Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by SSForce (2016-03-29 10:39:12) Running from C:\Users\SSForce\Downloads Windows 10 Home Version 1511 (X64) (2016-03-24 16:58:47) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2231602007-2404555562-4019845178-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2231602007-2404555562-4019845178-503 - Limited - Disabled) Guest (S-1-5-21-2231602007-2404555562-4019845178-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2231602007-2404555562-4019845178-1003 - Limited - Enabled) SSForce (S-1-5-21-2231602007-2404555562-4019845178-1001 - Administrator - Enabled) => C:\Users\SSForce ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden Akamai NetSession Interface (HKU\S-1-5-21-2231602007-2404555562-4019845178-1001\...\Akamai) (Version: - Akamai Technologies, Inc) Alliance of Valiant Arms (HKLM-x32\...\Alliance of Valiant Arms) (Version: - ) ASUS Gaming Center (HKLM-x32\...\{23C8A788-4790-4F3C-B103-0ACC7D9DC5BE}) (Version: 1.0.5 - ASUS) ASUS GIFTBOX Desktop (HKLM-x32\...\{4701E5AB-AF91-4D40-8F18-358CC80E4E5B}) (Version: 1.1.6 - ASUS) ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.3.4 - ASUS) ASUS ROG Gaming Mouse (HKLM-x32\...\{3B9E171F-A955-4834-B877-447C0A437260}) (Version: 2.00.026 - ASUS) ASUS ROG MacroKey (HKLM-x32\...\{348022C5-F497-4333-AFEE-208F22F169F2}_is1) (Version: 1.0.0.28 - G-spy Co., Ltd) ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS) ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS) ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS) ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.29 - ASUS) ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.) ELAN Touchpad 11.5.19.2_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.19.2 - ELAN Microelectronic Corp.) Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation) Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.1.1 - Genesys Logic) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{915DDCDE-7767-4B4A-9256-8729B265BDAC}) (Version: 17.1.1440.02 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{9bffdf20-c3a3-4e93-9cbf-61712c6a38be}) (Version: 17.13.2 - Intel Corporation) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Maxx Audio Installer (x64) (Version: 1.6.4882.94 - Waves Audio Ltd.) Hidden Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Mozilla Firefox 45.0.1 (x86 es-ES) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 es-ES)) (Version: 45.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla) NVIDIA 3D Vision Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation) NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation) NVIDIA Graphics Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Miracast Virtual Audio 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) PixelMaster Video HDR (HKLM\...\{65302154-AAF6-4020-A070-76CAA9CEC8D3}) (Version: 1.1.23 - ASUS) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.4.1 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.28549 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7427 - Realtek Semiconductor Corp.) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix) SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios) Thunderbolt(TM) Software (HKLM\...\{BED2816F-D47A-41DA-AFCF-44E1B257C368}) (Version: 2.0.4.250 - Intel(R) Corporation) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes) WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation) WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent) WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2231602007-2404555562-4019845178-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\SSForce\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0D454584-F66C-4350-BB40-C7687DB1963A} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {16F79B98-F86E-4168-846E-FBE338111ADD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {193F8E80-A729-4047-B68C-3CCCFF54C99B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {1ECD776D-254D-414E-9CBC-8DC74BB2BD9D} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION Task: {250990D8-575F-45BA-812D-C44D3B89A7C2} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application when hardware is detected => Thunderbolt.exe Task: {2D631E58-9614-4A3F-A818-F5E236579C89} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {34ABDD7D-5EC9-4285-A962-66E3671FBF55} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.) Task: {4954E699-BB9B-4F29-914C-F3DE95BD0A5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-20] (Google Inc.) Task: {5433CBFA-93A1-4D9C-B8A3-1B14896B33B9} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {56074C93-93D4-4CB3-A750-85C07D2C1E0F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {5C584126-BD65-47F0-9876-FFEC2B08CB37} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2015-02-12] () Task: {6BD34F2E-9791-45BF-8D15-B149278448CC} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2015-03-23] (ASUSTeK Computer Inc.) Task: {70075066-F439-40E7-B344-89A33304DD34} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt application on login if service is up => Thunderbolt.exe Task: {712E2679-DC17-4167-884D-D385DDB5BD84} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS) Task: {8FC8F90A-7F79-42AF-A82E-95B86AB49BD5} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [2015-11-03] (McAfee, Inc.) Task: {90EFE6B1-3EB1-4081-8462-90B0D13992BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-03-20] (Google Inc.) Task: {912113FC-D421-416F-9D52-BE162BCAC428} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.) Task: {943DBDFB-24DC-47DD-AFC6-DAD1F6C3AC60} - System32\Tasks\WindowsUpdategedvdk0x8429524 => C:\ProgramData\gedvdk\htnHad.vbs [2016-03-28] () Task: {95D76609-0ED1-46B9-9391-8FD31DACEBE3} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service on boot if driver is up => tbtsvc.exe Task: {974050E1-CC43-4592-B049-A7E8DF32468A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {9DE61D51-40D8-4404-BF7F-85F2C308D157} - System32\Tasks\Intel\Thunderbolt\Start Thunderbolt service when hardware is detected => start ThunderboltService Task: {9F2F1740-6952-4A0A-A183-A1451E0861F5} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2014-02-25] () Task: {B0EB90C3-2026-47CD-8A98-BB24B603AAB0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {B2005349-69D4-4FBD-96C1-C9D03F542ABF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.) Task: {B2A5F2B6-B968-4B78-A906-C37E66ED658D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {B2E7AE94-8018-4629-8CF5-790DD24DA409} - System32\Tasks\Microsoft\Office\Microsoft Office Touchless Attach Notification => C:\Program Files (x86)\Microsoft Office\Office15\FirstRun.exe [2014-08-20] (Microsoft Corporation) Task: {B48659CC-1ECA-4B70-8CCD-99558D1B7FAA} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-01-13] (Realtek Semiconductor) Task: {CAE15DC4-90FD-45D7-9CDD-C11C61BC01EE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {CE8B167C-D540-402A-97A4-1135D56F8992} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {D2480852-DB6D-4BD4-8281-7CCAB4532D8C} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {D35F426E-5E41-42F9-B371-357266489292} - System32\Tasks\Gaming Center => C:\Program Files (x86)\ASUS\ASUS Gaming Center\vivokey.exe [2014-10-03] (ASUSTek Computer Inc.) Task: {F0720158-43F5-4540-A154-C99FEFFF7CB9} - System32\Tasks\RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-04] (Realtek Semiconductor) Task: {F911BFBC-E44D-480B-BF9A-2152F5C4DFC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-03-21 13:38 - 2016-03-08 04:07 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll 2016-03-21 13:38 - 2016-03-08 04:07 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll 2016-03-21 13:38 - 2016-03-08 04:07 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll 2015-10-30 01:18 - 2015-10-30 01:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-24 02:12 - 2015-07-13 11:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-24 03:45 - 2016-03-24 03:45 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-24 03:45 - 2016-03-24 03:45 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-02-13 06:54 - 2016-02-13 06:54 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-24 03:46 - 2016-03-24 03:46 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-02-13 06:54 - 2016-02-13 06:54 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-02-13 06:54 - 2016-02-13 06:54 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-02-13 06:54 - 2016-02-13 06:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-02-13 06:54 - 2016-02-13 06:54 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-02-12 08:52 - 2014-02-25 21:13 - 00053248 _____ () C:\Windows\SysWOW64\UMonit64.exe 2015-02-12 09:01 - 2013-05-15 16:39 - 00463872 _____ () C:\Program Files (x86)\ASUS Gaming Mouse\hid.exe 2015-12-21 01:55 - 2015-12-21 01:55 - 00292352 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2016-03-24 12:04 - 2016-03-24 12:04 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-02-12 08:46 - 2013-10-23 15:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll 2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll 2016-03-24 11:04 - 2016-03-29 10:26 - 00619840 _____ () C:\Users\SSForce\AppData\Local\Temp\0Kraken71ChromaDevProps.dll 2016-03-21 13:38 - 2016-03-08 04:07 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-02-26 02:29 - 2016-02-26 02:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2016-03-21 11:42 - 2015-10-06 13:26 - 50656768 _____ () C:\Users\SSForce\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2016-03-20 23:07 - 2016-03-10 18:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-03-20 23:07 - 2015-07-03 10:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-03-20 23:07 - 2016-03-28 15:34 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll 2016-03-20 23:07 - 2015-07-03 10:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-03-20 23:07 - 2015-07-03 10:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-03-20 23:07 - 2016-02-08 17:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-03-20 23:07 - 2016-02-08 17:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-03-20 23:07 - 2016-02-08 17:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-03-20 23:07 - 2016-02-08 17:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-03-20 23:07 - 2016-02-08 17:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-03-20 23:07 - 2016-03-28 15:34 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-20 23:07 - 2016-02-17 16:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-03-21 11:42 - 2015-10-06 13:26 - 01874944 _____ () C:\Users\SSForce\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2016-03-21 11:42 - 2015-10-06 13:26 - 00075264 _____ () C:\Users\SSForce\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2016-03-20 23:07 - 2016-02-08 19:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-03-24 12:04 - 2016-03-24 12:04 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-03-24 12:04 - 2016-03-24 12:04 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-03-20 22:55 - 2016-03-07 20:48 - 01676440 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libglesv2.dll 2016-03-20 22:55 - 2016-03-07 20:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.87\libegl.dll 2016-03-24 13:13 - 2016-03-21 16:17 - 17541312 _____ () C:\Users\SSForce\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.197\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2231602007-2404555562-4019845178-1001\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-2231602007-2404555562-4019845178-1001\...\aeriagames.com -> hxxp://aeriagames.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 07:25 - 2013-08-22 07:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2231602007-2404555562-4019845178-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\asus\wallpapers\asus.jpg DNS Servers: 186.177.66.3 - 186.177.65.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{E71D3DE2-41AF-463B-8CEA-9F31A2F408C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{078ED6F5-7C19-42E4-829C-AEA34A879C34}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{EEFB1BBA-D0E3-4B13-9F44-9AED4687CE46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{B1A672B6-2447-41EB-9349-208E4F8652F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{5A8DE3C9-B99C-438F-B9E4-C27C9DBBAB02}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{DB66C76D-194A-4EA0-BD97-28BB6A1CA3AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{DDAB9307-0109-4233-91D9-E66830F465F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{A63A8C1D-0C76-4C4E-8DAD-7FA6D0CE9706}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{040481BB-A9F2-4CDE-94FA-3BE1771D13BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{81D5E9C0-6A7F-4925-9DBB-531D8CD439D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{4F4885D1-2117-4E4C-977E-FC87BC0E5D66}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{3242B847-D456-4C8E-AFB4-997B36B42A12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{66B22CE0-430C-4CDB-BEC4-77960167133C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{39C99BD1-5DB5-48BF-B3C7-D99C6D517E22}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A1F3566D-2550-4476-9F8B-CC39D6421E9E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{153197F0-9886-4015-B661-5905CACFDE1E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{23C89988-4AFF-41BE-94B2-B569E09FFBEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F6AB893D-1448-40BA-8681-CE2227E63496}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5258263E-E331-4CE6-8720-E571A175C830}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0C467FAD-37E8-4F80-8D3D-6968A244FCE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{45E277FB-9905-42BC-B9A1-496C896DA608}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{7BB39703-05A1-4A54-B3FD-229FD0EEF2F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{4E0CB28A-10D3-4853-8DEA-B5B8FA209F5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{43D7874C-E9F2-4992-9E33-D983EE185376}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{4BA937CD-7C92-4A84-BA4C-80783FC63573}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{C816B750-53D8-4CA7-89BD-23A2E2665DCE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{7EE01B79-F156-4916-8624-9815D02E6C3D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{5762062D-D433-4763-AEFC-01AAE97B2C21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{89EFD262-16D8-4B8A-9066-8172A5D8A8D4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{7054E14E-3082-4DBF-BD82-96075D41DD54}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8176BBDD-CB33-433B-BC62-D41A3B196B85}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe FirewallRules: [{4F019057-87C4-4064-B639-FBFD52E36A07}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{55C5E6F6-8F0B-4781-B188-089032CF1F86}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{CB46F2ED-CAD4-454B-840F-E00575A37338}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{564A4039-5CE5-402F-8AD0-C0C53DDC38B7}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{AFC1F2DA-D70A-48D8-8B94-5F6156D41CC4}C:\users\ssforce\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ssforce\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{FE6357C8-89DB-4EBE-94EA-2CD38D4456B5}C:\users\ssforce\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ssforce\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{2CC73F17-79D5-4F75-95A6-2CC4FA0F1D3C}C:\users\ssforce\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ssforce\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{1C82B3C8-0A91-4B97-9590-A7E6C6AADF3C}C:\users\ssforce\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\ssforce\appdata\local\akamai\netsession_win.exe ==================== Restore Points ========================= 27-03-2016 18:32:15 Installed DirectX ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/28/2016 09:55:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: explorer.exe, version: 10.0.10586.104, time stamp: 0x4fd0cff9 Faulting module name: explorer.exe, version: 10.0.10586.104, time stamp: 0x56aafa81 Exception code: 0xc000041d Fault offset: 0x000818fa Faulting process id: 0x3fb8 Faulting application start time: 0xexplorer.exe0 Faulting application path: explorer.exe1 Faulting module path: explorer.exe2 Report Id: explorer.exe3 Faulting package full name: explorer.exe4 Faulting package-relative application ID: explorer.exe5 Error: (03/28/2016 09:55:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: explorer.exe, version: 10.0.10586.104, time stamp: 0x4fd0cff9 Faulting module name: explorer.exe, version: 10.0.10586.104, time stamp: 0x56aafa81 Exception code: 0xc0000005 Fault offset: 0x000818fa Faulting process id: 0x3fb8 Faulting application start time: 0xexplorer.exe0 Faulting application path: explorer.exe1 Faulting module path: explorer.exe2 Report Id: explorer.exe3 Faulting package full name: explorer.exe4 Faulting package-relative application ID: explorer.exe5 Error: (03/27/2016 06:32:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (03/27/2016 02:21:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: taskhostw.exe, version: 10.0.10586.0, time stamp: 0x5632d756 Faulting module name: ntdll.dll, version: 10.0.10586.122, time stamp: 0x56cbf9dd Exception code: 0xc0000005 Fault offset: 0x00000000000227d5 Faulting process id: 0x1bc Faulting application start time: 0xtaskhostw.exe0 Faulting application path: taskhostw.exe1 Faulting module path: taskhostw.exe2 Report Id: taskhostw.exe3 Faulting package full name: taskhostw.exe4 Faulting package-relative application ID: taskhostw.exe5 Error: (03/25/2016 09:54:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: dwm.exe, version: 10.0.10586.0, time stamp: 0x5632d756 Faulting module name: ism32k.dll, version: 0.0.0.0, time stamp: 0x5632d752 Exception code: 0xc0000409 Fault offset: 0x0000000000003af8 Faulting process id: 0x16c Faulting application start time: 0xdwm.exe0 Faulting application path: dwm.exe1 Faulting module path: dwm.exe2 Report Id: dwm.exe3 Faulting package full name: dwm.exe4 Faulting package-relative application ID: dwm.exe5 Error: (03/24/2016 11:56:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Potato-aim) Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/24/2016 11:51:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Potato-aim) Description: Activation of app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147009280 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/24/2016 11:47:58 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Potato-aim) Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/24/2016 11:42:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Potato-aim) Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/24/2016 11:39:18 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Potato-aim) Description: Activation of app Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App failed with error: -2147024770 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (03/29/2016 10:26:31 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Steam Client Service service failed to start due to the following error: %%1053 Error: (03/29/2016 10:26:31 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect. Error: (03/29/2016 10:25:42 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (03/29/2016 10:20:02 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (03/29/2016 12:22:53 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {FDA74D11-C4A6-4577-9F73-D7CA8586E10D} Error: (03/29/2016 12:22:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_11a8375f service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (03/29/2016 12:22:52 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable Error: (03/28/2016 03:12:15 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: {F3B4E234-7A68-4E43-B813-E4BA55A065F6} Error: (03/28/2016 02:16:44 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. Error: (03/28/2016 02:16:41 AM) (Source: disk) (EventID: 7) (User: ) Description: The device, \Device\Harddisk0\DR0, has a bad block. CodeIntegrity: =================================== Date: 2016-03-25 09:59:44.649 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 13:13:33.071 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 02:27:49.447 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-03-24 02:00:00.201 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4720HQ CPU @ 2.60GHz Percentage of memory in use: 18% Total physical RAM: 16333.18 MB Available physical RAM: 13317.58 MB Total Virtual: 19277.18 MB Available Virtual: 16022.48 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:248.09 GB) NTFS ==>[system with boot components (obtained from drive)] Drive d: (Data) (Fixed) (Total:542.8 GB) (Free:542.64 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 9FBC6DAB) Partition: GPT. ==================== End of Addition.txt ============================