Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2016 Ran by pc (2016-07-08 16:37:56) Running from C:\Users\pc\Desktop Windows 10 Home Version 1511 (X64) (2015-12-04 09:22:21) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3678415254-164999130-4254716092-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3678415254-164999130-4254716092-503 - Limited - Disabled) Guest (S-1-5-21-3678415254-164999130-4254716092-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3678415254-164999130-4254716092-1004 - Limited - Enabled) pc (S-1-5-21-3678415254-164999130-4254716092-1000 - Administrator - Enabled) => C:\Users\pc ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2014 (HKLM-x32\...\Adobe Premiere Pro CC 2014) (Version: - ) Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated) Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology) ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.3.0 - ASUSTek COMPUTER INC.) ASUS GPU Tweak (x32 Version: 2.8.3.0 - ASUSTek COMPUTER INC.) Hidden AVG (HKLM\...\AvgZen) (Version: 1.72.2.24716 - AVG Technologies) AVG Zen (Version: 1.72.1 - AVG Technologies) Hidden Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - ) AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitTorrent (HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\BitTorrent) (Version: 7.9.7.42331 - BitTorrent Inc.) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden BurnInTest v8.1 Standard (HKLM\...\BurnInTest_is1) (Version: 8.1.1012.0 - Passmark Software) C309g-m (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - ) Catalyst Control Center Next Localization BR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden CELO Enhanced (HKLM-x32\...\{4FF1FEC6-E5F5-49C2-B232-CD8AC9896092}_is1) (Version: 1.0.9.5 - Neffware) Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden Discord (HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\Discord) (Version: 0.0.291 - Hammer & Chisel, Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden Free Easy Burner V 5.1 (HKLM-x32\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft) Furi (HKLM-x32\...\Furi_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Chrome (HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.) Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden Hardware sensors monitor 4.5 (HKLM-x32\...\Hardware sensors monitor 4.5_is1) (Version: 4.5.4.2 - AB Software) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) Homeworld: Deserts of Kharak (HKLM-x32\...\Steam App 281610) (Version: - Blackbird Interactive) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Officejet 6100 Basic Device Software (HKLM\...\{F68DC393-4115-4018-A8B6-600FAE86B218}) (Version: 28.0.1321.0 - Hewlett-Packard Co.) HP Officejet 6100 Help (HKLM-x32\...\{1F670068-9589-4DC7-8FE4-1D0D13AF2526}) (Version: 140.0.2.2 - Hewlett Packard) HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{181AC4C7-B83C-4B5F-B566-E19BF2472429}) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB7A}) (Version: 1.0.16.0 - Hewlett Packard) HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden Intel Security True Key (HKLM\...\TrueKey) (Version: 4.3.145.1 - Intel Security) Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.12.1498 - Intel Corporation) Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.) Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.334.1 - McAfee, Inc.) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.0.11.77 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PS_AIO_06_C309g-m_SW_Min (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-3) (Version: 1.0.3.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) War Thunder Launcher 1.0.1.199 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2012 Gaijin Entertainment Corporation) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) (HKLM\...\BD9D4C72E215B5B7A0FD049943B35C492600C0AF) (Version: 08/11/2009 2.0.0010.00002 - Google, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. ) Word Layers (HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\Word Layers) (Version: 3 - wordlayersapp.com) XviD & MP3 Codec Pack (remove only) (HKLM-x32\...\XviD & MP3 Codec Pack_is1) (Version: - ) XviD MPEG-4 Video Codec (HKLM-x32\...\XviD_is1) (Version: XviD-1.0.3-20122004 - XviD Team (Koepi)) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3678415254-164999130-4254716092-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\pc\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {07ED9ED8-FF54-465F-AE8D-70E9414CF59C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {0A07FBF7-D976-4C8D-A0CB-06111DB6BE3A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {0C07821C-00DC-446D-8E53-906C1A9F5A1A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {0CD9843A-64C5-4A80-9F8D-849118C890AE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {1474E004-DB00-49E3-8D81-3471D188FDF8} - System32\Tasks\{4701953E-E8B1-4B73-A9D3-B7E53890901C} => pcalua.exe -a "C:\Users\pc\Downloads\wlsetup-web (1).exe" -d C:\Users\pc\Downloads Task: {1FBADA33-C5AD-46A1-A679-E0DEAD723FD6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {2667EC0D-C33F-405E-B200-3DAA98251233} - System32\Tasks\{1F91CEBC-B160-49B1-9002-BF9508DF51DB} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{532F6E8A-AF97-41C3-915F-39F718EC07D1} /l1033 Task: {33B3BEB2-1C2E-4CCA-A44C-77CDE0836C97} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {36AF931F-D354-4320-8EC4-0C735640348D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {3D14FC2E-E34C-4323-8386-9DBF668D14C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-21] (Microsoft Corporation) Task: {3E9EAF64-BFA6-4DC9-B8B0-DD8B3EE367B9} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {44CE6BF4-A78B-442A-8FB8-A9DA0FE94913} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {4DB63699-4796-4EED-9A01-6A22B68A2D71} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {63BCE684-4855-453E-9B56-06588AEE8500} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {69AB1CBF-4F82-4C1B-9C62-D776C1EE564E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {6BB5207C-6581-49B5-AB9E-149E60DE5980} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {704753B6-F4E8-4AB3-8C20-7ADD7F288556} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {790DEB9E-6326-449F-B1FE-8C0A00E1E580} - System32\Tasks\{923DBB0A-B218-46EE-BD8F-C430B93C73DF} => pcalua.exe -a D:\Programs\steam\steam.exe -c steam://uninstall/230410 Task: {7FFEA382-CCF0-406A-8C79-01BC2BB246B2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-17] (Dropbox, Inc.) Task: {854DB5C4-65F6-4103-A429-3BF4781EF6F0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {93F01FAD-D026-40A7-A2A4-C37E5A551AA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {9A485AC7-B278-433E-A65F-2E240EBFE7D7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {9BF557CA-263A-41AA-9A41-19C07B7A4606} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {9C2FB230-97EF-41A1-8831-1D337578D017} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {A1504099-3311-44F2-A8A6-1C1920AE8DCB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {A2D361EC-CCCE-401E-B71E-77FB9E56367A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {A35E8337-600B-41B1-83C6-FF72907773CD} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {A74B21A4-5C29-492F-8EDF-EF4562A8C37B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {AD5D9744-71B8-4600-B1AB-60F5437D4713} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {BAD9FC10-6811-4316-8774-08E94845178B} - System32\Tasks\{4597566D-D8B0-4C61-B59D-6BDA7B8F36EC} => pcalua.exe -a "C:\Users\pc\Downloads\amddriverdownloader (1).exe" -d C:\Users\pc\Downloads Task: {BC5BD6A5-2DA7-4E6A-9F86-F0833202E101} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {C9E5C815-6FFC-4F0A-AABB-8EBE4B01DC52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {CA4303DC-6788-4945-A9E7-27ACE1A51FE3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {CB553309-EA9A-4BC2-B905-22BA0BA45C48} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {CC25B82C-11FD-4350-87A5-F56464B23058} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {CF2EBF87-8F70-4947-A5DC-A7C42B559B29} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {D0525C26-0A93-42F8-A054-6437F42D490A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-20] (Adobe Systems Incorporated) Task: {D0FBD527-F355-456A-8F94-78C5B6EC0A84} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {DC351D45-7520-42E6-ACC5-74ABB73D1A82} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {E1EBC109-3201-4152-B002-190E5472DA03} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {E68A07BF-D847-48C6-9765-8A4524D95A62} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {E7105538-0F40-4E84-9CB9-F447D3A3F690} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {EA54B417-2831-41FC-88A6-488FBBD9D667} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {EBAFF8B1-DDF1-4311-9D0A-382181DA1879} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {ECE9738F-06E9-4ADB-8B1B-D3428033B18C} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {F468C626-C624-4C2B-A835-0B34C6CA7E7D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F838AEF1-3C76-490A-ABD5-CDF3776EA2D0} - System32\Tasks\{A0E45A5D-4127-40C0-B501-83936C29250F} => pcalua.exe -a G:\Setup.exe -d G:\ Task: {FB62FF0D-8D21-476A-8FBC-5CB8FBC82582} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {FC0123C2-6CFB-492C-A101-1D78633C6656} - System32\Tasks\{DF3106F3-51A8-49E7-B227-512F602C266C} => pcalua.exe -a C:\Users\pc\Desktop\setup.exe -d C:\Users\pc\Desktop Task: {FC5F4E35-37E1-42B6-A0B9-2F5A8D90C9D5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-17] (Dropbox, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_vVX3000_exe.job => C:\WINDOWS\vVX3000.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> hxxp://www.mail.ru/cnt/20775012?gp=811008"4C:\Users\pc\AppData\Local\Mail.Ru\Sputnik\MailRu.ico (No File) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2014-01-25 15:44 - 2013-10-23 16:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-09-20 16:32 - 2012-09-11 16:54 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe 2013-10-09 23:24 - 2014-04-25 12:49 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2010-12-01 22:15 - 2010-12-02 10:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe 2016-04-13 13:12 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 13:12 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-17 18:59 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 17:51 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-20 17:58 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-20 17:58 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-20 17:58 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-20 17:58 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-06 20:07 - 2015-03-06 20:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2016-02-17 19:01 - 2016-02-17 19:01 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-06 20:07 - 2015-03-06 20:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2016-02-17 19:01 - 2016-02-17 19:01 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2015-12-09 03:59 - 2015-12-09 03:59 - 00580296 _____ () D:\MSI Afterburner\MSIAfterburner.exe 2012-09-20 16:32 - 2016-07-08 16:25 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll 2012-09-20 16:32 - 2012-09-11 16:52 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll 2016-07-04 22:38 - 2016-06-02 17:40 - 02779832 _____ () C:\Users\pc\AppData\Local\Discord\app-0.0.291\libdiscord.dll 2016-07-04 22:38 - 2016-06-02 17:40 - 01746104 _____ () C:\Users\pc\AppData\Local\Discord\app-0.0.291\ffmpeg.dll 2016-07-04 22:38 - 2016-06-02 17:40 - 00244920 _____ () \\?\C:\Users\pc\AppData\Local\Discord\app-0.0.291\resources\node_modules\discord_toaster\discord_toaster.node 2016-07-04 22:38 - 2016-06-02 17:40 - 01843896 _____ () C:\Users\pc\AppData\Local\Discord\app-0.0.291\libglesv2.dll 2016-07-04 22:38 - 2016-06-02 17:40 - 00020664 _____ () C:\Users\pc\AppData\Local\Discord\app-0.0.291\libegl.dll 2016-07-08 16:27 - 2016-07-08 16:27 - 00140800 _____ () \\?\C:\Users\pc\AppData\Local\Temp\6EAE.tmp.node 2016-06-20 18:26 - 2016-06-15 05:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-20 18:26 - 2016-06-15 05:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2015-12-07 12:43 - 2015-12-07 12:43 - 00071680 _____ () D:\MSI Afterburner\RTMUI.dll 2015-12-07 12:43 - 2015-12-07 12:43 - 00057856 _____ () D:\MSI Afterburner\RTFC.dll 2015-12-07 12:44 - 2015-12-07 12:44 - 00225792 _____ () D:\MSI Afterburner\RTCore.dll 2015-12-07 12:43 - 2015-12-07 12:43 - 00357888 _____ () D:\MSI Afterburner\RTUI.dll 2015-12-07 12:44 - 2015-12-07 12:44 - 00657408 _____ () D:\MSI Afterburner\RTHAL.dll 2012-10-06 19:36 - 2012-05-10 15:03 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-06-20 18:26 - 2016-06-15 05:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF [129] AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8 [169] AlternateDataStreams: C:\ProgramData\TEMP:A3E1F4EF [125] AlternateDataStreams: C:\ProgramData\TEMP:C1F4198F [109] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2016-06-23 20:45 - 00002064 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net 0.0.0.1 mssplus.mcafee.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3678415254-164999130-4254716092-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\Desktop\Furi_Poster-630x430.png DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Officejet 6100 (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Officejet 6100 (Network).lnk.Startup MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: BitTorrent => "C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Programs\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: hmonitor => C:\Program Files (x86)\Hmonitor\hmonitor.exe MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk" HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk" HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run: => "AtherosBtStack" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "IDSCCOMZP2" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "ASUS ShellProcess Execute" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "AvgUi" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\StartupApproved\Run: => "BingSvc" HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\StartupApproved\Run: => "Microsoft Security x64" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{3420FA3A-149F-4741-984E-29CE792A66A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9808A473-AA94-43AF-8260-E95680ACA0F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{EF7F51C7-58BF-42F1-8C52-BE42A89E5752}D:\games\war thunder\forcesinglegpu.exe] => (Block) D:\games\war thunder\forcesinglegpu.exe FirewallRules: [TCP Query User{B659FFCC-047A-409E-9BEE-EA2A1F39BA39}D:\games\war thunder\forcesinglegpu.exe] => (Block) D:\games\war thunder\forcesinglegpu.exe FirewallRules: [{3DE82E72-6A53-4FB2-B9E4-E9D75900B7D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{74269A51-5C9B-45FA-94A1-8E0B429F58D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CBB2995D-EFA9-41D0-B9A4-0C79583B1F78}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7536C8C6-EDB0-45F4-AE92-89004A5F0648}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{459ECB08-1A4D-4E5D-8B5E-90F0BC416607}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{97A344F1-BADD-436D-918A-BDF388436F4B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{EF27F6F7-90EC-4DCB-8434-61AA12D2533B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{78388472-AD0D-4122-9BE2-52DCFDFE6F94}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{6B99DAAD-0EF9-4393-A004-9B97F60C46C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{00FC6D4F-FC81-43B6-A067-C49A27D0DF15}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{94869CC5-8D44-41B0-BC8B-2EFFD1E756F7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{1D9E4907-1026-473F-B54B-01602CA87C09}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{5CD798B9-3D80-4C95-84F7-332EF7122DBE}] => (Allow) LPort=51001 FirewallRules: [{AEDFA842-A89A-46C7-AE15-1461B29C91EB}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe FirewallRules: [{F5D2D2FB-7E07-4F10-9B7A-2E98FF04AFFE}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe FirewallRules: [{B7999089-9A01-4D5C-851F-6D1729ADDFBD}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe FirewallRules: [{6D6365A2-BFE7-4CEB-B2AD-2A7A59E2DDEF}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe FirewallRules: [UDP Query User{CA5B7FCF-72A5-449D-9FAE-129E79D75AB7}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\far cry 4\bin\farcry4.exe FirewallRules: [TCP Query User{A7EF7547-726B-447D-BC35-66B03C7BCEE3}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{63FC4F3B-2F76-4A77-BC8F-C2C8038A08B1}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe FirewallRules: [TCP Query User{5B68A0F6-A0B8-4F28-89AE-B899A56CAF09}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe FirewallRules: [{F8103068-9ED8-459A-8A81-719F33D20BC8}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe FirewallRules: [{85B9037D-808C-42AA-AEEF-D6471216EA9B}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe FirewallRules: [{71F94572-2CA4-4890-B87D-BACD9860C043}] => (Allow) D:\Programs\steam\bin\steamwebhelper.exe FirewallRules: [{3DE6B8FB-71CF-4321-98FF-E75615D38BAB}] => (Allow) D:\Programs\steam\bin\steamwebhelper.exe FirewallRules: [UDP Query User{663F7BA0-DAA5-45CB-9E72-DF89C7B2072B}C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{75D6AE8B-983C-4E81-BF7B-A2E14AD9CC5F}C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{840B215B-4611-403D-BD0C-7CDED4B0E909}] => (Allow) LPort=1900 FirewallRules: [{2E7DFFEF-8038-4705-B665-40419F7B10CE}] => (Allow) LPort=2869 FirewallRules: [{A9D3DD85-863E-411C-94D4-1986462143E8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5F775F53-B40D-4813-B693-BAA53A1ABEEE}] => (Allow) C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{A486A601-5EDC-4838-B505-0A2B4C174894}] => (Allow) C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{23BC9E76-2EE2-46EE-BFAC-161E2F9C703C}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{954D40E0-CFDA-45AA-BA48-A884FA93C3AA}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{3649D3DC-8E53-4FEA-BDB9-C9E4CB9C12DE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{B853C467-CE81-42C8-9D2A-3926C4E45080}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{16FD298A-44D3-420D-9E09-E59A96714AAA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{01167D9A-1E96-4909-9A69-271F7C654EAA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{FE1127F4-CD5A-44C6-9329-E95CD81509F6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{8D72D9AF-017A-441F-BA2B-4F2FB0E3E966}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{C9DF7B1F-D2FE-44A0-BE2B-628314EFA8FA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{4EF02500-4CC0-4931-B65B-C1B6F78ABE3F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{F2F753FD-8B8E-4894-982C-6B4E7F1B6E50}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5F00181F-A11C-48C3-88F6-38658ED6012F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5A5BBC6D-6C15-42A3-9BD7-3283E2CC6D18}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5EAAE74F-221C-4F3D-B3DB-BA7BF93F3406}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [UDP Query User{54347776-7AB6-487B-B6BD-852413B9AA36}D:\programs\steam\steamapps\common\war thunder\launcher.exe] => (Block) D:\programs\steam\steamapps\common\war thunder\launcher.exe FirewallRules: [TCP Query User{045337D9-5856-43CE-A793-5932D35570AB}D:\programs\steam\steamapps\common\war thunder\launcher.exe] => (Block) D:\programs\steam\steamapps\common\war thunder\launcher.exe FirewallRules: [{31921910-9421-402F-8667-DF017195051F}] => (Allow) F:\RouterSetup\QISWizard.exe FirewallRules: [{C85195DC-51E1-462C-A122-A71456F80E3F}] => (Allow) F:\RouterSetup\QISWizard.exe FirewallRules: [{1D827F48-39C3-4E40-A26B-16B0706B664D}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{C8D796B3-201D-4671-88BF-537EDC02FF90}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{E170CA5E-3E0F-428B-9FE4-8704C0918073}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{E2EC8651-E84F-444B-A943-E2F91A86DB84}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{E69246B4-DA10-4E54-A712-907A8E619B8B}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{59B883D4-7F3D-4CA1-A2DD-2977E39D7C7A}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{B0877868-9A4E-4CC9-BDCA-BE975A3BCE7D}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{19735BA8-7C53-41E6-A5A9-E6F1C146ECCA}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{5E17DE15-0E0E-42E7-BA1E-82A557EC914C}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{8EBD35CA-25FC-451B-B528-1E9E025AEE3D}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{29C38F1C-1426-4C0F-8AF2-8F97263EFD09}] => (Allow) D:\programs\steam\steamapps\common\company of heroes 2\reliccoh2.exe FirewallRules: [{CAAEB450-2E14-4A75-99FD-D7653B1158DF}] => (Allow) D:\programs\steam\steamapps\common\company of heroes 2\reliccoh2.exe FirewallRules: [{70704BC2-E292-49E7-82B3-8EE76C332370}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{F77C2803-09D3-400E-B9C9-57C7C514FAA6}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{64CA7F09-A30B-4211-922D-001BB1111B1E}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{40853E02-6962-459D-9AB3-4B1D5517BFD8}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{88210114-ED79-47C0-888E-D3BA10CCA5EB}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{6A19E04E-991B-4847-AAC8-42E0831A2C5A}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{2B74B627-5282-4A47-BA43-416E102971E8}] => (Allow) C:\Program Files\HP\HP Officejet 6100\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{BAD8BE16-7374-48E2-964F-2D69A6154CA5}] => (Allow) C:\Program Files\HP\HP Officejet 6100\Bin\HPNetworkCommunicator.exe FirewallRules: [{FEFE3A63-F40F-4C6B-8D8E-9F24382DEA7F}] => (Allow) C:\Program Files\HP\HP Officejet 6100\Bin\DeviceSetup.exe FirewallRules: [{38985018-E537-4ED2-B346-25A5662E6CD8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{223BC680-2219-45B8-8651-B77126BC84AF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{24F281BE-61D0-4B1E-A0D4-76074FC3A70E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{28741D7F-0FDE-4F02-A789-0DD316393198}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{27037998-9F30-4D15-8558-E0490F3D9928}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E06E8EC4-8991-4903-A0C4-7CE25A3D0C80}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [UDP Query User{6B64B4AF-DD87-4D04-84C3-122059EA4F5D}D:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\aces.exe FirewallRules: [TCP Query User{36FEC306-4B51-4756-A0B4-BE9A141C47AD}D:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\aces.exe FirewallRules: [UDP Query User{3AB448ED-5E8B-4E03-A96B-3CB5832D0471}D:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\aces.exe FirewallRules: [TCP Query User{3B82ACA9-C20B-44BC-A494-F587163C7927}D:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\aces.exe FirewallRules: [UDP Query User{32D5FB9F-96A1-4E82-A826-8DBB1A369C85}D:\games\xcom\binaries\win32\xcomgame.exe] => (Block) D:\games\xcom\binaries\win32\xcomgame.exe FirewallRules: [TCP Query User{3749B315-C26F-4965-A625-48D96F4C92A8}D:\games\xcom\binaries\win32\xcomgame.exe] => (Block) D:\games\xcom\binaries\win32\xcomgame.exe FirewallRules: [UDP Query User{0A8EA52C-2E07-4E08-94D2-6F27B3E458D1}D:\games\xcom\binaries\win32\xcomgame.exe] => (Block) D:\games\xcom\binaries\win32\xcomgame.exe FirewallRules: [TCP Query User{5434B940-BB5E-432B-83EF-56637550CD83}D:\games\xcom\binaries\win32\xcomgame.exe] => (Block) D:\games\xcom\binaries\win32\xcomgame.exe FirewallRules: [UDP Query User{DD1FFB6A-E54C-47D0-BB92-55362974C490}D:\programs\steam\steam.exe] => (Allow) D:\programs\steam\steam.exe FirewallRules: [TCP Query User{9248D824-FD02-4B3F-B7C7-EC85228CACE2}D:\programs\steam\steam.exe] => (Allow) D:\programs\steam\steam.exe FirewallRules: [{EB06B5C3-17E3-4936-8D9F-DB8F1479E725}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{E58FAD73-FF3B-4E2E-B911-E36DEC3F2D93}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{4FC11BD5-C27E-41DD-8F64-1B48F042C7E0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{7202B245-1D3C-476A-9037-EAB3BF770141}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{EE47F2A3-BC03-43B3-91A8-23DBF2D2031A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{46652A90-D337-45AC-9240-7AA5E5A3A57B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{2A3C4019-ABAA-4425-ADC5-B319D2FBFF42}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{85257F0B-E623-4521-85B8-8C6778735D3A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{8913A8B2-7DFD-4B4D-89C5-53D47950DA0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{92C9B836-9BB4-4CE3-92EB-CBBFBA746FE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{D59FC032-A86F-4ABA-B83C-ACFA18433293}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{D87FA8B2-3F11-406E-B3A2-2E4E7375CD97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{0C083170-C606-4C53-94B9-86837D778927}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{DDEEC382-486A-488F-AC64-75CBDEBCFD9B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{E1CF27A6-EA01-4AA1-B6E6-0D8E95F2C95F}] => (Allow) D:\Programs\steam\Steam.exe FirewallRules: [{64886294-B61F-4CA8-A30B-9ED20590851D}] => (Allow) D:\Programs\steam\Steam.exe FirewallRules: [{F8325B53-FB7B-4435-9C94-EC9FFD0008D3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{EAF4A554-D0F9-4F59-AF02-BC100438E557}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{29B7E092-37CB-4170-9ABE-43F8C2B97C8E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{A36CC620-262D-417C-AD16-AFD94937D871}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{34366217-D7EC-4E0B-AC5A-08F98A54A48A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{D150CE2B-36D1-490C-9724-BEE15170F240}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{3F226759-A6D3-4B0E-B07F-F5CF119649B0}] => (Allow) D:\Programs\steam\steamapps\common\Deserts of Kharak\DesertsOfKharak64.exe FirewallRules: [{12F46638-14D2-4668-B262-CDB2D9853766}] => (Allow) D:\Programs\steam\steamapps\common\Deserts of Kharak\DesertsOfKharak64.exe FirewallRules: [{6E51189A-3FC5-4AC2-81C3-5CC9E2BFF15C}] => (Allow) D:\Programs\steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [{B2333125-5FE7-4856-9433-90CD49D1780C}] => (Allow) D:\Programs\steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [TCP Query User{866C6036-3097-45AE-9F0E-72C02D59970E}D:\programs\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\win64\aces.exe FirewallRules: [UDP Query User{1DA044B5-E8A8-4E8E-AC26-A2E546780E0E}D:\programs\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\win64\aces.exe FirewallRules: [TCP Query User{FBA0503C-D190-4904-9FC4-01B0245EB00D}D:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2\binaries\win64\xcom2.exe FirewallRules: [UDP Query User{B6BB6A32-DFA1-438A-85B3-BE9E859931B9}D:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2\binaries\win64\xcom2.exe FirewallRules: [TCP Query User{3D431F14-1B05-4A6B-A8D0-B66A6E7060EF}D:\games\war thunder\launcher.exe] => (Allow) D:\games\war thunder\launcher.exe FirewallRules: [UDP Query User{BD26F955-C3B1-472B-A59F-EE8FA0816BCF}D:\games\war thunder\launcher.exe] => (Allow) D:\games\war thunder\launcher.exe FirewallRules: [{D2FA9E22-389D-4FE0-8F58-AD337CAA6989}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{D57BA82F-3510-4563-A27C-595CBA11F981}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{2DFB5DCE-9635-40FB-BE49-FE61D99B2E03}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{CBEC76E4-5257-4850-8B11-DB5C7A3DFA87}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{9C97AF9E-D113-478C-A1E9-2058313D26CF}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{BFDE77AE-498B-435E-896D-B17996067947}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [TCP Query User{2C98CE56-CB6B-47EC-ADB8-A257C222A5C7}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe FirewallRules: [UDP Query User{1005F306-79CF-4456-98AC-E91AA4FBA962}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe FirewallRules: [TCP Query User{C310401E-F938-41E1-B5EC-85C54A64EF17}C:\program files (x86)\laview\laview.exe] => (Allow) C:\program files (x86)\laview\laview.exe FirewallRules: [UDP Query User{82AA12D8-8D5E-4CFD-929F-0F2F8A80B084}C:\program files (x86)\laview\laview.exe] => (Allow) C:\program files (x86)\laview\laview.exe FirewallRules: [{B7C398C2-DCCD-4B9A-8C59-0A1CB4DCB4E5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{F24CBD8F-B4E0-42EC-A939-FB40DFED3E84}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{A036DD25-D70C-4F2A-9C58-348ED45CD6C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{CA2C23C1-62C6-49FA-B567-CC3D3325909C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [TCP Query User{DC8F6B62-65D6-46AF-8662-52EC95FE101F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{3BC6DB2C-B6A0-4A73-A414-3AE9329527FA}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{8BCC8809-5833-47C7-8754-43670FAAF011}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{5CFE6C22-ADE4-4451-B937-FAD93017F32B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{3F60AA24-0D80-4636-8AA8-F8DF3545DED1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{F0E2391B-B1F3-4DC1-844D-B35E5C48E52D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{9ED0DF44-71BC-45E1-AA5F-E50D325C2853}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{45325E8C-6F21-49F1-90E4-78B655B2182D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe ==================== Restore Points ========================= 05-07-2016 18:13:17 Scheduled Checkpoint 07-07-2016 22:54:46 AA11 ==================== Faulty Device Manager Devices ============= Name: High Definition Audio Bus Description: High Definition Audio Bus Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: AMD Service: HDAudBus Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/07/2016 10:55:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/06/2016 04:40:25 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SystemSettingsBroker.exe, version: 10.0.10586.0, time stamp: 0x5632d7b4 Faulting module name: SettingsHandlers_Notifications.dll, version: 10.0.10586.0, time stamp: 0x5632d70b Exception code: 0xc0000005 Fault offset: 0x000000000002b7d1 Faulting process id: 0x1e7c Faulting application start time: 0xSystemSettingsBroker.exe0 Faulting application path: SystemSettingsBroker.exe1 Faulting module path: SystemSettingsBroker.exe2 Report Id: SystemSettingsBroker.exe3 Faulting package full name: SystemSettingsBroker.exe4 Faulting package-relative application ID: SystemSettingsBroker.exe5 Error: (07/06/2016 04:40:25 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.10586.420 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1448 Start Time: 01d1d790ce35f776 Termination Time: 211 Application Path: C:\Windows\explorer.exe Report Id: dcf0e0e4-43b9-11e6-b4e2-0026833bc06c Faulting package full name: Faulting package-relative application ID: Error: (07/06/2016 12:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1078 Error: (07/06/2016 12:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1078 Error: (07/06/2016 12:43:31 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (07/05/2016 06:13:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/05/2016 12:25:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 1063 Error: (07/05/2016 12:25:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 1063 Error: (07/05/2016 12:25:41 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second System errors: ============= Error: (07/08/2016 04:25:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The InstallerService service failed to start due to the following error: %%2 = The system cannot find the file specified. Error: (07/08/2016 04:25:37 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (07/08/2016 04:25:14 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: AiChargerPlus.sys Error: (07/08/2016 04:24:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Search service failed to start due to the following error: %%3 = The system cannot find the path specified. Error: (07/08/2016 04:24:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_1e328c service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/08/2016 04:24:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/08/2016 04:24:11 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (07/08/2016 04:24:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Intel Security True Key Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (07/08/2016 04:24:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Apple Mobile Device Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. Error: (07/08/2016 04:24:10 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-07-08 16:39:26.710 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:39:26.701 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:24:22.205 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:24:22.195 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:24:22.184 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:24:22.170 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:24:22.085 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:21:17.203 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:21:17.194 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-08 16:20:28.944 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Percentage of memory in use: 20% Total physical RAM: 15583.14 MB Available physical RAM: 12314.73 MB Total Virtual: 31455.14 MB Available Virtual: 27998.77 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:243.6 GB) (Free:63.22 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:687.37 GB) (Free:486.24 GB) NTFS Drive e: (New Volume) (Fixed) (Total:91.75 GB) (Free:23.3 GB) NTFS Drive g: (Toms Expansion) (Fixed) (Total:3725.9 GB) (Free:3514.52 GB) NTFS Drive z: (New Volume) (Fixed) (Total:74.46 GB) (Free:68.18 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D21ADCE0) Partition 1: (Active) - (Size=243.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) Partition 3: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 74.5 GB) (Disk ID: D0F4738C) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Not Active) - (Size=74.5 GB) - (Type=42) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 91.8 GB) (Disk ID: E686F016) Partition 1: (Active) - (Size=91.7 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 3726 GB) (Disk ID: FB952065) Partition: GPT. ==================== End of Addition.txt ============================