129 - CyberLink Corp.)
PowerDirector (Version: 6.5.2129 - CyberLink Corp.) Hidden
ProductContext (Version: 50.0.165.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
QuickPlay SlingPlayer 0.4.4 (HKLM\...\SlingMedia.QPSlingPlayer_is1) (Version: 0.4.4 - SlingMedia)
RabbitTV (HKU\S-1-5-21-714856783-1908625882-2316339518-1000\...\6c2290d276fa0f0d) (Version: 1.0.0.8 - RabbitTV.com)
Revo Uninstaller Pro 2.5.7 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.7 - VS Revo Group, Ltd.)
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01 (HKLM\...\{59F6A514-9813-47A3-948C-8A155460CC2A}) (Version: 3.51.01 - )
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Scan (Version: 10.1.0.0 - Hewlett-Packard) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 10.0 - HP)
Skype™ 6.21 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Slingbox Flash Tour (HKLM\...\{38EAC694-0D90-445F-8C17-8B50ADFE3162}) (Version: 1.0.0 - Sling Media)
SlingPlayer (HKLM\...\InstallShield_{004B0DCB-4C60-465B-8F01-44B0A4111187}) (Version: 1.04.0206 - Sling Media)
SlingPlayer (Version: 1.04.0206 - Sling Media) Hidden
SmartWebPrintingOC (Version: 100.0.189.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 100.0.175.000 - Hewlett-Packard) Hidden
Status (Version: 100.0.272.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tableau 8.3 (8300.15.0114.2230) (32-bit) (HKLM\...\{D924C15D-B674-4D90-A0ED-889ADB9B99E8}) (Version: 8.3.1412 - Tableau Software)
The Sims™ Life Stories (HKLM\...\{2284D904-C138-4B58-93EC-5C362AB5130A}) (Version: 1.00.0000 - Electronic Arts)
Toolbox (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TrayApp (Version: 100.0.170.000 - Hewlett-Packard) Hidden
TurboTax 2011 (HKLM\...\TurboTax 2011) (Version: - Intuit, Inc)
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2013 (HKLM\...\TurboTax 2013) (Version: 2013.0 - Intuit, Inc)
Unity Web Player (HKU\S-1-5-21-714856783-1908625882-2316339518-1000\...\UnityWebPlayer) (Version: 4.5.5f1 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Video to Video (HKLM\...\{7F95A744-78DA-4AED-A8F0-A0AF330B8411}_is1) (Version: - Media Converters)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VIP Access (HKLM\...\{97C89A11-9AD7-49CE-9F90-54BF075623CE}) (Version: 2.1.1.34 - Symantec Corporation)
Vongo (HKLM\...\{8C3AE2D1-854D-4650-A73D-C7CC7EE36B80}) (Version: 1.51.40 - Starz)
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
WebReg (Version: 100.0.170.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Works Suite OS Pack (Version: 1.0.0.0000 - Microsoft Corporation) Hidden
Works Synchronization (Version: 1.0.0.0000 - Your Company Name) Hidden
乐视视频 V7.0.5.244 (HKLM\...\乐视视频) (Version: V7.0.5.244 - 乐视网信息技术(北京)股份有限公司.)
快播 5.20.241 (HKLM\...\QvodPlayer) (Version: 5.20.241 - Shenzhen Qvod Technology Co.,Ltd)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{02E2D748-67F8-48B4-8AB4-0A085374BB99}\InprocServer32 -> C:\Program Files\QvodPlayer\Allplugin.dll (Shenzhen QVOD Technology Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\mnar\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\mnar\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\mnar\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{7B94F0F0-7CDD-11D3-9B96-00105AA4504D}\InprocServer32 -> C:\Program Files\Microsoft Money\System\pmasdskr.dll ()
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files\Citrix\GoToMeeting\2331\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\mnar\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{8cbf578d-51ae-534c-a7c3-6aef0845f574}\InprocServer32 -> C:\Program Files\Letv\letvlive\npBase.dll (letv)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\mnar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{E5D0E06D-5309-11D1-A1F0-0000F875A2F0}\InprocServer32 -> C:\Program Files\Microsoft Money\System\mscps.dll ()
CustomCLSID: HKU\S-1-5-21-714856783-1908625882-2316339518-1000_Classes\CLSID\{F3D0D36F-23F8-4682-A195-74C92B03D4AF}\InprocServer32 -> C:\Program Files\QvodPlayer\npQvodInsert.dll (Shenzhen QVOD Technology Co.,Ltd)
==================== Restore Points =========================
22-08-2015 14:40:49 Windows Update
23-08-2015 22:29:07 Windows Update
09-09-2015 18:05:31 Installed NetScaler Gateway Plug-in
09-09-2015 19:07:35 Device Driver Package Install: Citrix Systems Inc. Citrix USB Devices
14-09-2015 13:15:37 Scheduled Checkpoint
14-09-2015 22:52:37 Windows Update
28-09-2015 19:22:54 Windows Update
29-09-2015 21:48:47 Scheduled Checkpoint
03-10-2015 10:22:50 Windows Update
04-10-2015 17:29:12 Scheduled Checkpoint
06-10-2015 17:17:18 Scheduled Checkpoint
07-10-2015 22:46:30 Windows Update
09-10-2015 21:01:09 Removed NetScaler Gateway Plug-in
09-10-2015 21:09:35 Removed Citrix Online Launcher
09-10-2015 21:11:00 Removed GEAR driver installer 4.019
09-10-2015 21:12:37 Removed HP Product Detection
09-10-2015 21:13:24 Removed HP Product Detection
10-10-2015 13:54:19 JRT Pre-Junkware Removal
10-10-2015 16:23:18 Checkpoint by HitmanPro
10-10-2015 16:27:01 Checkpoint by HitmanPro
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 06:23 - 2015-10-10 16:28 - 00000019 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {001EEF8D-50E1-40FF-AED9-7C9192D95C32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.)
Task: {02F66216-CCE2-4BCF-A205-F31F57951ACB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-09-09] (Google Inc.)
Task: {0EABD965-47A0-40DC-8CB8-F70291FFA082} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {14DEFE17-9DD4-4BA5-9A85-E6B0BA2DC7CA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-28] (Adobe Systems Incorporated)
Task: {2177436A-4B37-4431-A6F8-CF1E18C6BF6F} - System32\Tasks\{97475681-0A95-422A-B354-A176E71499EC} => pcalua.exe -a C:\Users\mnar\Downloads\sp41675.exe -d "C:\Program Files\Mozilla Firefox"
Task: {2420E39C-62AE-4CA7-B401-D9102434B119} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {24805DED-F138-4791-89BD-D8DB7AE42CA1} - System32\Tasks\{65C81E28-8840-4EC2-A976-701DD0C2B078} => pcalua.exe -a "C:\Program Files\AIM6\uninst.exe"
Task: {2DDE714F-7017-414F-B8BC-CF29D2E618C1} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {301929A3-9FF2-4D63-982A-90A1FAC19FED} - System32\Tasks\G2MUploadTask-S-1-5-21-714856783-1908625882-2316339518-1000 => C:\Program Files\Citrix\GoToMeeting\3499\g2mupload.exe [2015-09-29] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {36F3FFCD-24AC-4AAF-AA2E-19487139C519} - System32\Tasks\{D1D4B339-1319-4BD4-8583-A7DF67993480} => pcalua.exe -a C:\Users\mnar\Downloads\sp56954.exe -d C:\Users\mnar\Downloads
Task: {54E4B634-87C2-44F5-8F1E-AA9294BCE64A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-714856783-1908625882-2316339518-1000Core => C:\Users\mnar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-21] (Facebook Inc.)
Task: {9D794DE5-3DB2-40CA-91C5-0DB3D97CD68B} - System32\Tasks\G2MUpdateTask-S-1-5-21-714856783-1908625882-2316339518-1000 => C:\Program Files\Citrix\GoToMeeting\3499\g2mupdate.exe [2015-09-29] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {B496EE04-F1DB-410D-AE0B-112ED55A6823} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-714856783-1908625882-2316339518-1000UA => C:\Users\mnar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-12-21] (Facebook Inc.)
Task: {BE73B45D-CE64-45B4-A839-9AFF7E538662} - \MobProtect -> No File <==== ATTENTION
Task: {D3283A85-52BD-40FC-A604-16CAF15E7911} - System32\Tasks\{44CE804F-6F50-456B-BBEB-1F5585CEB9C7} => pcalua.exe -a E:\setup.exe -d E:\
Task: {FAAD79FC-ECF5-4D81-AC0C-18C1474722A9} - System32\Tasks\{F771CB33-84AE-45EC-90DB-423EBBBF0AA6} => pcalua.exe -a C:\Users\mnar\Downloads\QvodSetup5.exe -d C:\Users\mnar
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714856783-1908625882-2316339518-1000Core.job => C:\Users\mnar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-714856783-1908625882-2316339518-1000UA.job => C:\Users\mnar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-714856783-1908625882-2316339518-1000.job => C:\Program Files\Citrix\GoToMeeting\3499\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-714856783-1908625882-2316339518-1000.job => C:\Program Files\Citrix\GoToMeeting\3499\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2007-10-22 16:48 - 2007-01-09 06:25 - 00272024 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-714856783-1908625882-2316339518-1000\...\intuit.com -> hxxps://ttlc.intuit.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-714856783-1908625882-2316339518-1000\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\HPRadiance.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: HP Health Check Service => 2
MSCONFIG\Services: hpqddsvc => 2
MSCONFIG\Services: hpqwmiex => 2
MSCONFIG\Services: IntuitUpdateServiceV4 => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: QPCapSvc => 2
MSCONFIG\Services: QPSched => 2
MSCONFIG\Services: QWAVE => 3
MSCONFIG\Services: SOSOUpSvc => 2
MSCONFIG\Services: VIPAppService => 2
MSCONFIG\Services: Vongo Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk => C:\Windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Vongo Tray.lnk => C:\Windows\pss\Vongo Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^mnar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Citrix Receiver.lnk => C:\Windows\pss\Citrix Receiver.lnk.Startup
MSCONFIG\startupfolder: C:^Users^mnar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\Windows\pss\ERUNT AutoBackup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^mnar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PPS.lnk => C:\Windows\pss\PPS.lnk.Startup
MSCONFIG\startupfolder: C:^Users^mnar^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^爱奇艺PPS影音.lnk => C:\Windows\pss\爱奇艺PPS影音.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\mnar\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: Facebook Update => "C:\Users\mnar\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HCDNClient => "C:\Program Files\IQIYI Video\Common\HCDNClient.exe" -shell_start
MSCONFIG\startupreg: HP Health Check Scheduler => [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: HPAdvisor => C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
MSCONFIG\startupreg: hpWirelessAssistant => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: LetvHClient => C:\Program Files\Letv\letvlive\LetvHClient.exe
MSCONFIG\startupreg: Loader => C:\Program Files\Letv\letvlive\LeTVLoader.exe #mini
MSCONFIG\startupreg: Microsoft Works Update Detection => C:\Program Files\Microsoft Works\WkDetect.exe
MSCONFIG\startupreg: MoneyAgent => "C:\Program Files\Microsoft Money\System\Money Express.exe"
MSCONFIG\startupreg: MoneyStartUp => C:\Program Files\Microsoft Money\System\Money Startup.exe
MSCONFIG\startupreg: OnScreenDisplay => C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe
MSCONFIG\startupreg: PPS Accelerator => D:\PPS.tv\PPStream\PPSKernel.exe
MSCONFIG\startupreg: QlbCtrl.exe => C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
MSCONFIG\startupreg: QPService => "C:\Program Files\HP\QuickPlay\QPService.exe"
MSCONFIG\startupreg: QvodTerminal => "C:\Program Files\QvodPlayer\QvodTerminal.exe" -autorun
MSCONFIG\startupreg: QyClient => "C:\Program Files\IQIYI Video\PStyle\QyClient.exe" autostart
MSCONFIG\startupreg: QyKernel => C:\Program Files\IQIYI Video\LStyle\QyKernel.exe
MSCONFIG\startupreg: Redirector => "C:\Program Files\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: WAWifiMessage => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
MSCONFIG\startupreg: WorksFUD => C:\Program Files\Microsoft Works\wkfud.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{CE4F4E83-AF88-482F-AE25-0C747924040E}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{DFD324BE-F770-4D31-9549-C8FBDAC78B9E}] => (Allow) C:\Program Files\Common Files\AOL\Loader\aolload.exe
FirewallRules: [{B012CF73-0AA9-4CA7-8D29-ADB011DF9B38}] => (Allow) C:\Program Files\Cyberlink\PowerDirector\PDR.EXE
FirewallRules: [{1A8A904E-B1D2-463E-9D3F-567D9943A22D}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{75389B44-D2B8-47DF-807F-7E760DDA8BE2}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{035FB961-80B5-4C83-A557-351F5F142F6F}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{E597B241-B3F9-48DC-A5C3-6EFE6EC6E425}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{DB3093D3-9E93-4B0A-BCFF-A2166E1441F4}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{F4AD277B-E08C-4E1E-8B77-2068DD64ED44}] => (Allow) C:\Program Files\earthlink totalaccess\TaskPanl.exe
FirewallRules: [{FAA4FC71-80FA-438F-95BD-1D088C7918C1}] => (Allow) C:\Program Files\HP\QuickPlay\QP.exe
FirewallRules: [{ED7121CA-8DB4-4371-8A2C-2463A3DC4CCA}] => (Allow) C:\Program Files\HP\QuickPlay\QPService.exe
FirewallRules: [{5D9D73C6-E26E-487F-97E3-5E89F53BE5BA}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AD775E90-5AB9-42F9-9DC5-D976E6C7768C}] => (Allow) F:\setup\HPZNUI01.EXE
FirewallRules: [{F335E70E-04C0-40B3-BDCE-4B507DA81B97}] => (Allow) F:\setup\HPZNUI01.EXE
FirewallRules: [{62592B9F-FA41-480A-A45C-131FEE40F781}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{31DE2FEB-567B-40CD-BD43-9739DE301A2C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{2ACBA532-38B4-49A3-BE77-4A25042363F7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{7CDD2C6A-1E5C-4C70-8A74-9653408E8D4C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{BD65438F-FFA0-4AD0-8FC3-836AE436B132}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{6558AF83-B4DC-4DBF-9A7D-CDCF7DA1A632}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{69959864-1DF6-4FF9-80C8-F97D88621E44}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{C7D7D33A-CE62-470E-9DA9-89FC469B8EFA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{D66B360D-9AB9-4232-A5A5-819A1643520C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E091CBF2-7F0A-49E8-B50E-EF4A061AD712}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{9206A70E-9DA2-4E61-8ABC-DF38633DD80C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{44EDAB08-3DF7-490B-ABCD-9D0661154F54}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{DED79C9E-0ABE-40B2-AD86-E7DE1BD32A3F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{3B81A64B-51D2-49A1-91BB-832C1B6A0703}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{ECC14089-C02C-4F61-9536-35286DEE9422}] => (Allow) D:\PPS.tv\PPStream\PPStream.exe
FirewallRules: [{AA470424-6DF9-4323-9A64-661143E57D50}] => (Allow) D:\PPS.tv\PPStream\PPStream.exe
FirewallRules: [{312A5FAD-2851-4FC1-908B-25EF685CB7FA}] => (Allow) D:\PPS.tv\PPStream\PPSAP.exe
FirewallRules: [{24ADEFB0-7DA6-4332-8C37-A8B3F99CC3EE}] => (Allow) LPort=80
FirewallRules: [{888AB8F1-EB43-4305-878C-EB1D65490F06}] => (Allow) LPort=80
FirewallRules: [{39519CD2-3ACD-4D40-9600-D4C5EB9EB5F0}] => (Allow) LPort=80
FirewallRules: [TCP Query User{7946AEB8-2B99-4045-A620-E4F5CFA6A1FB}C:\program files\qvodplayer\qvodterminal.exe] => (Allow) C:\program files\qvodplayer\qvodterminal.exe
FirewallRules: [UDP Query User{48E3846D-D1B1-45A4-8CF8-D47BEADB1F6C}C:\program files\qvodplayer\qvodterminal.exe] => (Allow) C:\program files\qvodplayer\qvodterminal.exe
FirewallRules: [TCP Query User{AC8504B6-4368-4DD7-A0FA-9B43F31CE8C4}C:\program files\java\jre6\bin\java.exe] => (Block) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{2166A62A-A4C6-4883-98CA-3027C56B286D}C:\program files\java\jre6\bin\java.exe] => (Block) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{53A4077D-0F13-4C32-A877-0E4A6BEDAA4D}] => (Allow) E:\setup\HPZnui01.exe
FirewallRules: [{379C1034-43AA-419E-8630-1437E8197350}] => (Allow) E:\setup\HPZnui01.exe
FirewallRules: [{5ABAF1AA-9A03-44F9-9CD1-5080A74C2BB6}] => (Allow) C:\Users\mnar\AppData\Roaming\PPStream\update\ppstreamsetup-update120814.exe
FirewallRules: [{071C473D-8D03-413D-8B56-244064A82370}] => (Allow) C:\Users\mnar\AppData\Roaming\PPStream\update\ppstreamsetup-update120814.exe
FirewallRules: [{1128CAE0-6253-4E8E-8595-EB9713341591}] => (Allow) D:\PPS.tv\PPStream\PPStream.exe
FirewallRules: [{B14B4A41-27B0-4BE0-A693-2FF9DFE514AB}] => (Allow) D:\PPS.tv\PPStream\PPStream.exe
FirewallRules: [{0A2C34DD-14CD-4124-86BE-2AE41BD66CC4}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{7F2EECD1-2A5B-4C55-A468-D322829665FF}] => (Allow) LPort=2869
FirewallRules: [{746C9889-DA26-4B7B-A70F-D6162598068F}] => (Allow) LPort=1900
FirewallRules: [{2D1B4AFB-F4B6-4C8B-B10C-27BE1EDC0EAA}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3298B12F-9F36-4D8C-B11C-D99338F0C547}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{D7041ACB-1A7C-4D1D-A814-1FED563DED9E}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{DFF26335-174A-4698-85DB-2850C38ADF16}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{C8E53F08-8D7B-4563-9B7F-2F88B6A8431B}C:\users\mnar\downloads\qvodsetupplus.exe] => (Allow) C:\users\mnar\downloads\qvodsetupplus.exe
FirewallRules: [UDP Query User{3E9A77CB-A754-4765-89F2-B2664649EA52}C:\users\mnar\downloads\qvodsetupplus.exe] => (Allow) C:\users\mnar\downloads\qvodsetupplus.exe
FirewallRules: [{54ED8FD0-758A-4782-B62B-60E199388E74}] => (Allow) C:\Program Files\360\360Safe\safemon\360Tray.exe
FirewallRules: [{4AD42B47-BC9E-4CF2-9B5D-5342D1A70DD5}] => (Allow) C:\Program Files\360\360Safe\safemon\360Tray.exe
FirewallRules: [{50A0B792-B30F-4657-B362-AE76937EB872}] => (Allow) C:\Program Files\QvodPlayer\QvodTerminal.exe
FirewallRules: [{3E04AF3E-7B98-4EDF-A9D1-A03B6AF7DF84}] => (Allow) C:\Program Files\QvodPlayer\QvodTerminal.exe
FirewallRules: [TCP Query User{A674D6A0-D883-4E43-8935-3E7D634EC5C5}C:\program files\qvodplayer\qvodplayer.exe] => (Allow) C:\program files\qvodplayer\qvodplayer.exe
FirewallRules: [UDP Query User{1C0A44E8-A902-44C7-8311-90FC1E939C12}C:\program files\qvodplayer\qvodplayer.exe] => (Allow) C:\program files\qvodplayer\qvodplayer.exe
FirewallRules: [TCP Query User{371E8853-3638-47FA-AD32-3FE6576124D7}C:\program files\360\360sd\360sdupd.exe] => (Allow) C:\program files\360\360sd\360sdupd.exe
FirewallRules: [UDP Query User{7F7336B8-301F-44B3-8264-FC34DA802C4E}C:\program files\360\360sd\360sdupd.exe] => (Allow) C:\program files\360\360sd\360sdupd.exe
FirewallRules: [TCP Query User{E1897A03-C9B5-41F7-818D-108319051AC7}C:\program files\qvodplayer\qvodplayer.exe] => (Block) C:\program files\qvodplayer\qvodplayer.exe
FirewallRules: [UDP Query User{AA36F7D4-1F77-4A8C-AC14-8501EF7D2E24}C:\program files\qvodplayer\qvodplayer.exe] => (Block) C:\program files\qvodplayer\qvodplayer.exe
FirewallRules: [TCP Query User{25D03B1D-2E1F-4888-8B21-9DD72B46D355}C:\users\mnar\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mnar\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{5408EA4D-19AF-4887-9457-A9E50DA6C14B}C:\users\mnar\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mnar\appdata\local\akamai\netsession_win.exe
FirewallRules: [{2D50AB16-3DBC-40E5-91C4-E3675E1B11CE}] => (Allow) C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A9638TR4\QvodSetup5.exe
FirewallRules: [{65EC4CC7-D691-42E5-B763-8C4340A01797}] => (Allow) C:\Users\mnar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\A9638TR4\QvodSetup5.exe
FirewallRules: [{26F0A66B-4C8F-490D-B8CE-B652A13130B3}] => (Allow) C:\Users\mnar\Documents\Downloads\QvodSetup5 (1).exe
FirewallRules: [{7F478DB6-FE42-44C2-9C24-C47A5E5E3C57}] => (Allow) C:\Users\mnar\Documents\Downloads\QvodSetup5 (1).exe
FirewallRules: [TCP Query User{948B2257-14E9-4A5A-904C-00FC06F4724D}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{247A7625-E22E-4C34-B267-60454039776B}C:\program files\mozilla firefox\plugin-container.exe] => (Allow) C:\program files\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{FA086008-9829-4218-BBDE-855203BD86AD}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{7D118AD8-D8E9-4798-B15F-140411EF81F1}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [{0C273291-8382-46F7-81F5-29FA00D8AB72}] => (Allow) C:\Users\mnar\AppData\Roaming\PPStream\ppsupdate.exe
FirewallRules: [{A7EC20CD-5015-4850-9F63-88FF1A1DADA2}] => (Allow) D:\PPS.tv\PPStream\PPStream.exe
FirewallRules: [{F6197D80-33ED-4ED1-B27C-74CF13F5E0D9}] => (Allow) D:\PPS.tv\PPStream\PPSKernel.exe
FirewallRules: [{A1B602E6-E514-4153-9C8D-5510563CF3E8}] => (Allow) D:\PPS.tv\PPStream\PPSKernel.exe
FirewallRules: [{FE68E7B5-9E50-4C2B-937A-0AFC94045294}] => (Allow) D:\PPS.tv\PPStream\PPSKernel.exe
FirewallRules: [TCP Query User{4186199C-7A83-472F-B4F8-581B40F95F01}D:\pps.tv\ppstream\ppskernel.exe] => (Allow) D:\pps.tv\ppstream\ppskernel.exe
FirewallRules: [UDP Query User{57AFBDE3-2C80-4285-8AF1-0F8709497827}D:\pps.tv\ppstream\ppskernel.exe] => (Allow) D:\pps.tv\ppstream\ppskernel.exe
FirewallRules: [{526A5562-E46D-4449-9B08-762CF4BE7537}] => (Allow) C:\Users\mnar\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{32466EF7-D8AB-4CC4-A897-9329D6872E8F}C:\users\public\qiyi\qiyikernel\app\qykernel.exe] => (Block) C:\users\public\qiyi\qiyikernel\app\qykernel.exe
FirewallRules: [UDP Query User{5C8BE1CA-2451-4815-9860-4536358B3E25}C:\users\public\qiyi\qiyikernel\app\qykernel.exe] => (Block) C:\users\public\qiyi\qiyikernel\app\qykernel.exe
FirewallRules: [{BB81669F-DDA9-407A-8ED4-13313E1129C8}] => (Allow) C:\Users\mnar\AppData\Roaming\PPStream\QyUpdate.exe
FirewallRules: [{611E09CA-0B40-4239-B34A-7964FF297211}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{410C8F25-A1B8-4C4D-BBFE-0E7F6D7B1005}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyKernel.exe
FirewallRules: [{08E78223-BF12-4CE0-BDE8-B65ED51E0307}] => (Allow) C:\Program Files\IQIYI Video\LStyle\MobProtect.exe
FirewallRules: [{727D0842-0F56-4E40-A7A4-EE65995899F9}] => (Allow) E:\setup\HPZNUI01.EXE
FirewallRules: [{49C200A8-1017-440B-BB58-3D50C33FE308}] => (Allow) E:\setup\HPZNUI01.EXE
FirewallRules: [{B3FEF527-9C84-4BCB-AE44-E5975DA9D0C6}] => (Allow) C:\Users\mnar\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{D5ECB690-A9F6-4163-AA92-4316A8BFD790}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{EEE05A57-0D89-46EA-A322-805E58D8824C}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{8C78046A-5BC1-4580-9265-F3E0B13A0412}] => (Allow) C:\Program Files\IQIYI Video\Common\HCDNClient.exe
FirewallRules: [{2BC67990-3876-4FA6-A1CE-0DCBB3A14271}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [TCP Query User{CC774BBF-3A13-42BC-99FC-C8BEABEB687A}C:\program files\iqiyi video\common\qykernel.exe] => (Allow) C:\program files\iqiyi video\common\qykernel.exe
FirewallRules: [UDP Query User{9EA85D08-E183-4832-916C-006FE1691663}C:\program files\iqiyi video\common\qykernel.exe] => (Allow) C:\program files\iqiyi video\common\qykernel.exe
FirewallRules: [TCP Query User{FFAD44C7-6663-4BE5-8FA4-9290329EAF71}C:\program files\iqiyi video\common\qykernel.exe] => (Allow) C:\program files\iqiyi video\common\qykernel.exe
FirewallRules: [UDP Query User{59B59E82-E10F-4ECB-8872-C123384B5476}C:\program files\iqiyi video\common\qykernel.exe] => (Allow) C:\program files\iqiyi video\common\qykernel.exe
FirewallRules: [{D7A9A108-F225-4527-AFD3-58B6FDD21446}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdater.exe
FirewallRules: [{1BC4D9C8-4E9C-4CF6-B722-E29949F19053}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{52136180-E2B3-4B51-A098-CB66F2F90DB7}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{1206F716-DC25-4391-9BE1-F6663423F7B3}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{389FDE37-7EF9-43C0-B25A-5C32F85CC878}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [{106E80C1-BFA1-4DDD-ADDC-5BA429ED1ACF}] => (Allow) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
FirewallRules: [TCP Query User{263B5C9A-B37C-402F-8687-82DFA4AE4719}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{AB07D61F-B27C-4C2F-AAC8-0083EC1A5F8A}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{2B283FE2-9410-412E-B4D1-B13C6EB442F4}C:\users\public\qiyi\qiyikernel\app\qykernel.exe] => (Block) C:\users\public\qiyi\qiyikernel\app\qykernel.exe
FirewallRules: [UDP Query User{80B5B497-C570-454B-9B86-B900554616E4}C:\users\public\qiyi\qiyikernel\app\qykernel.exe] => (Block) C:\users\public\qiyi\qiyikernel\app\qykernel.exe
FirewallRules: [{F6ECD8FF-8119-4230-A45E-A943D8E66A86}] => (Allow) C:\Users\mnar\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{E3DB5F34-9ECE-471F-989C-95AD3A5A55A4}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{59FF2247-CAAE-49A9-ADEA-C9998A364E1C}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{B92E9016-519A-4955-BB32-A5E9D2BEF909}] => (Allow) C:\Program Files\IQIYI Video\LStyle\GeePlayer.exe
FirewallRules: [{1034DC4D-0A65-4155-ABF2-C519D0BBBCC3}] => (Allow) C:\Program Files\IQIYI Video\Common\HCDNClient.exe
FirewallRules: [{BB45127A-0D3F-41CA-BB00-AF1499A4A532}] => (Allow) C:\Program Files\IQIYI Video\LStyle\MobProtect.exe
FirewallRules: [{42E6AB78-BB21-4A25-A358-969A98773F10}] => (Allow) C:\Program Files\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{457BE3BC-45C2-43BF-92C4-A63926B6F400}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{74CCFA93-3F0C-4B6D-9E19-C395A3CCD39B}] => (Allow) C:\Program Files\IQIYI Video\PStyle\QyPlayer.exe
FirewallRules: [{CE6D6B2E-D1C3-4798-9F72-2352B9329000}] => (Allow) C:\Program Files\IQIYI Video\PStyle\QyClient.exe
FirewallRules: [{C27B94DD-A17F-48D7-BE12-36FF68129551}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{152BE9D1-D8D9-44E4-8394-6A84E0AB4E00}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{F27F0C90-1515-4ADE-B6B8-98A36941C0E0}] => (Allow) C:\Program Files\IQIYI Video\LStyle\GeePlayer.exe
FirewallRules: [{64BF3B03-6F9A-447B-8C1F-DBF87E34871A}] => (Allow) C:\Users\mnar\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{2EB5C99F-9BDC-431F-9BF9-DB41544E76CE}] => (Allow) C:\Program Files\IQIYI Video\Common\HCDNClient.exe
FirewallRules: [{F7DB6C4F-F5B6-4978-B54B-C38904135897}] => (Allow) C:\Program Files\IQIYI Video\LStyle\MobProtect.exe
FirewallRules: [{F5DD51A1-7B29-4C76-8B4F-D43852E15DC1}] => (Allow) C:\Program Files\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{8E91BF08-5CD1-4FED-8E56-117CC12A60E1}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{3D8D5D90-1761-4B01-97E6-42E9EBDFAB35}] => (Allow) C:\Users\mnar\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{85FA19B2-C12C-415F-8CC1-F6D9CDB8710E}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{371C07EB-A489-4834-B368-3747DF5C81A4}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{7190CB84-0B09-45E6-A8CC-A855D16224C4}] => (Allow) C:\Program Files\IQIYI Video\LStyle\GeePlayer.exe
FirewallRules: [{4005F575-3486-4888-ACC0-63877D357FE3}] => (Allow) C:\Program Files\IQIYI Video\Common\HCDNClient.exe
FirewallRules: [{E2F15313-1C20-41E4-AB03-E9B0A73276F5}] => (Allow) C:\Program Files\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{AACD0F98-4789-4D0D-89AE-D67A4E9C0E24}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [{04A56BCA-84B9-4932-9E60-FB88BE12FF53}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyClient.exe
FirewallRules: [{1C1F14ED-1A3D-41B6-AB19-70D07556B4A4}] => (Allow) C:\Users\mnar\AppData\Roaming\IQIYI Video\LStyle\QyUpdate.exe
FirewallRules: [{B0844B10-AB67-4739-B389-AAED9DEE033C}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyWebPlayer.exe
FirewallRules: [{E4E3BD48-912C-4CFB-BF21-E50CAC090232}] => (Allow) C:\Program Files\IQIYI Video\LStyle\GeePlayer.exe
FirewallRules: [{829FE858-2902-4500-81D5-15EF0FB57B93}] => (Allow) C:\Program Files\IQIYI Video\Common\HCDNClient.exe
FirewallRules: [{35C20745-F4B3-489E-B96F-25EF602DA338}] => (Allow) C:\Program Files\IQIYI Video\Common\QyKernel.exe
FirewallRules: [{70F29945-E7A1-479C-B5B9-8BBBA40E5D54}] => (Allow) C:\Program Files\IQIYI Video\LStyle\QyPlayer.exe
FirewallRules: [TCP Query User{DE5A679A-85DB-4CBD-B2F1-C70ED9F176AA}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{56D89D6C-41F6-43A7-92A3-9823D6167585}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{221A3E23-8D7D-42A3-ABBC-04F3EF2155BE}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [] =>
DomainProfile\AuthorizedApplications: [C:\Program Files\Vongo\VongoService.exe] => enabled:VongoService
StandardProfile\AuthorizedApplications: [C:\Program Files\EarthLink TotalAccess\TaskPanl.exe] => Enabled:Earthlink
==================== Faulty Device Manager Devices =============
Name: Officejet J4680 series
Description: Officejet J4680 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: HP Color LaserJet 3600
Description: HP Color LaserJet 3600
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Officejet J4680 series
Description: Officejet J4680 series
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/10/2015 04:28:56 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x000002a4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,0249F45C.64). hr = 0x80070005.
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x00000bf0,(null),0,REG_BINARY,07E1EF40.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Writer Name: MSSearch Service Writer
Writer Instance ID: {795879d2-8445-44bc-92f9-2fb708b6e94f}
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x00000bf0,(null),0,REG_BINARY,07E1EF2C.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Writer Name: MSSearch Service Writer
Writer Instance ID: {795879d2-8445-44bc-92f9-2fb708b6e94f}
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x000008b0,(null),0,REG_BINARY,0341F208.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Writer Name: WMI Writer
Writer Instance ID: {01dc3d9d-7f78-4c48-a945-f4f022513753}
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x0000025c,(null),0,REG_BINARY,0469EE18.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {4a1feccc-70e1-49d5-9fa7-445f2c3c59cf}
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x00000204,SYSTEM\CurrentControlSet\Services\VSS\Diag\Shadow Copy Optimization Writer,0,REG_BINARY,0393F738.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: {881fb36c-26a3-4e92-bbe3-fc9abd90251f}
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x000008b0,(null),0,REG_BINARY,0341F1F4.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Writer Name: WMI Writer
Writer Instance ID: {01dc3d9d-7f78-4c48-a945-f4f022513753}
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x0000025c,(null),0,REG_BINARY,0469EE04.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {4a1feccc-70e1-49d5-9fa7-445f2c3c59cf}
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x00000208,SYSTEM\CurrentControlSet\Services\VSS\Diag\ASR Writer,0,REG_BINARY,01D1F388.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {be000cbe-11fe-4426-9c58-531aa6355fc4}
Writer Name: ASR Writer
Writer Instance ID: {26d7c549-6e4b-4c91-9a71-a05dc6e83108}
Error: (10/10/2015 04:28:55 PM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error RegSetValueExW(0x000001ec,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,036FF7F8.64). hr = 0x80070005.
Operation:
BackupShutdown Event
Context:
Execution Context: Writer
Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Writer Name: COM+ REGDB Writer
Writer Instance ID: {2d4bc014-2a43-49ce-a130-adc9418edbf9}
System errors:
=============
Error: (10/10/2015 04:55:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Intuit Update Service v4%%1053
Error: (10/10/2015 04:55:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Intuit Update Service v4
Error: (10/10/2015 04:53:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86
Error: (10/10/2015 04:53:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Windows Media Player Network Sharing Service%%1053
Error: (10/10/2015 04:53:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000Windows Media Player Network Sharing Service
Error: (10/10/2015 04:52:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (10/10/2015 04:51:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (10/10/2015 04:48:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: C:\Windows\System32\bcmihvsrv.dll
Error: (10/10/2015 04:48:14 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: C:\Windows\System32\bcmihvsrv.dll
Error: (10/10/2015 04:47:48 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: C:\Windows\System32\bcmihvsrv.dll
CodeIntegrity:
===================================
Date: 2015-10-10 17:09:50.806
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:09:49.465
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:09:48.071
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:09:46.750
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:09:44.833
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:09:43.522
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:09:42.219
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:09:40.843
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:08:21.266
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-10-10 17:08:19.825
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\WINDOWS\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Turion 64 X2 Mobile Technology TL-60
Percentage of memory in use: 62%
Total physical RAM: 1982.18 MB
Available physical RAM: 750 MB
Total Virtual: 4208.88 MB
Available Virtual: 2786.42 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:220.95 GB) (Free:114.16 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.93 GB) (Free:0.61 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DWA-642) (CDROM) (Total:0.06 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: BE132B4A)
Partition 1: (Active) - (Size=220.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=11.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================