Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015 Ran by Jake at 2015-07-20 21:37:18 Running from C:\Users\Jake\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2198554369-2153825703-4119062414-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-2198554369-2153825703-4119062414-503 - Limited - Disabled) Guest (S-1-5-21-2198554369-2153825703-4119062414-501 - Limited - Disabled) Jake (S-1-5-21-2198554369-2153825703-4119062414-1000 - Administrator - Enabled) => C:\Users\Jake ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies) AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6086 - AVG Technologies) Hidden Back to the Future: Ep 1 - It's About Time (HKLM-x32\...\Steam App 31290) (Version: - Telltale Games) Back to the Future: Ep 2 - Get Tannen! (HKLM-x32\...\Steam App 94500) (Version: - Telltale Games) Back to the Future: Ep 3 - Citizen Brown (HKLM-x32\...\Steam App 94510) (Version: - Telltale Games) Back to the Future: Ep 4 - Double Visions (HKLM-x32\...\Steam App 94520) (Version: - Telltale Games) Back to the Future: Ep 5 - OUTATIME (HKLM-x32\...\Steam App 94530) (Version: - Telltale Games) BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands (HKLM-x32\...\Steam App 8980) (Version: - Gearbox Software) Chivalry BETA (HKLM-x32\...\Steam App 232210) (Version: - ) Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) Cyberduck 4.7 (17432) (HKLM-x32\...\Cyberduck) (Version: 4.7 (17432) - ) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland) Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team) Dropbox (HKU\S-1-5-21-2198554369-2153825703-4119062414-1000\...\Dropbox) (Version: 3.6.8 - Dropbox, Inc.) Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) FaceRig (HKLM-x32\...\Steam App 274920) (Version: - Holotech Studios) FINAL FANTASY VII (HKLM-x32\...\Steam App 39140) (Version: - Square Enix) Fraps (HKLM-x32\...\Fraps) (Version: - ) Free Audio Converter version 5.0.58.415 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.58.415 - DVDVideoSoft Ltd.) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.) Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version: - Rockstar North / Toronto) Half-Life (HKLM-x32\...\Steam App 70) (Version: - Valve) Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve) Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version: - Valve) Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve) Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve) Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version: - Valve) Half-Life Deathmatch: Source (HKLM-x32\...\Steam App 360) (Version: - Valve) Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version: - Gearbox Software) Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version: - Gearbox Software) Half-Life: Source (HKLM-x32\...\Steam App 280) (Version: - Valve) Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation) iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.) Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios) Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - Avalanche Studios) Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) LEGO® Jurassic World (HKLM-x32\...\Steam App 352400) (Version: - TT Games Ltd) LIMBO (HKLM-x32\...\Steam App 48000) (Version: - Playdead) Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - Klei Entertainment) MAYFLASH GameCube Controller Adapter (HKLM-x32\...\{FEF678F8-4BD4-4692-8288-6CAFFDFD7739}) (Version: 3.85 - MAYFLASH) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version: - DICE) MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee) MorphVOX Pro (HKLM-x32\...\{be1439f4-6c0a-4963-82c8-36f123182357}) (Version: 4.4.26.28472 - Screaming Bee) MorphVOX Pro (x32 Version: 4.4.26.28472 - Screaming Bee) Hidden Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.4 - Mozilla) Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.11.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.11.45 - NVIDIA Corporation) NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Portal (HKLM-x32\...\Steam App 400) (Version: - Valve) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software) Python 2.7 pygame-1.9.1 (HKLM-x32\...\{5D13804A-67B7-49DA-9B15-65B70A83B9C3}) (Version: 1.9.1 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...) Python 2.7.9 (HKLM-x32\...\{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) ShareX 10.0.0 (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 10.0.0 - ShareX Developers) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.11.45 - NVIDIA Corporation) Hidden Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details) South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment) Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - Keen Software House) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version: - Valve) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) Unity Web Player (HKU\S-1-5-21-2198554369-2153825703-4119062414-1000\...\UnityWebPlayer) (Version: 5.0.0f4 - Unity Technologies ApS) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version: - VB-Audio Software) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) WebM Project Directshow Filters (HKU\S-1-5-21-2198554369-2153825703-4119062414-1000\...\webmdshow) (Version: - ) WinImage (HKU\S-1-5-21-2198554369-2153825703-4119062414-1000\...\WinImage) (Version: - ) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Jake\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_2\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2198554369-2153825703-4119062414-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jake\AppData\Roaming\Dropbox\bin\DropboxExt64.26.dll (Dropbox, Inc.) ==================== Restore Points ========================= 20-07-2015 13:16:39 Installed DirectX 20-07-2015 19:06:42 Malwarebytes Anti-Rootkit Restore Point ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-03-14 04:58 - 2015-03-14 04:57 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00EEBA9C-F9EF-4272-B793-C830FBADD359} - System32\Tasks\Microsoft\Windows\ApplicationData\DsSvcCleanup => C:\Windows\system32\dstokenclean.exe [2015-07-10] (Microsoft Corporation) Task: {0CCA7916-2916-4F12-BD32-1E3BE31E1269} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Device-Join => C:\Windows\System32\dsregcmd.exe [2015-07-10] (Microsoft Corporation) Task: {122C0EC3-566D-46AA-8F61-A4734AF721C6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2198554369-2153825703-4119062414-1000Core => C:\Users\Jake\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {1641F54C-1E57-4902-AB65-EE2B65E5629D} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Schedule Scan => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {19865544-CE08-40BE-8B8C-87C47681433D} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sihboot => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {1D3D099E-EE1E-4907-8BA2-BA8F12D11AA6} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe [2015-07-10] (Microsoft Corporation) Task: {1D958E91-DB62-4AB8-B11D-122F8CEB127A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation) Task: {263A38F3-2587-4EA2-85E8-317F720342C3} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_RebootDisplay => C:\windows\system32\MusNotification.exe [2015-07-18] (Microsoft Corporation) Task: {2C97A00A-1C5C-4318-B5CC-8A1A126B77F9} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\KeyPreGenTask Task: {36133346-4298-4A7E-82FD-9CB8D09C2E60} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation) Task: {3F6E048D-6404-433B-8F5F-CFF4D89BF89E} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Rundll32.exe generaltel.dll,RunTelemetryW Task: {41160EA0-208B-4C3E-B4DB-805BBABC6B93} - System32\Tasks\Microsoft\Windows\Feedback\Siuf\DmClient => C:\Windows\system32\dmclient.exe [2015-07-10] (Microsoft Corporation) Task: {4454A8D0-2E4E-4A02-BF67-48DF6A7BFAB4} - System32\Tasks\Microsoft\Windows\Maps\MapsUpdateTask Task: {4C3E505D-6508-4E6D-9005-51A5D293C66A} - System32\Tasks\Microsoft\Windows\ContextManager\Triggers => C:\Windows\system32\ContextManagerNotificationHandler.exe Task: {4FF57477-21B5-4D6F-AE3A-953CD2976FBC} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated) Task: {537D7B0E-9CAA-4BF6-AB87-93F91B231A12} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe Task: {541D23F7-FE98-4D58-BF6B-91327E6ACE12} - System32\Tasks\Web Tool Runner => %LOCALAPPDATA%\8C4C9402-DF9F-874C-9ABE-EB0D1C07D2EB\Runner.exe <==== ATTENTION Task: {57C83D63-8F86-48A1-BB19-DCED6A7D7148} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.) Task: {5ACAB365-3176-4648-8FAF-B25C3060DDCA} - System32\Tasks\Microsoft\Windows\ContextManager\Logon => C:\Windows\system32\ContextManagerNotificationHandler.exe Task: {5E5515C1-7D87-4904-B9CE-FD29EB2ADB72} - System32\Tasks\Microsoft\Windows\Sysmain\ResPriStaticDbSync Task: {611C823C-437B-46E7-9683-5312DFFCFD7B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Policy Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {6568C3EC-1BAC-43E7-A729-E248F3923993} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_WnfDisplay => C:\windows\system32\MusNotification.exe [2015-07-18] (Microsoft Corporation) Task: {6698CC48-67E0-4E80-B1A1-AB42AE5C474A} - \SPBIW_UpdateTask_Time_323739303331323235332d23787845322a5b3434322d57 No Task File <==== ATTENTION Task: {6A9651DD-66BD-41F3-9688-73D8BE9F2DAD} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\HypervisorFlightingTask Task: {711EE2F9-A611-4773-AF8E-D4B278A6718D} - System32\Tasks\Microsoft\Windows\CertificateServicesClient\AikCertEnrollTask Task: {72D891C4-9C6B-4B0F-AAC0-B9405948C2E2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-11] (Microsoft Corporation) Task: {73551810-E5F4-433E-9494-0D00B55C855E} - System32\Tasks\Microsoft\Windows\Maps\MapsToastTask Task: {744C9FEA-08B7-43E1-A729-0F94647D655C} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Resume On Boot => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {78B77FA3-9D97-441D-97B6-68CEA40B4F74} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe generaltel.dll,RunTelemetry -maintenance Task: {79D7FFDB-884D-4ECA-A957-7FE0C7A6B0AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.) Task: {7A003965-A297-4DC6-B15B-852D798391E0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot => C:\Windows\system32\MusNotification.exe [2015-07-18] (Microsoft Corporation) Task: {7D93F9DC-7B87-4D64-BB4F-63CDF7740712} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_WnfDisplay => C:\windows\system32\MusNotification.exe [2015-07-18] (Microsoft Corporation) Task: {7FC3AF38-DBC0-4F67-8B31-D53E5AE180B4} - \XAICXPTSEGPAGIMB No Task File <==== ATTENTION Task: {83AC05D1-53B1-4572-AE28-6C60B60F7EC7} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-10] (Microsoft Corporation) Task: {848DCC36-520C-4946-BF68-C7EFFEFA2F84} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_ReadyToReboot => C:\windows\system32\MusNotification.exe [2015-07-18] (Microsoft Corporation) Task: {862A9EC0-CFFA-427C-A696-6EDD4B394D15} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-14] (Adobe Systems Incorporated) Task: {898B624E-881B-4F73-AA8C-DEA9C174140B} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Update_RebootLogon => C:\WINDOWS\system32\MusNotification.exe [2015-07-18] (Microsoft Corporation) Task: {8DF84CB3-D8E0-4307-A35B-CA74E21786DB} - System32\Tasks\Microsoft\Windows\Clip\License Validation => C:\Windows\system32\ClipUp.exe [2015-07-18] (Microsoft Corporation) Task: {9CBBA7FD-5288-4AA0-9632-0466B28B0748} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2198554369-2153825703-4119062414-1000UA => C:\Users\Jake\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-13] (Dropbox, Inc.) Task: {9DD5FD49-6D9C-4C45-8A9B-D7C12507DAE7} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe Task: {A244FF79-8619-437F-A180-FB01B8460504} - System32\Tasks\Microsoft\Windows\User Data Service\Unistore Logon => C:\Windows\System32\UnistackSvcWrapper.exe Task: {A364E297-00AD-490D-900E-22AC34598C71} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Maintenance Install => C:\Windows\system32\usoclient.exe [2015-07-10] (Microsoft Corporation) Task: {A5033E19-CAC0-4B46-A53E-AB4E932A5547} - System32\Tasks\{16B2508B-F993-4687-8910-3368967E2D6E} => pcalua.exe -a "C:\ProgramData\Package Cache\{be1439f4-6c0a-4963-82c8-36f123182357}\setup.exe" -c /uninstall Task: {A5B6CD85-1B57-49B9-BA80-5D5D65F02826} - System32\Tasks\Microsoft\Windows\AppID\EDP Policy Manager Task: {A9EB41F5-CB86-4FBA-BA8B-E861A38F7DF6} - System32\Tasks\Microsoft\Windows\Service Configuration\ConfigurationClient Task: {AC29E64E-3271-47BA-B8F1-914523CF379B} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Automatic App Update Task: {AD7FC627-F8F9-4032-907C-AC0B3CD3EEA3} - \Fsijlohoguasn No Task File <==== ATTENTION Task: {B9B36D41-C776-424E-9A13-5387E17A2CEB} - System32\Tasks\Microsoft\Windows\WCM\WiFiTask => C:\Windows\System32\WiFiTask.exe [2015-07-10] (Microsoft Corporation) Task: {C2162702-FFEB-48C0-AA5F-2DA3A8887D61} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Installation Task: {C407AAB9-4794-4684-9BF4-CE77B0517D4D} - System32\Tasks\Microsoft\Windows\Maintenance\Web Tool Updater => %LOCALAPPDATA%\8C4C9402-DF9F-874C-9ABE-EB0D1C07D2EB\Runner.exe <==== ATTENTION Task: {C56AFFD3-06B8-4A16-AF7E-F7A6EB3FAE9E} - System32\Tasks\Microsoft\Windows\TPM\Tpm-HASCertRetr Task: {C5EE2EA2-5312-4D1F-B9D0-41B18DF31B78} - System32\Tasks\Microsoft\Windows\WindowsUpdate\sih => C:\Windows\System32\sihclient.exe [2015-07-10] (Microsoft Corporation) Task: {C7A236B2-12E1-46DC-9501-3B1B0209CC09} - System32\Tasks\Microsoft\Windows\Location\WindowsActionDialog => C:\Windows\System32\WindowsActionDialog.exe [2015-07-10] (Microsoft Corporation) Task: {C8A23626-DD41-41B0-A459-63AF15ABC8AE} - System32\Tasks\Microsoft\Windows\NetworkDriverPlatform\TelemetryGatherer => C:\Windows\system32\NetCfgDiagnostics.exe Task: {CF07313A-909D-4388-9963-68634BD235E7} - \SpeechRuntimeTask No Task File <==== ATTENTION Task: {D2401052-A382-42DE-9C79-D1CF3563F654} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\Uninstallation Task: {DAF2BAE3-1C5B-4CB5-9F62-0911C031A15A} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics => C:\Windows\system32\disksnapshot.exe [2015-07-10] (Microsoft Corporation) Task: {DEDBE9F6-4B19-42D1-9188-513DBD32A5B7} - System32\Tasks\GoogleUpdateTaskMachineCore1d08f46d34aee8f => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-25] (Google Inc.) Task: {EA3F661E-B31C-44A9-B40C-E3D5D56149D4} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker_Display => C:\windows\system32\MusNotification.exe [2015-07-18] (Microsoft Corporation) Task: {FDDBCC9C-C729-462D-882C-917EB93622D9} - System32\Tasks\Microsoft\Windows\RetailDemo\CleanupOfflineContent Task: {FF38C9F9-272A-47C8-A8D1-AE96A9B2B852} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => 0x000A01008BBACC011D4E1746875E5E00F10617AB4600D400000000003C000A00200000000014730F000000000513040020200401000000000000000000000000000000000000180043003A005C00570049004E0044004F00570053005C006500780070006C006F007200650072002E0065007800650000000C002F004E004F0055004100430043004800450043004B000000000018004500780070006C006F007200650072005300680065006C006C0055006E0065006C00650076006100740065006400000000000000080003130400000000000000 Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2198554369-2153825703-4119062414-1000Core.job => C:\Users\Jake\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2198554369-2153825703-4119062414-1000UA.job => C:\Users\Jake\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => 0x000A0100D43306092C412447A1CEF8C8E8AC64A246004403000000003C000A0020000000FFFFFFFF000000000013040000008021DF0707000100140015001B000B00B3000000360043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0047006F006F0067006C0065005C005500700064006100740065005C0047006F006F0067006C0065005500700064006100740065002E00650078006500000003002F006300000000001B0057004F0052004B00470052004F00550050005C00570049004E002D0030003800530043003800500045004F0036004D004C002400000020014B006500650070007300200079006F0075007200200047006F006F0067006C006500200073006F00660074007700610072006500200075007000200074006F00200064006100740065002E002000490066002000740068006900730020007400610073006B002000690073002000640069007300610062006C006500640020006F0072002000730074006F0070007000650064002C00200079006F0075007200200047006F006F0067006C006500200073006F006600740077006100720065002000770069006C006C0020006E006F00740020006200650020006B00650070007400200075007000200074006F00200064006100740065002C0020006D00650061006E0069006E0067002000730065006300750072006900740079002000760075006C006E00650072006100620069006C00690074006900650073002000740068006100740020006D00610079002000610072006900730065002000630061006E006E006F007400200062006500200066006900780065006400200061006E00640020006600650061007400750072006500730020006D006100790020006E006F007400200077006F0072006B002E002000540068006900730020007400610073006B00200075006E0069006E007300740061006C006C007300200069007400730065006C00660020007700680065006E0020007400680065007200650020006900730020006E006F00200047006F006F0067006C006500200073006F0066007400770061007200650020007500730069006E0067002000690074002E000000000008000000000000000000020030000000CF0701000100000000000000000000000000000000000000000000000700000001000000000000000000000030000100DF0705000F000000000000000F002C0000000000000000000000000001000000010000000000000000000000 Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08f46d34aee8f.job => 0x000A010065910FD4DD5E1749A2F6C823F0A151F346004403000000003C000A0020000000FEFFFFFF000000000013040000008021DF0707000100140015001B000B00C3000000360043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0047006F006F0067006C0065005C005500700064006100740065005C0047006F006F0067006C0065005500700064006100740065002E00650078006500000003002F006300000000001B0057004F0052004B00470052004F00550050005C00570049004E002D0030003800530043003800500045004F0036004D004C002400000020014B006500650070007300200079006F0075007200200047006F006F0067006C006500200073006F00660074007700610072006500200075007000200074006F00200064006100740065002E002000490066002000740068006900730020007400610073006B002000690073002000640069007300610062006C006500640020006F0072002000730074006F0070007000650064002C00200079006F0075007200200047006F006F0067006C006500200073006F006600740077006100720065002000770069006C006C0020006E006F00740020006200650020006B00650070007400200075007000200074006F00200064006100740065002C0020006D00650061006E0069006E0067002000730065006300750072006900740079002000760075006C006E00650072006100620069006C00690074006900650073002000740068006100740020006D00610079002000610072006900730065002000630061006E006E006F007400200062006500200066006900780065006400200061006E00640020006600650061007400750072006500730020006D006100790020006E006F007400200077006F0072006B002E002000540068006900730020007400610073006B00200075006E0069006E007300740061006C006C007300200069007400730065006C00660020007700680065006E0020007400680065007200650020006900730020006E006F00200047006F006F0067006C006500200073006F0066007400770061007200650020007500730069006E0067002000690074002E000000000008000000000000000000020030000000CF0701000100000000000000000000000000000000000000000000000700000001000000000000000000000030000100DF070700100000000000000002002C0000000000000000000000000001000000010000000000000000000000 Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\XAICXPTSEGPAGIMB.job => 0x000A0100ED60A1074E47F042BE1CAC284597817C46001201000000003C000A0020000000FEFFFFFF020007800113040000268021DF0707000100140015001B000B00C30001002B0043003A005C00500072006F006700720061006D0044006100740061005C00530065007200760069006300650031003200390031005C00530065007200760069006300650031003200390031002E00650078006500000000001B0043003A005C00500072006F006700720061006D0044006100740061005C005300650072007600690063006500310032003900310000001500570049004E002D0030003800530043003800500045004F0036004D004C005C004A0061006B00650000000000000008000000000000000000020030000000DF0707001100000000000000000000000000000000000000000000000700000001000000000000000000000030000100DF070700110000000000000012000D00A0050000B40000000000000001000000010000000000000000000000 ==================== Loaded Modules (Whitelisted) ============== 2015-07-18 23:31 - 2015-07-18 23:31 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-07-18 19:41 - 2015-07-08 19:27 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-07-18 23:31 - 2015-07-18 23:31 - 00403968 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-07-18 23:31 - 2015-07-18 23:31 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-07-18 23:31 - 2015-07-18 23:31 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-04-15 16:13 - 2015-04-15 16:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-07-18 23:31 - 2015-07-18 23:31 - 06579712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 07:00 - 2015-07-10 09:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-07-18 23:31 - 2015-07-18 23:31 - 01806848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-07-18 23:31 - 2015-07-18 23:31 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-13 16:35 - 2015-06-13 16:35 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-07-10 06:59 - 2015-07-10 06:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-04-03 10:42 - 2015-07-14 15:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-03-27 20:33 - 2015-07-03 12:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-03-27 20:33 - 2015-07-03 12:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-03-27 20:33 - 2015-07-20 16:55 - 02410176 _____ () C:\Program Files (x86)\Steam\video.dll 2015-03-27 20:33 - 2015-07-03 12:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-03-27 20:33 - 2015-07-03 12:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-03-27 20:33 - 2014-12-01 17:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-03-27 20:33 - 2014-12-01 17:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-03-27 20:33 - 2014-12-01 17:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-03-27 20:33 - 2014-12-01 17:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-03-27 20:33 - 2014-12-01 17:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-03-27 20:33 - 2015-07-20 16:55 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-07-06 17:49 - 2015-07-07 16:41 - 00169984 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-05-21 16:31 - 2015-05-21 16:31 - 00045568 _____ () C:\Program Files (x86)\Steam\steamapps\common\FaceRig\Bin\FaceRigVirtualCam32.ax 2015-07-20 21:28 - 2015-07-20 21:28 - 00043008 _____ () c:\users\jake\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp1dt36i.dll 2015-03-04 17:45 - 2015-03-19 03:15 - 00750080 _____ () C:\Users\Jake\AppData\Roaming\Dropbox\bin\libGLESv2.dll 2015-03-04 17:45 - 2015-03-19 03:15 - 00047616 _____ () C:\Users\Jake\AppData\Roaming\Dropbox\bin\libEGL.dll 2015-03-04 17:45 - 2015-03-19 03:15 - 00865280 _____ () C:\Users\Jake\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll 2015-03-04 17:45 - 2015-03-19 03:15 - 00200704 _____ () C:\Users\Jake\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll 2015-03-04 17:45 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Jake\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-03-04 17:45 - 2015-03-19 03:15 - 00726016 _____ () C:\Users\Jake\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-03-04 17:45 - 2015-03-19 03:15 - 00010240 _____ () C:\Users\Jake\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2015-07-20 21:27 - 2015-07-20 21:27 - 00098816 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32api.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00110080 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\pywintypes27.dll 2015-07-20 21:27 - 2015-07-20 21:27 - 00364544 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\pythoncom27.dll 2015-07-20 21:27 - 2015-07-20 21:27 - 00045568 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\_socket.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 01161216 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\_ssl.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00320512 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32com.shell.shell.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00713216 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\_hashlib.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 01175040 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\wx._core_.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00805888 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\wx._gdi_.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00811008 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\wx._windows_.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 01062400 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\wx._controls_.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00735232 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\wx._misc_.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00682496 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\pysqlite2._sqlite.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00087552 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\_ctypes.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00119808 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32file.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00108544 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32security.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00007168 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\hashobjs_ext.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00068096 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\usb_ext.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00167936 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32gui.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00018432 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32event.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00128512 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\_elementtree.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00127488 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\pyexpat.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00013824 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\common.time34.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00036864 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\_psutil_windows.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00038912 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32inet.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00011264 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32crypt.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00070656 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\wx._html2.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00027136 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\_multiprocessing.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00020480 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\_yappi.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00035840 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32process.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00686080 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\unicodedata.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00122368 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\wx._wizard.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00024064 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32pipe.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00010240 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\select.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00025600 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32pdh.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00525640 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\windows._lib_cacheinvalidation.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00017408 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32profile.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00022528 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\win32ts.pyd 2015-07-20 21:27 - 2015-07-20 21:27 - 00078336 _____ () C:\Users\Jake\AppData\Local\Temp\_MEI43082\wx._animate.pyd 2015-03-27 20:33 - 2015-07-03 12:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-07-20 20:43 - 2015-07-13 17:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll 2015-07-20 20:43 - 2015-07-13 17:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Jake\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ahcache.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CoreMessagingRegistrar => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\StateRepository => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TileDataModelSvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UserManager => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2198554369-2153825703-4119062414-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jake\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\soul eater.png DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: lfsvc => 3 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe FirewallRules: [{3C14FF71-5D4D-4313-BEB7-D18B481ADA13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{68F63B62-0F05-4118-B3E3-62DC3A4F8A8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C863A024-E743-476C-A659-771C5AF6D19A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{AAC40C07-4964-4DB3-8129-6B6ABAB5DFED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{8A0E46C2-280F-46B3-BABE-EB4A09CE75E3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{1CC894C6-5A8C-4861-BAAD-3FCB67392EE1}] => (Allow) C:\Users\Jake\AppData\Roaming\TWV\upd.exe FirewallRules: [{E95D9F1C-9BFD-40C3-AC53-068DEBA74DD0}] => (Allow) C:\Users\Jake\AppData\Roaming\TWV\TWV.exe FirewallRules: [{B8013572-49AC-4DB8-9F4A-F49DEC5262A7}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{8DD9E330-FC8D-4727-8512-595C959CDEE4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{573D4720-DB65-4E12-9A5C-D59A9AA924AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{3C7874D6-15E6-42D3-83B3-7FF8C95FCAA9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2F6BEB7A-C5BF-4F17-9AB8-9CBD7B6684CC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2A18E5B6-4E3F-4659-8907-D717E01415D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [{CA999A5C-63CD-4A63-82AF-10C0F9D1877F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [{B11FEA15-9A33-44CA-9224-6618A0C2F5D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{866074D2-2823-48FE-81E7-E0D9F0F6E8B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{11891BF2-8E3A-4D87-9631-8FE007BEDDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe FirewallRules: [{8A07027D-DBA4-42DE-9952-C3B04109EECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe FirewallRules: [{B8A7B5DA-4D15-4E5A-A096-C350772DA760}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe FirewallRules: [{88871CC4-9EE9-427C-A01F-201877DB5B60}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe FirewallRules: [{B14974E6-9B4A-458C-9C57-4333EEAB4917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{EF46EB88-0882-4719-AD52-73C6DDEA7E73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{D5808786-C2BB-49B5-B77C-6BB4E2AE1751}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{4852F0DF-BE08-4012-ACF0-CCB78AD3F3C6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{6E7AD943-F54A-42D5-844A-3B668A0F4F18}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{CF24977D-A094-4DC1-9D77-BB355A79B2FE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{39558B65-E0C2-478A-BE57-3219ACA837CC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{76B8B60B-08E1-49FB-8235-216CCC9C011D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{D2AA069B-4482-4D2A-B680-5FAFC6E07FB5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{A1D0D706-1ED4-49A8-B376-C651056C9912}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{7C2D2356-1BE9-42FF-A9E6-AD0532E09D98}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5A163D81-4CC2-4165-BDA9-D74DC5C60B50}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AA462276-ADDD-4AD1-8FCC-C1F12EF540B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{F147AAD7-BBCA-471B-B17B-DB7F5C3C216A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{29EC83B8-87C4-416B-9136-260FC78745A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{824949C0-E0EC-45FF-9810-50ECBE461593}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{C1214E76-37F1-407B-B23F-6A9CD2D2ABF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{B55C1341-24E7-4A7D-8803-7ADE1CED8680}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{289B202F-C9F2-4B88-A2D5-A8105369CA40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{9A127E0F-A16A-467C-9C57-CAC1E60FD3B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{718668D2-C2A7-4CFC-9E3E-36AD9EF2A9BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{B48DC383-AC81-488F-9684-5EFC2118B192}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{B62DC52E-E737-43E1-A036-B80C96B82A7B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{B3651A77-0CBE-43E6-BAF2-9B9C5C0DD166}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life\hl.exe FirewallRules: [{E18E59DD-65B7-4738-8286-D3D20D7BC2FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe FirewallRules: [{3BD0AAE5-9FD9-4E97-8436-DA37F3CB46B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2 Deathmatch\hl2.exe FirewallRules: [{729AD358-9BCC-4596-AA35-9A80B27B4210}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 1 Source Deathmatch\hl2.exe FirewallRules: [{5F2BB729-F934-426E-A182-90EBD33A17F5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 1 Source Deathmatch\hl2.exe FirewallRules: [{967EEE97-B0E6-4929-89B7-3249DC0A00AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe FirewallRules: [{9C06AC81-9618-4A36-B664-42BCAEBF4A1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal\hl2.exe FirewallRules: [{7207B2A5-0AE1-4B52-9D8B-0E919C118006}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe FirewallRules: [{43292124-EC4D-4889-9FA4-B685C419C91D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal 2\portal2.exe FirewallRules: [{042994B9-E3E5-4CDB-9665-98E75A366F91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe FirewallRules: [{E88A675D-07C4-44FC-8DD7-F7558335F490}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\left 4 dead\left4dead.exe FirewallRules: [{0A7756F7-1E29-4622-8D39-3323645DB9F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{3BC068FF-A24A-482A-9E62-8BD0521DC765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{DFC5F0F5-7E8C-4EF8-9E62-EEF2FC1AE5FF}] => (Allow) C:\Users\Jake\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{22EAFEB9-38DD-4065-A3C8-382F862743AD}] => (Allow) C:\Users\Jake\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{DF14C15B-2538-4A27-B14A-F24EACB20A49}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [UDP Query User{E2937487-5E08-428B-B787-21908459F749}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [{67B5DA96-D8C6-43E4-8B8F-C8C2A9184448}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{80DF2987-211E-49A9-8127-2EA90FE0534D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{93876504-7069-4B46-A7C4-F47E3F9984D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe FirewallRules: [{810CA5FA-7213-4336-AC1E-668360ABA60C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe FirewallRules: [TCP Query User{13A115A8-F04F-48D5-B177-503B301DD5B2}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D61E8AA4-3FA8-40E9-A71F-AA0D1E9373DA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{A51FDF98-3B1F-4E18-97F6-D287C4F198E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{B1FA274D-646A-4118-82FD-4D3014CCDABA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{FF6F8D84-1697-4B14-A68A-2B48E7B52A96}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{CE88E009-F054-495A-8AEB-2FC5D3DD9176}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{83676DB9-60D8-409B-BF44-634A5BF4A711}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe FirewallRules: [{8F43C63C-3743-49AE-9EC1-E33FD295452C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe FirewallRules: [{9DA2D7E8-A93D-4D94-8FC9-683869D2414F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [{5559C861-AAB4-42E5-95EC-10A41A1E38BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [TCP Query User{C5C4730C-EC01-4A95-9C21-29FEFD36EB4A}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe FirewallRules: [UDP Query User{E8C2C2EC-A7FF-48F8-85B7-117B485EC42E}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe FirewallRules: [{154DBFE6-0F7D-4870-AA96-4334FF878A09}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe FirewallRules: [{A728BD28-3BA3-443A-AF71-E3F18BCB1712}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe FirewallRules: [{12D8B8BE-6E2A-4956-90C5-A983261A7EC8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FaceRig\Bin\Launcher.exe FirewallRules: [{9F5B7DAE-A760-4763-8855-DE9C01BA861C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FaceRig\Bin\Launcher.exe FirewallRules: [{50F8399A-B73E-4236-B695-BFAF55642AFA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FaceRig\Bin\FaceRig.exe FirewallRules: [{DAE78C21-00F6-426C-B881-55E88A10A6F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FaceRig\Bin\FaceRig.exe FirewallRules: [{DB55B76D-D48C-4B49-9435-B6267C74130B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe FirewallRules: [{32875E31-8532-47B1-8513-23F7C80C231C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win64\CMW.exe FirewallRules: [{39ADCE48-3985-4EB0-802A-04DA0B7D777B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe FirewallRules: [{5E691196-86A3-47A8-B92C-341CB0BB7BCC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\Binaries\Win32\CMW.exe FirewallRules: [{01EFF90F-55ED-4A56-AB9A-96573DABB17D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe FirewallRules: [{D38474B2-F9C2-458A-B927-C4E38A3F973C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfarebeta\ChivLauncher.exe FirewallRules: [{5C9BBD0C-949F-4533-8ED1-5D3217FEEB18}] => (Allow) C:\Users\Jake\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2A4762A5-AF96-49FC-92DC-97FCA52916C4}] => (Allow) C:\Users\Jake\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8683F834-9EA6-4FC7-843C-CFB10115C35A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{86735A41-279E-4CEA-87B7-5DD2D7F67665}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{7D25EAF6-B61C-4CCA-B845-34F33B32E88C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{0209ADDB-0FF7-4507-BD6F-1B46AEE1C181}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{98454576-39EB-4ABC-9F6E-004B7522E39D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe FirewallRules: [{34190B38-5A40-4385-ACB6-5ED4A553C3FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future Ep 1\BackToTheFuture101.exe FirewallRules: [{76484923-DAA1-458F-9780-44EB904B1402}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future Ep 2\BackToTheFuture102.exe FirewallRules: [{85B12F30-31E7-4239-83FC-A1FC78DDF576}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future Ep 2\BackToTheFuture102.exe FirewallRules: [{68B80DA2-B68A-459B-9F78-1209600EC357}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future 103\BackToTheFuture103.exe FirewallRules: [{A63E014E-497F-45A0-B55A-4DAED5B52824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future 103\BackToTheFuture103.exe FirewallRules: [{7C829928-44EF-40DC-BB6E-803C7D6C265F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future 104\BackToTheFuture104.exe FirewallRules: [{0EC3B615-7D31-488D-8E6C-8E3FE32814BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future 104\BackToTheFuture104.exe FirewallRules: [{47BCA417-EF6C-4B05-BC18-FBCBFF79FEBA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future 105\BackToTheFuture105.exe FirewallRules: [{078AB094-E3CD-4C98-AF1D-31DE65E96E4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Back to the Future 105\BackToTheFuture105.exe FirewallRules: [{032B6970-433E-4460-B075-57F4F922C68C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{4A315AB6-D666-4004-97D4-1C74B81D6F79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{3D9BB419-08B2-465B-90DD-4B8585FD63B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe FirewallRules: [{F7A7DC5E-0C71-4423-A738-06025DD10C6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Borderlands\Binaries\Borderlands.exe FirewallRules: [{5AF01E0F-FBF6-4255-955B-7FB2B58A0E0B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe FirewallRules: [{E0E063D4-F424-4425-9A9E-CD20D5164DF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Limbo\limbo.exe FirewallRules: [{AACCAAE1-8ECB-4B70-9D79-5297AAA30F16}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [{46689A12-98C9-419C-B1B4-03C3B2BCDBF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mark_of_the_ninja\bin\game.exe FirewallRules: [{A44B69E0-679C-4708-86AC-65536D95E92C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe FirewallRules: [{C9E1BAFF-775D-49C2-9C98-0A04F431F346}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\mirrors edge\Binaries\MirrorsEdge.exe FirewallRules: [{887AC279-DB45-4690-9592-D85F91E80BE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{2E4DF9F6-84F8-4EA5-ABFF-AA15ECDEEBF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{A84093AC-B4BE-425E-BF09-255749EDF4A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\SonicGenerations.exe FirewallRules: [{5AF2475C-F8C5-4FB0-A93B-90F557FDF46A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\SonicGenerations.exe FirewallRules: [{08095C2C-E284-49B0-A4E8-07BDCC58C435}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\ConfigurationTool.exe FirewallRules: [{CD5AEDFE-027F-47BC-B689-039C72B55CA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sonic Generations\ConfigurationTool.exe FirewallRules: [{1B55CE68-C55F-405A-86AA-B796C4B4EA8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe FirewallRules: [{EAB47D5B-DC97-4865-95AD-83FFBDA82A74}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe FirewallRules: [{CC712B60-32B5-4503-8DB7-6260229DB7EE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe FirewallRules: [{360A8485-5AAD-47B9-9CC2-0642DBED0C8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\diriptide\DeadIslandGame_x86_rwdi.exe FirewallRules: [{DA6C9393-0644-4B76-A31E-091B74C2ECA4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{9CEE7F11-7507-49C8-A869-8377B64894CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{9FBB590D-0A37-45BD-AFCD-DCEF132C8053}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{0145BDDB-CEC7-4EB4-97E2-79FA7447DD18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{A8E40DEF-E5FC-48DA-9622-A2F95D9D2B9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe FirewallRules: [{7CE363FF-354D-4073-A006-5F4FCC3C2205}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FINAL FANTASY VII\FF7_Launcher.exe FirewallRules: [TCP Query User{361335C5-A46F-493B-846F-F96484115894}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{2A2A55F3-8FF6-4B77-9299-AA037582DB06}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{0EE59B44-E948-44AD-96A4-6C5839EBF29C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe FirewallRules: [{3E38771B-D93B-4151-B13F-94718D0DDFF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2 - Multiplayer Mod\JcmpLauncher.exe FirewallRules: [{81F2D461-C5BF-48FC-965E-CB4E017AE04C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe FirewallRules: [{C8CBA576-A173-443B-AF72-A233EA69E7D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe FirewallRules: [{D7656373-F725-405E-AD03-41AFD7229A6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe FirewallRules: [{E5D79669-B312-47F9-925F-2545BBCCEE6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe FirewallRules: [TCP Query User{9DA56ED7-5AAA-4F35-AAF8-7A7752092241}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe FirewallRules: [UDP Query User{2A15BFE7-929C-4D29-9F1C-205817A341EA}C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv episodes from liberty city\eflc\eflc.exe FirewallRules: [{A00F793B-F2FF-477E-9555-C49186D8A26B}] => (Allow) C:\Users\Jake\AppData\Local\BoBrowser\Application\bobrowser.exe FirewallRules: [{638C3710-5E34-457F-B906-ED4F500B4ED5}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{EAD5F317-196F-4441-9159-8325E663CD29}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe FirewallRules: [{EA2E11ED-FC0F-4AE7-8EBE-1E00F8804CCC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{B11D13D6-225F-4C08-AA5C-61365D64B62B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe FirewallRules: [{B31F0F3C-1202-40C0-A3B1-4FA8FEA2AAF2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{DE0F4CCA-BF8C-4572-BAA7-993BFEC7B9B0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{6E24B82D-306D-4EF0-9007-6B8BD5DF79FC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{FB5A1DB6-C2BB-49C8-B330-93CE045C4809}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe FirewallRules: [{1121BAD6-7237-4964-A441-788D062A88BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/20/2015 09:31:36 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (3968) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (07/20/2015 09:31:36 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (3968) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (07/20/2015 09:31:26 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (3968) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (07/20/2015 09:31:26 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (3968) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (07/20/2015 09:31:15 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (3968) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (07/20/2015 09:31:15 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (3968) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (07/20/2015 09:31:05 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (3968) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (07/20/2015 09:31:05 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (3968) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). Error: (07/20/2015 09:30:55 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost (3968) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (07/20/2015 09:30:55 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost (3968) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8). System errors: ============= Error: (07/20/2015 09:37:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Background Intelligent Transfer Service service terminated with the following service-specific error: %%2147942402 Error: (07/20/2015 09:37:09 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY) Description: The BITS service failed to start. Error 2147942402. Error: (07/20/2015 09:37:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (07/20/2015 09:35:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Background Intelligent Transfer Service service terminated with the following service-specific error: %%2147942402 Error: (07/20/2015 09:35:09 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY) Description: The BITS service failed to start. Error 2147942402. Error: (07/20/2015 09:35:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (07/20/2015 09:33:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Background Intelligent Transfer Service service terminated with the following service-specific error: %%2147942402 Error: (07/20/2015 09:33:09 PM) (Source: Microsoft-Windows-Bits-Client) (EventID: 16392) (User: NT AUTHORITY) Description: The BITS service failed to start. Error 2147942402. Error: (07/20/2015 09:33:09 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {4991D34B-80A1-4291-83B6-3328366B9097} Error: (07/20/2015 09:31:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Background Intelligent Transfer Service service terminated with the following service-specific error: %%2147942402 Microsoft Office: ========================= Error: (07/20/2015 09:31:36 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost3968-1032 Error: (07/20/2015 09:31:36 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost3968C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (07/20/2015 09:31:26 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost3968-1032 Error: (07/20/2015 09:31:26 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost3968C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (07/20/2015 09:31:15 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost3968-1032 Error: (07/20/2015 09:31:15 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost3968C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (07/20/2015 09:31:05 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost3968-1032 Error: (07/20/2015 09:31:05 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost3968C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied. Error: (07/20/2015 09:30:55 PM) (Source: ESENT) (EventID: 413) (User: ) Description: SettingSyncHost3968-1032 Error: (07/20/2015 09:30:55 PM) (Source: ESENT) (EventID: 488) (User: ) Description: SettingSyncHost3968C:\WINDOWS\system32\edbtmp.log-1032 (0xfffffbf8)5 (0x00000005)Access is denied. CodeIntegrity Errors: =================================== Date: 2015-07-20 20:33:36.097 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:33:36.086 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:33:36.060 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:33:36.050 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:33:36.037 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:33:26.304 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:33:24.100 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:33:20.521 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:33:20.499 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-07-20 20:32:52.529 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz Percentage of memory in use: 45% Total physical RAM: 6022.16 MB Available physical RAM: 3259.45 MB Total Virtual: 10118.16 MB Available Virtual: 7054.49 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:924.85 GB) (Free:455.18 GB) NTFS Drive e: () (Removable) (Total:1.89 GB) (Free:1.89 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00018258) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=924.8 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=5.9 GB) - (Type=05) ======================================================== Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End of log ============================