Additional scan result of Farbar Recovery Scan Tool (x64) Version:12-12-2015 01 Ran by gerry (2015-12-13 11:08:31) Running from C:\My Stuff\secToolz\FRST Windows 8.1 (X64) (2015-10-20 09:55:28) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-353222165-342148677-1426660868-500 - Administrator - Disabled) gerry (S-1-5-21-353222165-342148677-1426660868-1001 - Administrator - Enabled) => C:\Users\gerry Guest (S-1-5-21-353222165-342148677-1426660868-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ZoneAlarm Antivirus (Disabled - Up to date) {23B6D20A-C2DE-B3F5-C67D-07ECD854E6A9} AS: ZoneAlarm Anti-Spyware (Disabled - Up to date) {98D733EE-E4E4-BC7B-FCCD-3C9EA3D3AC14} AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: ZoneAlarm Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8108 - Acer Incorporated) Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8111 - Acer Incorporated) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated) Brother MFL-Pro Suite MFC-J870DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.80 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Gpg4win (2.2.6) (HKLM-x32\...\GPG4Win) (Version: 2.2.6 - The Gpg4win Project) GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version: - UltimateOutsider) HashTab 5.2.0.14 (HKLM\...\HashTab) (Version: 5.2.0.14 - Implbits Software) HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.10.251 - SurfRight B.V.) HitmanPro.Alert (HKLM\...\HitmanPro.Alert) (Version: 3.1.0.343 - SurfRight B.V.) Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4156 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.226.0 - Intel Corporation) iolo technologies' System Mechanic (HKLM-x32\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 15.0.1 - iolo technologies, LLC) LibreOffice 5.0.3.2 (HKLM-x32\...\{D61E7AA0-0380-49B9-8DDD-7685E2306176}) (Version: 5.0.3.2 - The Document Foundation) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.207 - McAfee, Inc.) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Mozilla Thunderbird 38.4.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 en-US)) (Version: 38.4.0 - Mozilla) NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation) NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation) NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation) Password Safe (HKLM-x32\...\Password Safe) (Version: - ) Qualcomm Atheros QCA9377 Wireless LAN & Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.177O - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39063 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.36.826.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7451 - Realtek Semiconductor Corp.) RogueKiller version 10 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 10 - Adlice Software) SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology) Secunia PSI (2.0.0.4003) (HKLM-x32\...\Secunia PSI) (Version: 2.0.0.4003 - Secunia) SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version: - ) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VMware Player (HKLM\...\{49CDE7BF-ED37-4753-A02D-AE23F8CD9FF7}) (Version: 12.0.1 - VMware, Inc.) Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 9.0.6.18 - Webroot) WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 1.12.8 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.8 - The Wireshark developer community, hxxp://www.wireshark.org) ZoneAlarm Antivirus (HKLM-x32\...\ZoneAlarm Antivirus) (Version: 14.1.011.000 - Check Point) ZoneAlarm Antivirus (x32 Version: 14.1.011.000 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Firewall (x32 Version: 14.1.011.000 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Security (x32 Version: 14.1.011.000 - Check Point Software Technologies Ltd.) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= 27-11-2015 10:52:39 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 02-12-2015 18:13:53 Windows Modules Installer 08-12-2015 17:48:21 b-4 upgrading sm to v15 09-12-2015 14:30:48 b-4 installing MS December Patch Tuesday Updates 12-12-2015 08:51:28 b-4 installing sm v15 for real ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2015-12-07 11:40 - 00000972 ____A C:\Windows\system32\Drivers\etc\hosts 198.105.244.104 127.0.0.1 # no-effing-dns-yet.ccanet.co.uk keep out! 198.105.254.104 127.0.0.1 # no-effing-dns-yet.ccanet.co.uk keep out! ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {562FF622-41CE-4563-8BEA-51261799F2F1} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2015-01-28] (Acer Incorporated) Task: {5E173B8F-F453-446F-B1C1-5F482D0D2E83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-24] (Google Inc.) Task: {8E70E89D-9317-49B5-802C-F7D32CA7AE22} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-24] (Google Inc.) Task: {989F680B-99FA-4C87-87E1-468E122E6A99} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-10-15] (Acer Incorporated) Task: {A96A3945-8853-4AD0-BF40-6A5B3CB81E6F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {CBA8A5E8-A4F3-4B51-A9E3-5F35A533E8BB} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe Task: {E69CBA37-4653-4754-A8CC-16ACADB88EBB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-12-09] (Microsoft Corporation) Task: {FDEF4FDA-E909-4706-9A83-5AB90A730503} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-06-11 12:09 - 2015-02-05 14:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-01-26 18:42 - 2015-01-26 18:42 - 00139264 _____ () C:\Windows\system32\ihvmanager\AthIHVManager.dll 2015-09-09 05:52 - 2015-09-09 05:52 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe 2015-10-31 16:29 - 2005-04-21 23:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll 2015-03-23 22:56 - 2015-03-11 10:07 - 00391784 _____ () C:\Windows\system32\igfxTray.exe 2015-06-11 12:02 - 2015-02-08 22:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe 2015-11-03 06:42 - 2015-11-03 06:42 - 00794920 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\avsys\kpcengine.2.3.dll 2015-09-09 05:40 - 2015-09-09 05:40 - 00221696 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll 2015-09-09 05:28 - 2015-09-09 05:28 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll 2015-09-09 05:39 - 2015-09-09 05:39 - 00072192 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll 2015-09-09 05:42 - 2015-09-09 05:42 - 00744448 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll 2015-09-09 05:34 - 2015-09-09 05:34 - 00087040 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll 2015-10-18 18:33 - 2015-10-18 18:33 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll 2015-10-31 18:58 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ==================== Alternate Data Streams (Whitelisted) ========= ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\19073827.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\67888204.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70083796.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\19073827.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\67888204.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\70083796.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-353222165-342148677-1426660868-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\gerry\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{3EEABCAE-9098-46D3-BB73-7E138D6437DE}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector12\PDR10.EXE FirewallRules: [{E38C3DC2-3400-4097-9C76-8A789BB95CEC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{CD16FFC9-F04F-4EA8-A6B5-7CF39842C706}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{97CF5322-084F-4858-969A-82CB0A884BDF}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe FirewallRules: [{B09DA012-6007-4ED4-A537-037F0DB8A383}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{17867E74-22E3-457E-880B-C5FA931B59EA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F23EE09C-2806-4BFD-8BF5-521CF8D07387}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{5477D672-E5B3-44D9-90FA-0D66EFD5A026}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{D61B1CF7-E77A-410D-996B-D1AACDC7D240}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{36F4E32E-2128-4472-B6A7-6F1FAF5ABD5F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{7E466FE2-5DA2-4447-9FD7-B139DD467195}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{22E18051-CA47-4D8B-95D7-9C8982275BA4}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{473BBB1E-4BCE-401B-B5D0-D4C9BED1E434}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{F890D2DC-7285-4978-B1AA-90E4998740CB}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{9577CF6D-ACE5-4E30-840F-0E851A98395F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{67B6465E-721D-4408-BDA5-D977DD365637}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{27B7F139-49BC-495A-A6DD-C67699EFB203}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{40A48937-6EE7-4F55-A72B-D17BC231B87A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{00F42BF1-5E65-4A7A-9B4B-734B6AE37594}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{D15CF19B-DB2F-4194-BABA-5CB3FAA69573}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe FirewallRules: [{2307D2D5-DCFE-4BE9-A2D2-1367DC5503ED}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{31CAA17C-CD6C-48E6-9E99-4AA4E69AB19A}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe FirewallRules: [{75CA8B55-8265-4C03-9DAC-375C458545F3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6E3C2724-7239-4B32-91C5-949C8630004E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{12132E3A-99A2-41C2-8CF3-214CD649BEB0}] => (Allow) C:\Program Files (x86)\Brother\Brmfl13b\FAXRX.EXE FirewallRules: [{F12E390E-DFFF-4FDC-B6E9-804462B176F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{C297911F-C645-4B4F-9407-3EDFB31CF7B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{110B07F3-1A96-4E91-A5A3-A2B91FB5699E}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{8541D899-C79B-488B-B916-EA9FA3EB112F}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{C7E651DC-CF4D-4F08-8FE4-D635111DBFEB}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{FB87A0E1-3706-4D54-8CBF-71C746C9F0B7}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{4BE5C698-8498-43D5-B0EF-0491112F3EE2}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{6F6106E1-9B3B-4C20-A99F-AEC847D3A565}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe FirewallRules: [{72950A17-5A3A-4B94-AA79-59EE0689A9B4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (12/13/2015 12:41:08 AM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcFailed to launch stream service as user [87] Error: (12/13/2015 12:35:44 AM) (Source: SnortService) (EventID: 1) (User: ) Description: c:\Snort\etc\snort.conf(247) Could not stat dynamic module path "/usr/local/lib/snort_dynamicpreprocessor/": No such file or directory. Error: (12/09/2015 04:31:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SMSystemAnalyzer.exe, version: 14.6.1.12, time stamp: 0x55d034f3 Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4bcfc Exception code: 0x0eedfade Fault offset: 0x00015b68 Faulting process id: 0xa34 Faulting application start time: 0xSMSystemAnalyzer.exe0 Faulting application path: SMSystemAnalyzer.exe1 Faulting module path: SMSystemAnalyzer.exe2 Report Id: SMSystemAnalyzer.exe3 Faulting package full name: SMSystemAnalyzer.exe4 Faulting package-relative application ID: SMSystemAnalyzer.exe5 Error: (12/09/2015 10:52:53 AM) (Source: SnortService) (EventID: 1) (User: ) Description: c:\Snot\etc\snort.conf(0) Unable to open rules file "c:\Snot\etc\snort.conf": No such file or directory. Error: (12/08/2015 10:18:08 PM) (Source: NvStreamSvc) (EventID: 2001) (User: ) Description: NvStreamSvcFailed to launch stream service as user [87] Error: (12/03/2015 09:19:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HitmanPro.exe, version: 3.7.10.251, time stamp: 0x5630ad9a Faulting module name: hmpalert.dll, version: 3.1.0.340, time stamp: 0x564f2488 Exception code: 0xc00000fd Fault offset: 0x000000000000b76d Faulting process id: 0x1994 Faulting application start time: 0xHitmanPro.exe0 Faulting application path: HitmanPro.exe1 Faulting module path: HitmanPro.exe2 Report Id: HitmanPro.exe3 Faulting package full name: HitmanPro.exe4 Faulting package-relative application ID: HitmanPro.exe5 Error: (12/02/2015 06:29:59 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Tcpview.exe, version: 3.5.0.0, time stamp: 0x4dd3b18b Faulting module name: Tcpview.exe, version: 3.5.0.0, time stamp: 0x4dd3b18b Exception code: 0xc000041d Fault offset: 0x0001431e Faulting process id: 0xf44 Faulting application start time: 0xTcpview.exe0 Faulting application path: Tcpview.exe1 Faulting module path: Tcpview.exe2 Report Id: Tcpview.exe3 Faulting package full name: Tcpview.exe4 Faulting package-relative application ID: Tcpview.exe5 Error: (12/02/2015 06:29:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Tcpview.exe, version: 3.5.0.0, time stamp: 0x4dd3b18b Faulting module name: Tcpview.exe, version: 3.5.0.0, time stamp: 0x4dd3b18b Exception code: 0xc0000005 Fault offset: 0x0001431e Faulting process id: 0xf44 Faulting application start time: 0xTcpview.exe0 Faulting application path: Tcpview.exe1 Faulting module path: Tcpview.exe2 Report Id: Tcpview.exe3 Faulting package full name: Tcpview.exe4 Faulting package-relative application ID: Tcpview.exe5 Error: (12/02/2015 08:23:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Notification.exe, version: 6.0.3012.0, time stamp: 0x53281d82 Faulting module name: KERNELBASE.dll, version: 6.3.9600.18007, time stamp: 0x55c4c341 Exception code: 0xe0434352 Fault offset: 0x000000000000871c Faulting process id: 0x13e8 Faulting application start time: 0xNotification.exe0 Faulting application path: Notification.exe1 Faulting module path: Notification.exe2 Report Id: Notification.exe3 Faulting package full name: Notification.exe4 Faulting package-relative application ID: Notification.exe5 Error: (12/02/2015 08:23:56 AM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: Notification.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.ComponentModel.Win32Exception Stack: at System.Diagnostics.ProcessManager.OpenProcess(Int32, Int32, Boolean) at System.Diagnostics.NtProcessManager.GetModuleInfos(Int32, Boolean) at System.Diagnostics.Process.get_MainModule() at Notification.Form1.CheckResolution() at Notification.Form1..ctor() at Notification.Program.Main() System errors: ============= Error: (12/13/2015 10:57:31 AM) (Source: BTHUSB) (EventID: 17) (User: ) Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (12/13/2015 10:56:52 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The TrueVector Internet Monitor service did not shut down properly after receiving a preshutdown control. Error: (12/12/2015 01:26:01 PM) (Source: DCOM) (EventID: 10010) (User: PC1596) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (12/12/2015 01:25:30 PM) (Source: DCOM) (EventID: 10010) (User: PC1596) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (12/12/2015 12:08:45 PM) (Source: disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (12/12/2015 12:02:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Superfetch service terminated with the following error: %%1062 Error: (12/12/2015 11:16:26 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ioloSystemService service. Error: (12/12/2015 09:19:28 AM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The TrueVector Internet Monitor service did not shut down properly after receiving a preshutdown control. Error: (12/12/2015 09:09:53 AM) (Source: BTHUSB) (EventID: 17) (User: ) Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded. Error: (12/11/2015 08:35:24 PM) (Source: disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk2\DR4. CodeIntegrity: =================================== Date: 2015-10-20 01:02:47.802 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz Percentage of memory in use: 25% Total physical RAM: 8106.7 MB Available physical RAM: 6068.18 MB Total Virtual: 16298.7 MB Available Virtual: 14258.52 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:915.21 GB) (Free:838.38 GB) NTFS Drive f: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:324.6 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 61384FB9) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: C27C4F8F) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================