Additional scan result of Farbar Recovery Scan Tool (x64) Version:27-02-2016 Ran by marcel (2016-03-01 17:42:37) Running from C:\Users\marcel\Desktop Windows 10 Home Version 1511 (X64) (2015-12-18 03:49:46) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3332132433-96599277-2777302826-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3332132433-96599277-2777302826-503 - Limited - Disabled) Guest (S-1-5-21-3332132433-96599277-2777302826-501 - Limited - Disabled) marcel (S-1-5-21-3332132433-96599277-2777302826-1002 - Administrator - Enabled) => C:\Users\marcel ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: 360 Total Security (Disabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} AS: 360 Total Security (Disabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3332132433-96599277-2777302826-1002\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.) 360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 8.2.0.1098 - 360 Security Center) 7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps) A3Launcher version 0.0.1.5 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4CFDE640DF}_is1) (Version: 0.0.1.5 - Maca134) ACP Application (Version: 2015.1204.1152.59 - Advanced Micro Devices, Inc.) Hidden Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) AMD Catalyst Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - ) AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.) ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) Aslain's WoWs Modpack version 5.2.4.04 (HKLM-x32\...\ASLAINSWARSHIPSTEST_is1) (Version: 5.2.4.04 - Aslain) ASUS GPU Tweak (x32 Version: 2.8.3.0 - ASUSTek COMPUTER INC.) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) BOSS Userlist Manager (HKLM-x32\...\{EB3A95A5-518B-47EF-AC94-6D87E961E6CD}) (Version: 6.8.0106 - Surazal) Catalyst Control Center Next Localization BR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2015.1204.1216.22046 - Advanced Micro Devices, Inc.) Hidden Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu) CPUID CPU-Z G1 1.74 (HKLM\...\CPUID CPU-Z G1_is1) (Version: 1.74 - CPUID, Inc.) CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Discord (HKU\S-1-5-21-3332132433-96599277-2777302826-1002\...\Discord) (Version: 0.0.284 - Hammer & Chisel, Inc.) DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.8.0.13 - DivX, LLC) Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version: - ) Firewatch (HKLM-x32\...\Firewatch_is1) (Version: - ) GamersInc Launcher (HKLM-x32\...\GamersInc Launcher1.0.2.6) (Version: 1.0.2.6 - GamersInc) GD Hardware Scan (HKU\S-1-5-21-3332132433-96599277-2777302826-1002\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD) Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.) H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games) H1Z1: Just Survive Test Server (HKLM-x32\...\Steam App 362300) (Version: - ) H1Z1: King of the Kill (HKLM-x32\...\Steam App 433850) (Version: - Daybreak Game Company) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Chipset Device Software (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.6568.2025 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Word 2010 (HKLM\...\Office14.WORD) (Version: 14.0.4763.1000 - Microsoft Corporation) Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment) Mozilla Firefox 44.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 nl)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) My.com Game Center (HKU\S-1-5-21-3332132433-96599277-2777302826-1002\...\MyComGames) (Version: 3.169 - My.com B.V.) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.2 - Black Tree Gaming) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6528.1011 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1011 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6528.1011 - Microsoft Corporation) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 9.11.5.17432 - Electronic Arts, Inc.) Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.1.0 - Popcorn Time) Popcorn Time CE YIFY (HKLM-x32\...\{F9BC7890-4FE5-4391-8C59-CD0C556EF115}) (Version: 1.0.0 - YIFY.is) Popcorn Time Community 0.3.8-6 (HKLM-x32\...\Popcorn Time Community 0.3.8-6) (Version: 0.3.8-6 - Popcorn Time Community) Popcorn Time Offical version 0.8.0.4 (HKLM-x32\...\{8F38178C-CFE2-476C-9DC8-F4203C2395FF}_is1) (Version: 0.8.0.4 - Popcorn Time Offical) Porn Time Offical version 0.7.0.0 (HKLM-x32\...\{3A26967A-A968-4111-B35A-8BE335C87831}_is1) (Version: 0.7.0.0 - Porn Time Offical) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.4 - Power Software Ltd) Project Reality: BF2 (HKLM\...\Project Reality: BF2 (pr)_is1) (Version: v1.3 - Project Reality) Project Reality: WW2 (HKLM\...\Project Reality: WW2 (pr_ww2)_is1) (Version: v0.2 - Project Reality) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Rainbow Six Siege - Open Beta (HKLM-x32\...\Uplay Install 1001) (Version: - Ubisoft) Raptr (HKLM-x32\...\Raptr) (Version: - ) RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder) Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) Sound Blaster Recon3Di (HKLM-x32\...\{5BED8C9F-38A1-4987-99E5-801D3E2768D7}) (Version: 1.04.02 - Creative Technology Limited) Sound Blaster Recon3Di Extras (HKLM-x32\...\{536BDBFC-CA1A-4AC0-A8EB-BB2D0F1F522E}) (Version: 1.0 - Creative Technology Limited) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.21.18.4608 - Enigma Software Group, LLC) Star Citizen Launcher (HKU\S-1-5-21-3332132433-96599277-2777302826-1002\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios) Tom Clancy's Rainbow Six Siege (HKLM-x32\...\Uplay Install 635) (Version: - Ubisoft) TorrentsTime Media Player (HKLM\...\TorrentsTime Media Player_is1) (Version: 1.1.9.1 - Torrents Time) Uplay (HKLM-x32\...\Uplay) (Version: 14.0 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) World of Warships (HKU\S-1-5-21-3332132433-96599277-2777302826-1002\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net) WS Launcher (HKLM-x32\...\WS Launcher 30.0.4.3) (Version: 30.0.4.3 - WS.ARMA.SU) WS Launcher (x32 Version: 30.0.4.3 - WS.ARMA.SU) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3332132433-96599277-2777302826-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\marcel\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1ECBF0A3-1189-4802-8AEA-C840F47A21EB} - System32\Tasks\Style Kingdom => Rundll32.exe "C:\Users\marcel\AppData\Local\Style Kingdom\{7A33C1E3-4D6E-CA40-9671-5E9057F04009}\StyleKingdom.dll",#1 <==== ATTENTION Task: {27E30E0C-712C-49C0-AC4D-50F4E5814E99} - System32\Tasks\Hybrid => C:\IORRT\IORRT.bat [2016-01-24] () Task: {2955B50F-1F22-4B49-90C9-21B65128726E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-04] (Microsoft Corporation) Task: {405240A2-4E09-451A-9D35-4D2B665A10F5} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-12] (Adobe Systems Incorporated) Task: {412808E9-952D-4F10-B77C-283A5BE41D1E} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI) Task: {581D04C9-5BEC-42A6-937C-9F12FC74DB18} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] () Task: {5F7D7DF6-0E8F-43CD-9A74-717114525B8B} - System32\Tasks\IORRT => C:\IORRT\IORRT.bat [2016-01-24] () Task: {75B4F9BA-E6F4-4239-9358-2EA785AD595E} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe Task: {798096AE-8A82-4456-BBCB-D620B164F9FB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation) Task: {7B5E9218-6930-4444-9755-B85A90A794C6} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-02-23] (Microsoft Corporation) Task: {7E109070-7D69-467C-B9EA-4A0515A9C83B} - System32\Tasks\Style Kingdom2 => Rundll32.exe "C:\Users\marcel\AppData\Local\Style Kingdom\{7A33C1E3-4D6E-CA40-9671-5E9057F04009}\wlukhan.dll",#1 <==== ATTENTION Task: {85F3CF2C-4F94-4D7A-8EE4-88DB2C9C0E10} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2015-11-30] (DivX, LLC) Task: {EB380CCD-BC80-488F-A51E-23B19E480740} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-18] (Advanced Micro Devices, Inc.) Task: {EB5C8E55-9C31-4819-8B73-7E27DDE6DF4E} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] () Task: {EDB20CC8-4881-4F7C-A10F-1D916889FE09} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-04] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-11-19 18:58 - 2016-02-04 05:51 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll 2016-02-24 17:59 - 2016-02-24 17:59 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe 2012-01-16 20:24 - 2012-01-16 20:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe 2015-12-18 13:27 - 2015-12-18 13:27 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-01-13 20:46 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-22 15:39 - 2016-01-22 15:39 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-18 13:27 - 2015-12-18 13:27 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-18 13:33 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 13:33 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 20:46 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-28 18:35 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-28 18:35 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-10-14 17:35 - 2015-10-14 17:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-10-14 17:35 - 2015-10-14 17:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-10-21 13:17 - 2016-02-01 07:20 - 00088184 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll 2016-02-17 15:02 - 2015-11-24 01:47 - 03843584 _____ () C:\Program Files (x86)\TorrentsTime Media Player\bin\torrent.dll 2016-01-22 15:39 - 2016-01-22 15:39 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 15:39 - 2016-01-22 15:39 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-01-23 12:11 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-01-23 12:11 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-01-23 12:11 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll 2016-01-23 12:11 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-01-23 12:11 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-01-23 12:11 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-01-23 12:11 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-01-23 12:11 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-01-23 12:11 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-01-23 12:11 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-01-23 12:11 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-01-23 12:11 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2016-02-09 23:04 - 2016-02-09 20:49 - 02561024 _____ () C:\Users\marcel\AppData\Local\Discord\app-0.0.284\libdiscord.dll 2016-02-09 23:04 - 2016-02-09 20:49 - 00240128 _____ () \\?\C:\Users\marcel\AppData\Local\Discord\app-0.0.284\resources\node_modules\discord_toaster\discord_toaster.node 2016-02-09 23:04 - 2016-02-09 20:49 - 00108544 _____ () \\?\C:\Users\marcel\AppData\Local\Discord\app-0.0.284\resources\node_modules\discord_overlay\discord_overlay.node 2016-02-24 16:38 - 2016-02-24 16:38 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll 2016-02-24 16:38 - 2016-02-24 16:38 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll 2016-02-24 16:38 - 2016-02-24 16:38 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll 2016-02-24 16:38 - 2016-02-24 16:38 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll 2016-02-24 16:38 - 2016-02-24 16:38 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll 2016-02-24 16:38 - 2016-02-24 16:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll 2016-02-24 16:38 - 2016-02-24 16:38 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll 2016-02-24 16:38 - 2016-02-24 16:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll 2016-01-23 12:11 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-02-09 23:04 - 2016-02-09 20:49 - 01684480 _____ () C:\Users\marcel\AppData\Local\Discord\app-0.0.284\libglesv2.dll 2016-02-09 23:04 - 2016-02-09 20:49 - 00012288 _____ () C:\Users\marcel\AppData\Local\Discord\app-0.0.284\libegl.dll 2016-02-09 23:04 - 2016-02-09 23:04 - 00465920 _____ () C:\Users\marcel\AppData\Local\Discord\app-0.0.284\capture.x86.dll 2016-03-01 17:38 - 2016-03-01 17:38 - 00140800 _____ () \\?\C:\Users\marcel\AppData\Local\Temp\19A8.tmp.node 2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll 2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd 2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll 2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd 2015-10-21 21:29 - 2015-10-21 21:29 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll 2015-10-21 21:29 - 2015-10-21 21:29 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll 2015-06-27 00:09 - 2015-06-27 00:09 - 00271872 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll 2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd 2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd 2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll 2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\.rdata:X ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-22 01:18 - 2016-02-29 19:28 - 00000967 ____N C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3332132433-96599277-2777302826-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\marcel\AppData\Roaming\Mozilla\Firefox\Bureaubladachtergrond.bmp DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run32: => "StartCCC" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{A679D6EE-C7E5-465B-9B2A-8DA5B534D7BB}C:\users\marcel\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\marcel\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{B78AAA54-EC48-4E09-9588-2F19B27D3B3D}C:\users\marcel\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\marcel\appdata\local\popcorn time\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{65F4A0B7-B0CA-4C5A-9AA6-F2484C00CCF5}C:\users\marcel\appdata\local\porn time offical\node-webkit\porn time.exe] => (Allow) C:\users\marcel\appdata\local\porn time offical\node-webkit\porn time.exe FirewallRules: [TCP Query User{44ECDE54-88A4-4597-9434-E1498A203E01}C:\users\marcel\appdata\local\porn time offical\node-webkit\porn time.exe] => (Allow) C:\users\marcel\appdata\local\porn time offical\node-webkit\porn time.exe FirewallRules: [UDP Query User{B4FD50B3-AB5D-4CBC-897B-C99FE4E55641}C:\users\marcel\appdata\local\popcorn time offical\node-webkit\popcorn time.exe] => (Allow) C:\users\marcel\appdata\local\popcorn time offical\node-webkit\popcorn time.exe FirewallRules: [TCP Query User{418EC291-B398-4B47-A9C2-FF48B82252EF}C:\users\marcel\appdata\local\popcorn time offical\node-webkit\popcorn time.exe] => (Allow) C:\users\marcel\appdata\local\popcorn time offical\node-webkit\popcorn time.exe FirewallRules: [UDP Query User{33459319-DC46-406E-8EAF-5B5A12BE197F}C:\users\marcel\appdata\local\temp\i1449693566\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\marcel\appdata\local\temp\i1449693566\windows\resource\jre\bin\javaw.exe FirewallRules: [TCP Query User{71A75E1A-7D68-47C9-AF64-22F7F0B46F38}C:\users\marcel\appdata\local\temp\i1449693566\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\marcel\appdata\local\temp\i1449693566\windows\resource\jre\bin\javaw.exe FirewallRules: [{50E945D6-412C-4676-A2E2-9BB517B47097}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe FirewallRules: [{10C58F4F-218A-4D50-AE47-75200A63C95E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe FirewallRules: [{FBB30AD1-7411-45E4-BFEA-1ADB1AE50816}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [{7391E3EF-62DA-41D6-95A5-E6822619611C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Rainbow Six Siege\RainbowSix.exe FirewallRules: [UDP Query User{21A92748-6DAA-4ABA-94A0-4758B5B025FF}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rainbow six siege - open beta\rainbowsix.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rainbow six siege - open beta\rainbowsix.exe FirewallRules: [TCP Query User{DD388A08-AAE7-4213-BC95-63F5B62256B9}C:\program files (x86)\ubisoft\ubisoft game launcher\games\rainbow six siege - open beta\rainbowsix.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\rainbow six siege - open beta\rainbowsix.exe FirewallRules: [{BB5DDE61-C226-4389-8996-ADAFF82A0E5D}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Open Beta\RainbowSix.exe FirewallRules: [{FCE2C151-7494-4C13-998F-D46B223B4767}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Rainbow Six Siege - Open Beta\RainbowSix.exe FirewallRules: [{DF4ED1AE-3CF2-429A-ADDC-CC782D369D90}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{2C2DC5F6-1253-4DBB-975E-776B33405823}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{BE06710C-DC93-41E4-84D0-378192388D93}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{582243DF-ACEF-443A-AD3E-301D8EFE37AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A18047FD-CA85-4C51-890D-778A7EFC6B07}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{44334872-33DC-4531-8D00-8162F7D02D8B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4A56AE7E-766F-4849-9D89-0FAF74FB18A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{BD767FDD-7B03-4C95-A2D0-8C3408600F1C}C:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) C:\program files (x86)\a3launcher\a3launcher.exe FirewallRules: [TCP Query User{3AD5D26E-7231-44A4-BF6C-C7DEBC3D6015}C:\program files (x86)\a3launcher\a3launcher.exe] => (Allow) C:\program files (x86)\a3launcher\a3launcher.exe FirewallRules: [{16EC2619-E635-4C9D-BC8A-02B0465DEF49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{7AA31D21-D050-43DF-BA43-944FE4196DE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [UDP Query User{C709439B-7C33-4B80-BFD0-6941D2DFCCEE}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [TCP Query User{DD1D7D2A-5BB2-4084-B6DC-3FA0AE7A4D09}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [{D5C2C8A8-584A-4507-A71E-5978268BCFB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{67395E82-4DED-4A74-89D7-C25044C1BF61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{158A82FC-0BC4-4BEC-BBDC-E5B41357D85C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{8F8F2F1E-23C8-4576-AE4E-09F3073067CB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe FirewallRules: [{A6AEDE00-F985-4F65-BBE3-C8967EE3C11E}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{03928CC3-AB5E-47C6-9702-313473F34DBF}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe FirewallRules: [{8F6294FF-0E7B-4AD1-8D7B-2CA65E14D2D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{DEF994CA-6B62-43B1-B173-E65673A908DA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe FirewallRules: [{A8CB3A70-D4AE-4EE7-9E32-8D4FBBE93CF4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{6A1F426C-70FF-4E21-BC93-F0C0F7C0BDD1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{6362F4E5-B9BB-4EED-A362-8DB4C4451548}] => (Allow) C:\Users\marcel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4DC9D342-AD11-4F2D-BB87-935669C307BE}] => (Allow) C:\Users\marcel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A5960870-B605-4AE9-B470-B468777D5EB5}] => (Allow) C:\Users\marcel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8DE11276-7BE0-4377-B217-4D2633D35F4B}] => (Allow) C:\Users\marcel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{87667286-6EB7-473F-9532-4985FC0B4366}] => (Allow) C:\Users\marcel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{EE3C9C98-D3A5-4BE7-A8E5-C13C0572ACFA}] => (Allow) C:\Users\marcel\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C93D1372-90B5-4A5B-A8D0-33FFA6A6E79B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{40AEDAB6-D124-4B55-A795-F14F83D8CC45}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{EDCC6C5C-C582-4292-9E88-E6FA2FFE6B1E}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{3B272264-52E8-4FF7-A735-CAFBEFAEB6DF}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{BA906A93-6C13-45AD-AB90-0D4D30BD9324}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AA24B79F-00A2-4BDE-A510-8E24B5F0E9D7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{CA70846A-433A-4D27-B2C1-FFA421BD1696}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{12224C93-77EF-4C43-A6D8-08749666176A}C:\users\marcel\appdata\local\popcorn time community\nw.exe] => (Allow) C:\users\marcel\appdata\local\popcorn time community\nw.exe FirewallRules: [UDP Query User{7AC39971-7028-4730-BDEB-4FB552BE908F}C:\users\marcel\appdata\local\popcorn time community\nw.exe] => (Allow) C:\users\marcel\appdata\local\popcorn time community\nw.exe FirewallRules: [{F0051B2A-5E3B-4197-8C9F-915DA6FE8A82}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{126E851B-F34E-4709-B741-C3D7ACA0AD0C}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{1489345B-95E8-4F38-A619-1B113E3697B4}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{0D065B37-E6E7-4A2D-BA29-E18AFBA22FC2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [TCP Query User{6A96ADD3-321E-40CF-8C8F-E74267D2D3BA}C:\games\far cry 4\bin\farcry4.exe] => (Allow) C:\games\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{32D77B87-A0B3-4768-AEBC-443D27A10AFD}C:\games\far cry 4\bin\farcry4.exe] => (Allow) C:\games\far cry 4\bin\farcry4.exe FirewallRules: [{A131EC0D-A72E-4351-BBDD-E6187AE43CB2}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\prbf2.exe FirewallRules: [{C832263F-1CF5-45DB-9020-5B81FA6A7FA6}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRLauncher.exe FirewallRules: [{DC59861E-283F-4D21-99BA-DE3FDA2FE8C2}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRUpdater.exe FirewallRules: [{0411827E-CCCB-4B3D-9D19-F78E5E7E7388}] => (Allow) C:\Program Files (x86)\Project Reality\Project Reality BF2\mods\pr\bin\PRMumble\PRMumble.exe FirewallRules: [TCP Query User{FEA2283F-6390-4DB9-B697-90C84BE006D0}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [UDP Query User{59D23BC2-4BE4-4BB5-86EB-5FD73E008E50}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [TCP Query User{37C67BC7-7C0F-4DD6-A2BD-FBEE4CCA796E}C:\users\marcel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\marcel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{9A2062C8-B18F-48FE-B1FC-40E0DB732F8C}C:\users\marcel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\marcel\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{09074553-DF3E-4F34-9333-39EA5AB48A98}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{80FED857-9D13-4412-A9AA-D75F94E69710}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe FirewallRules: [{458BF3D8-5025-46A5-B6BA-673B00FBACED}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{1D5F7F7F-A67F-473F-BF36-4C8FC3CB25A9}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe FirewallRules: [{6E4C545B-EC00-4B49-9044-9CEEDBB11236}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{A10987F3-4B29-4F38-A154-E212B7C9DC38}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe FirewallRules: [{BDFB3CAA-1439-4422-9E30-263906FD5645}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{8C643BC8-7A85-4788-BB08-E224F7EFF275}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [TCP Query User{5E2DE3B1-9095-4AD6-B974-24FB1A2B0B55}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [UDP Query User{6D8B6E8E-6BD6-4B74-A490-E94008636CEF}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [TCP Query User{B8407DB4-3FF9-4C57-B32D-510372B0346D}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [UDP Query User{4CCC0123-8987-4DB9-B4A2-E1288AC265F6}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe FirewallRules: [TCP Query User{AFE8E57E-40C4-43F1-B511-5B7215B81498}C:\users\marcel\appdata\local\popcorn time ce yify\nw.exe] => (Allow) C:\users\marcel\appdata\local\popcorn time ce yify\nw.exe FirewallRules: [UDP Query User{4CBD0B05-8184-48B0-ADBB-47ADC8F09A77}C:\users\marcel\appdata\local\popcorn time ce yify\nw.exe] => (Allow) C:\users\marcel\appdata\local\popcorn time ce yify\nw.exe FirewallRules: [TCP Query User{8C411A1B-8B08-4F5A-9FFD-43583B6006C4}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [UDP Query User{CEAD59A1-FEF6-43E6-90E6-5080FF432712}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [TCP Query User{18883FB1-E60F-4A62-9E3D-67F691A00BD3}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [UDP Query User{FCADE945-646B-460F-9F02-F1311E89B697}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [TCP Query User{13B89BCB-0F54-4D97-8617-4305C12DC3C7}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{D02BD0CE-02B7-43AF-B85B-593FB2FE5D7D}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{4556FA50-F88A-4538-ADD3-C46990CEB96B}C:\users\marcel\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\marcel\appdata\local\mycomgames\mycomgames.exe FirewallRules: [UDP Query User{79CAB669-1F7C-40C2-8393-4D0E7ED0D11B}C:\users\marcel\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\marcel\appdata\local\mycomgames\mycomgames.exe FirewallRules: [TCP Query User{07133959-3B87-46BD-8AE9-F3DBC9D01912}C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe FirewallRules: [UDP Query User{4DF4ED75-0270-4AE4-A6A1-DE6EF442CF39}C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe] => (Allow) C:\mygames\armored warfare mycom\bin64\armoredwarfare.exe FirewallRules: [TCP Query User{A66FD5E1-2864-43AA-AE70-EA55647005CA}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{DFF946B4-6C21-4402-813F-BEAD335914AD}C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40431\heroesofthestorm_x64.exe FirewallRules: [{F779BE5E-7A3F-4950-B204-31A264FDDADC}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{0BC1E019-CB43-45AB-A470-0765415219B2}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe FirewallRules: [{5106DA18-EB18-4386-A7C6-0566AD1A544B}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe FirewallRules: [{9248AA0D-0B84-4FE4-ABF6-4E2A3685C12C}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe FirewallRules: [{1733AEAC-F85D-4390-AC5F-826C685805E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [{06A4531B-4457-4074-B740-A3A99BCF2869}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe FirewallRules: [TCP Query User{0BF017BE-35FC-4FF0-B8B9-3A3C7A88C3B9}C:\program files (x86)\firewatch\firewatch.exe] => (Block) C:\program files (x86)\firewatch\firewatch.exe FirewallRules: [UDP Query User{6714067D-D0D1-4F77-A4E2-4038005712D2}C:\program files (x86)\firewatch\firewatch.exe] => (Block) C:\program files (x86)\firewatch\firewatch.exe FirewallRules: [{20E48C4C-30AD-42D8-B19D-87700989CEDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe FirewallRules: [{FE8239DE-C647-4CDA-AFA2-C39C6F781505}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe FirewallRules: [{BC9E8F0D-65B8-4D1E-9BC5-DC94E44FF86E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe FirewallRules: [{CFB15800-E236-4D42-8133-7457AC971515}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe FirewallRules: [{95D2739C-FF21-499F-AEEB-4B5E4D27A9B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [{E121FCDF-3899-4EAA-93C3-75323E099EA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe FirewallRules: [TCP Query User{1B054F7C-3E2E-4F29-A41B-87DE6C287BA3}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [UDP Query User{F038BB3E-2842-4F4C-AD29-A905CA715CD3}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe FirewallRules: [{C525DD38-39F1-40CA-A0E1-AF1E7E26E748}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe FirewallRules: [{28962C4E-4B8B-491B-9B5C-F06CB0545A5A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe FirewallRules: [{9EDA9CBB-B71C-452C-A058-EB96A16487C0}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe FirewallRules: [{DAD89BAF-7DF8-428A-A47A-F7FB662D4239}] => (Allow) C:\Program Files (x86)\TorrentsTime Media Player\bin\chromecast\node.exe FirewallRules: [{EC17564A-EA8E-4894-88C1-62A808CDA307}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe FirewallRules: [{464EB7E6-0219-464A-A8FF-53E861CCA4F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe FirewallRules: [{ACCEFD04-1B43-4399-9B93-F331EF360C75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{557D10D9-B5E3-4632-A52D-16C8E69FF33B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [TCP Query User{E515463F-68FF-4DB5-87C5-25325E91B680}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{31C6A431-E2EE-43DB-BC08-206E51AD077E}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{67307CD6-5E3C-4ED2-8015-3062B9384636}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{36BEFDD2-4CEB-4283-9F0A-F684FE5D6007}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{3DA354DC-5AA0-4678-8992-F9B6DA9AC793}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D40C8DFC-B916-4DBC-9739-6D08879B0341}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{DC74FAFB-7918-45FE-AF2E-E5E84E85FAB3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{632D34D6-3FEE-4A50-83D8-2B4C83C57052}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{45D619DC-9BA1-4484-AF45-0A5054EC6272}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{7275230C-17A0-4516-AB3D-E98C9A4E9431}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [TCP Query User{52E0F88A-9283-48FC-BA75-52A7F90421C2}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{E3F9B233-D582-4F2A-B867-18D524CB892A}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{6BDDADEF-091E-455A-B722-ABB414E5ACD1}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe FirewallRules: [{42EE577E-7354-40DD-B10A-D4DBB3C869D4}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe ==================== Restore Points ========================= 29-02-2016 19:30:19 Removed UtilTool Driver Updater 01-03-2016 17:26:26 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/01/2016 05:35:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SkypeHost.exe, version: 10.1.2123.10, time stamp: 0x569054dc Faulting module name: SkyWrap.dll, version: 10.1.2123.10, time stamp: 0x569054c9 Exception code: 0xc0000005 Fault offset: 0x001f38a8 Faulting process id: 0x17c4 Faulting application start time: 0xSkypeHost.exe0 Faulting application path: SkypeHost.exe1 Faulting module path: SkypeHost.exe2 Report Id: SkypeHost.exe3 Faulting package full name: SkypeHost.exe4 Faulting package-relative application ID: SkypeHost.exe5 Error: (03/01/2016 05:26:35 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (02/29/2016 10:24:51 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418220 Error: (02/29/2016 07:50:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-FJ3FFOS) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (02/29/2016 07:40:02 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (02/29/2016 07:39:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SndVol.exe version 10.0.10586.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: b00 Start Time: 01d1731feb8da46f Termination Time: 4 Application Path: C:\Windows\System32\SndVol.exe Report Id: bf9b5a01-df13-11e5-8245-fcaa1421e5d5 Faulting package full name: Faulting package-relative application ID: Error: (02/29/2016 07:30:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (02/29/2016 06:47:22 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (02/28/2016 10:24:50 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: ) Description: Subscription licensing service failed: -1073418220 Error: (02/28/2016 04:03:39 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: bf4.exe, version: 1.7.2.45672, time stamp: 0x5654c99c Faulting module name: RTSSHooks64.dll, version: 0.0.0.0, time stamp: 0x56534251 Exception code: 0xc0000094 Fault offset: 0x0000000000012ebe Faulting process id: 0x8e0 Faulting application start time: 0xbf4.exe0 Faulting application path: bf4.exe1 Faulting module path: bf4.exe2 Report Id: bf4.exe3 Faulting package full name: bf4.exe4 Faulting package-relative application ID: bf4.exe5 System errors: ============= Error: (03/01/2016 05:36:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The SpyHunter 4 Service service failed to start due to the following error: %%2 Error: (03/01/2016 05:35:38 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error: (03/01/2016 05:35:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_3974539 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/01/2016 05:35:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_3974539 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/01/2016 05:35:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_3974539 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/01/2016 05:35:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_3974539 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/01/2016 05:35:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (03/01/2016 05:35:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Volume Shadow Copy service terminated unexpectedly. It has done this 1 time(s). Error: (03/01/2016 05:35:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (03/01/2016 05:35:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Office Software Protection Platform service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2016-02-29 19:49:52.469 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:48:51.586 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:48:51.578 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:48:51.570 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:46:20.275 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:46:06.942 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:45:07.528 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:45:01.539 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:45:01.526 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-29 19:45:01.517 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz Percentage of memory in use: 24% Total physical RAM: 8076.88 MB Available physical RAM: 6104.15 MB Total Virtual: 10380.88 MB Available Virtual: 8324.63 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:930.97 GB) (Free:410.89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2454FB42) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt ============================