Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-06-2016 01 Ran by Brad (2016-06-24 08:00:35) Running from C:\Users\Brad\Desktop Windows 10 Home Version 1511 (X64) (2015-12-02 02:03:28) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1061724313-1516444972-2292327885-500 - Administrator - Disabled) Brad (S-1-5-21-1061724313-1516444972-2292327885-1000 - Administrator - Enabled) => C:\Users\Brad DefaultAccount (S-1-5-21-1061724313-1516444972-2292327885-503 - Limited - Disabled) Guest (S-1-5-21-1061724313-1516444972-2292327885-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1061724313-1516444972-2292327885-1002 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Citrix Online Launcher (HKLM-x32\...\{E5F6D26D-E180-4547-A865-565EAB61000C}) (Version: 1.0.362 - Citrix) Consumer Input Update Helper (x32 Version: 1.3.25.309 - Compete Inc.) Hidden <==== ATTENTION DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd) HP Support Solutions Framework (HKLM-x32\...\{E35601C0-BA8E-4F32-919A-C7EF4CA81F67}) (Version: 11.51.0048 - Hewlett-Packard Company) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel® PROSet/Wireless WiFi Software (HKLM\...\{181BBF43-CA17-4E1A-A78D-81E67A57B8A4}) (Version: 15.02.0000.1258 - Intel Corporation) IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan) Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation) NVIDIA GeForce Experience 2.4.3.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.3.22 - NVIDIA Corporation) NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.2 - Panda Security) Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) RealFlight G4 R/C Simulator (HKLM-x32\...\RealFlightG4Pro) (Version: - ) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6312 - Realtek Semiconductor Corp.) RollerCoaster Tycoon 2 Triple Thrill Pack (HKLM-x32\...\GOGPACKRCT2_is1) (Version: 2.0.0.6 - GOG.com) RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd) Search module (HKLM-x32\...\Search module) (Version: - Goobzo) <==== ATTENTION SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.4.3.22 - NVIDIA Corporation) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1061724313-1516444972-2292327885-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0BB51C1A-2C51-44C4-B4E3-E4C4DB45A19F} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {22C72B7B-17D7-4A82-B33E-5CFC7DBCD6F3} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-20] (Microsoft Corporation) Task: {3141BA3D-0494-45C7-976D-E8D1ED2B61B9} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {47B81801-A58A-4872-BA68-4FB764D0FBAF} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {5954A446-E60E-4284-8152-6CD0D989F4AB} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {6856AA0C-04C9-49AF-BD83-390576E248BF} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {6F55E302-509F-44F0-9962-4220CE2A36B0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {7A2B2356-BC35-4D5B-AA7D-052FF3BFAA35} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {7A2F6459-AD40-4D5E-844D-2E77BCBCCC22} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {80CE7B60-2B0C-4E2C-9AB5-8BB92C29506E} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {8A6AED65-D370-46C7-9218-C1150DF3A52A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {985E8B9B-23FF-4AD0-AF1B-ACBD50384898} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {9CCE3209-C199-47BE-822E-AFC27AD68A30} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {A0A54B5A-48B7-4C97-AED3-7D47DF2E0B4E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {A7105055-46F0-4DD1-8EB8-B4DB92B77C35} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {AC65EF3E-0197-45F7-A429-0B5B23B1B567} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {B1B18EA0-F72D-4491-B328-4A73934C893A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {BA0528E3-045C-4919-9286-E400701262E9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {BE9F00FD-EB87-4692-997D-7A4CABC69B04} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {DE8488E3-F286-4D99-B1D3-9A20419A101F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {DFDD4498-4CCB-4731-AB51-63D113D12438} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {E4330FB3-EF10-469D-95DF-83AD2F29CB0F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {FF10D043-BD48-4BC8-AEB7-0AB4D889BFE4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Brad\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files\Internet Explorer\iexplore.bat (No File) Shortcut: C:\Users\Brad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File) Shortcut: C:\Users\Brad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File) Shortcut: C:\Users\Brad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sеаrсh (2).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File) Shortcut: C:\Users\Brad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sеаrсh.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.bat (No File) ShortcutWithArgument: C:\Users\Brad\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Lаunсh Intеrnеt-Ехplоrеr Вrоwsеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat () -> hxxp://www%2dsearching.com/?prd=set_epc&s=G6Ozftpbl0cshmoAQ,429d1783-9bd1-470f-990d-cc4a7ecc6c20, ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-01 20:39 - 2015-07-22 21:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-03-18 22:56 - 2016-03-18 22:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-04-14 18:41 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-14 18:41 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-28 10:21 - 2016-05-28 10:21 - 00959168 _____ () C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2016-04-19 20:27 - 2016-04-19 20:28 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-17 14:44 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 16:37 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-20 19:10 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-20 19:10 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-20 19:10 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-20 19:10 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-01 22:00 - 2015-06-01 22:00 - 00102912 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-04-12 13:23 - 2013-04-12 13:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll 2016-04-19 20:27 - 2016-04-19 20:28 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-04-19 20:27 - 2016-04-19 20:28 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-05-28 10:21 - 2016-05-28 10:21 - 00679624 _____ () C:\Users\Brad\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\...\dell.com -> dell.com ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2016-06-23 20:01 - 00001006 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brad\Downloads\Airplane-wallpaper-152.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-1061724313-1516444972-2292327885-1000\...\StartupApproved\Run: => "fastweb" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{4CA0DD86-FC58-4AA4-8A0E-38049E08451C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A9265390-1D36-4B39-A509-C32A29EE21F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2240E34B-C757-4071-91D5-668BDD09CFA2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{00680DD6-93EC-4A12-A840-C6D76DA33293}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{2FB86365-DDC3-4C56-8C80-E142E32FA3B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{5E05F36C-1D98-4A59-AF17-1C010D52741C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{5A82CFA5-85EB-4279-A3DC-7D07B420DFA4}] => (Allow) C:\Users\Brad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{98571516-2521-48E9-8D61-C856B8328D45}] => (Allow) C:\Users\Brad\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{1F601DD0-263F-4103-B003-1A7A7A168F5D}C:\program files (x86)\xxxchurch\x3watch\x3watch.exe] => (Allow) C:\program files (x86)\xxxchurch\x3watch\x3watch.exe FirewallRules: [TCP Query User{250C089E-EBD0-4238-B6D6-58A3E9FB2638}C:\program files (x86)\xxxchurch\x3watch\x3watch.exe] => (Allow) C:\program files (x86)\xxxchurch\x3watch\x3watch.exe FirewallRules: [{6799F6D2-8F0F-4FA1-8CEA-C982EF305D14}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [TCP Query User{7E040A85-BFEB-4A1A-9A63-A95717D88072}D:\easysetupassistant\tl-wdr4300\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wdr4300\easysetupassistant.exe FirewallRules: [UDP Query User{9BE3A37E-BA46-4AA8-9F16-B4101C8B6B60}D:\easysetupassistant\tl-wdr4300\easysetupassistant.exe] => (Allow) D:\easysetupassistant\tl-wdr4300\easysetupassistant.exe FirewallRules: [TCP Query User{EA3175D0-6567-455D-BCBF-CB30793B20A1}C:\program files (x86)\xxxchurch\x3watch\x3watch.exe] => (Block) C:\program files (x86)\xxxchurch\x3watch\x3watch.exe FirewallRules: [UDP Query User{614D2605-4277-4522-BD4A-AB547A59B2E5}C:\program files (x86)\xxxchurch\x3watch\x3watch.exe] => (Block) C:\program files (x86)\xxxchurch\x3watch\x3watch.exe FirewallRules: [{61CADED7-5A20-48C4-B2A5-D92267635298}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F3DA0AEB-712D-48BE-859E-280B7E5C409F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7C58E874-B755-48EF-9FF6-5FCDB6976B8B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{3A720B5B-8473-4654-AEB2-CFDFB7A68AD9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4968B397-7189-4471-9FEA-57BE2C8380C6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{38F1E029-00D2-4EBD-BF22-9A85C7D4DE75}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{E213E199-4180-4D2A-8390-90E34D404F12}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9B46A147-CA68-484C-8201-63D60E17105D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4BAF7645-11C9-4C24-93FA-BD08A81BFF7A}] => (Allow) C:\Program Files\iTunes\iTunes.exe ==================== Restore Points ========================= 08-06-2016 11:35:34 Scheduled Checkpoint 20-06-2016 19:30:39 Windows Update 20-06-2016 19:31:36 Windows Update ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (06/24/2016 07:57:57 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (06/24/2016 07:57:54 AM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (06/24/2016 07:57:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (06/24/2016 07:57:08 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_3532b service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz Percentage of memory in use: 18% Total physical RAM: 8086.16 MB Available physical RAM: 6609.66 MB Total Virtual: 9992.16 MB Available Virtual: 8537.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.22 GB) (Free:379.03 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A6415B24) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== End of Addition.txt ============================