Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2016 Ran by pc (2016-07-09 18:43:11) Running from C:\Users\pc\Desktop Windows 10 Home Version 1511 (X64) (2015-12-04 09:22:21) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3678415254-164999130-4254716092-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3678415254-164999130-4254716092-503 - Limited - Disabled) Guest (S-1-5-21-3678415254-164999130-4254716092-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3678415254-164999130-4254716092-1004 - Limited - Enabled) pc (S-1-5-21-3678415254-164999130-4254716092-1000 - Administrator - Enabled) => C:\Users\pc ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.199 - Adobe Systems Incorporated) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2014 (HKLM-x32\...\Adobe Premiere Pro CC 2014) (Version: - ) Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated) Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology) ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.3.0 - ASUSTek COMPUTER INC.) ASUS GPU Tweak (x32 Version: 2.8.3.0 - ASUSTek COMPUTER INC.) Hidden AVG (HKLM\...\AvgZen) (Version: 1.72.2.24716 - AVG Technologies) AVG Zen (Version: 1.72.1 - AVG Technologies) Hidden Avidemux 2.6 - 64bits (HKLM-x32\...\Avidemux 2.6 - 64bits (64-bit)) (Version: 2.6.8.9046 - ) AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - ) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BitTorrent (HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\BitTorrent) (Version: 7.9.7.42331 - BitTorrent Inc.) Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications) BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden BurnInTest v8.1 Standard (HKLM\...\BurnInTest_is1) (Version: 8.1.1012.0 - Passmark Software) C309g-m (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version: - ) Catalyst Control Center Next Localization BR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden CELO Enhanced (HKLM-x32\...\{4FF1FEC6-E5F5-49C2-B232-CD8AC9896092}_is1) (Version: 1.0.9.5 - Neffware) Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd) Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden Discord (HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\Discord) (Version: 0.0.291 - Hammer & Chisel, Inc.) Dropbox (HKLM-x32\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.) eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden Free Easy Burner V 5.1 (HKLM-x32\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft) Furi (HKLM-x32\...\Furi_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Chrome (HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.) Google Drive (HKLM-x32\...\{709316AD-161C-4D5C-9AE7-0B3A822DA271}) (Version: 1.30.2170.0459 - Google, Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden Hardware sensors monitor 4.5 (HKLM-x32\...\Hardware sensors monitor 4.5_is1) (Version: 4.5.4.2 - AB Software) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro) Homeworld: Deserts of Kharak (HKLM-x32\...\Steam App 281610) (Version: - Blackbird Interactive) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Officejet 6100 Basic Device Software (HKLM\...\{F68DC393-4115-4018-A8B6-600FAE86B218}) (Version: 28.0.1321.0 - Hewlett-Packard Co.) HP Officejet 6100 Help (HKLM-x32\...\{1F670068-9589-4DC7-8FE4-1D0D13AF2526}) (Version: 140.0.2.2 - Hewlett Packard) HP Photosmart Premium C309g-m All-In-One Driver Software 13.0 Rel .6 (HKLM\...\{181AC4C7-B83C-4B5F-B566-E19BF2472429}) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPDiagnosticCoreDll (HKLM-x32\...\{9262B08F-E183-4FED-A2BD-23FF1A84EB7A}) (Version: 1.0.16.0 - Hewlett Packard) HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden Intel(R) IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.12.1498 - Intel Corporation) Intel(R) Network Connections 17.3.63.0 (HKLM\...\PROSetDX) (Version: 17.3.63.0 - Intel) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation) JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.) Logitech Gaming Software 8.81 (HKLM\...\Logitech Gaming Software) (Version: 8.81.15 - Logitech Inc.) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.0.11.77 - Electronic Arts, Inc.) Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PS_AIO_06_C309g-m_SW_Min (x32 Version: 130.0.396.000 - Hewlett-Packard) Hidden PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.) SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) To the Moon (HKLM-x32\...\Steam App 206440) (Version: - Freebird Games) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-3) (Version: 1.0.3.1 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment) War Thunder Launcher 1.0.1.199 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2012 Gaijin Entertainment Corporation) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Driver Package - Google, Inc. (WinUSB) AndroidUsbDeviceClass (08/11/2009 2.0.0010.00002) (HKLM\...\BD9D4C72E215B5B7A0FD049943B35C492600C0AF) (Version: 08/11/2009 2.0.0010.00002 - Google, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. ) Word Layers (HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\Word Layers) (Version: 3 - wordlayersapp.com) XviD & MP3 Codec Pack (remove only) (HKLM-x32\...\XviD & MP3 Codec Pack_is1) (Version: - ) XviD MPEG-4 Video Codec (HKLM-x32\...\XviD_is1) (Version: XviD-1.0.3-20122004 - XviD Team (Koepi)) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3678415254-164999130-4254716092-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\pc\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0C07821C-00DC-446D-8E53-906C1A9F5A1A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {0CD9843A-64C5-4A80-9F8D-849118C890AE} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {2667EC0D-C33F-405E-B200-3DAA98251233} - System32\Tasks\{1F91CEBC-B160-49B1-9002-BF9508DF51DB} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -c /M{532F6E8A-AF97-41C3-915F-39F718EC07D1} /l1033 Task: {33B3BEB2-1C2E-4CCA-A44C-77CDE0836C97} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {36AF931F-D354-4320-8EC4-0C735640348D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {3D14FC2E-E34C-4323-8386-9DBF668D14C8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-21] (Microsoft Corporation) Task: {44CE6BF4-A78B-442A-8FB8-A9DA0FE94913} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {4DB63699-4796-4EED-9A01-6A22B68A2D71} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {63BCE684-4855-453E-9B56-06588AEE8500} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {6BB5207C-6581-49B5-AB9E-149E60DE5980} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {704753B6-F4E8-4AB3-8C20-7ADD7F288556} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {790DEB9E-6326-449F-B1FE-8C0A00E1E580} - System32\Tasks\{923DBB0A-B218-46EE-BD8F-C430B93C73DF} => pcalua.exe -a D:\Programs\steam\steam.exe -c steam://uninstall/230410 Task: {7FFEA382-CCF0-406A-8C79-01BC2BB246B2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-17] (Dropbox, Inc.) Task: {854DB5C4-65F6-4103-A429-3BF4781EF6F0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {8AE3582D-AC45-4752-9382-BF3091F8DD95} - System32\Tasks\MSIAfterburner => D:\MSI Afterburner\MSIAfterburner.exe [2015-12-09] () Task: {9A485AC7-B278-433E-A65F-2E240EBFE7D7} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {9BF557CA-263A-41AA-9A41-19C07B7A4606} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {9C2FB230-97EF-41A1-8831-1D337578D017} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {A1504099-3311-44F2-A8A6-1C1920AE8DCB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {A35E8337-600B-41B1-83C6-FF72907773CD} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {A74B21A4-5C29-492F-8EDF-EF4562A8C37B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {BC5BD6A5-2DA7-4E6A-9F86-F0833202E101} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {C9E5C815-6FFC-4F0A-AABB-8EBE4B01DC52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {CA4303DC-6788-4945-A9E7-27ACE1A51FE3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {CB553309-EA9A-4BC2-B905-22BA0BA45C48} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {CF2EBF87-8F70-4947-A5DC-A7C42B559B29} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {D0525C26-0A93-42F8-A054-6437F42D490A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-20] (Adobe Systems Incorporated) Task: {D0FBD527-F355-456A-8F94-78C5B6EC0A84} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {DC351D45-7520-42E6-ACC5-74ABB73D1A82} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {E1EBC109-3201-4152-B002-190E5472DA03} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {E68A07BF-D847-48C6-9765-8A4524D95A62} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {E7105538-0F40-4E84-9CB9-F447D3A3F690} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {EA54B417-2831-41FC-88A6-488FBBD9D667} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {EBAFF8B1-DDF1-4311-9D0A-382181DA1879} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {F468C626-C624-4C2B-A835-0B34C6CA7E7D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {FC5F4E35-37E1-42B6-A0B9-2F5A8D90C9D5} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-05-17] (Dropbox, Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\pc\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> hxxp://www.mail.ru/cnt/20775012?gp=811008"4C:\Users\pc\AppData\Local\Mail.Ru\Sputnik\MailRu.ico (No File) ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 03:18 - 2015-10-30 03:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2014-01-25 15:44 - 2013-10-23 16:24 - 00087600 _____ () C:\WINDOWS\System32\cpwmon64.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 06:45 - 2015-10-13 06:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-09-20 16:32 - 2012-09-11 16:54 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe 2010-12-01 22:15 - 2010-12-02 10:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe 2013-10-09 23:24 - 2014-04-25 12:49 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-04-13 13:12 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-13 13:12 - 2016-03-29 06:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-12-17 18:59 - 2015-12-07 00:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-05-11 17:51 - 2016-04-23 00:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-20 17:58 - 2016-05-27 23:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-06-20 17:58 - 2016-05-27 23:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-06-20 17:58 - 2016-05-27 23:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-06-20 17:58 - 2016-05-27 23:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2012-09-20 16:32 - 2016-07-09 18:27 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll 2012-09-20 16:32 - 2012-09-11 16:52 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll 2012-10-06 19:36 - 2012-05-10 15:03 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2016-06-20 18:26 - 2016-06-15 05:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-06-20 18:26 - 2016-06-15 05:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2016-07-09 18:41 - 00002034 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com 127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com 127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com 127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com 127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com 127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3678415254-164999130-4254716092-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\pc\Desktop\Furi_Poster-630x430.png DNS Servers: 75.75.75.75 - 75.75.76.76 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^pc^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Officejet 6100 (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Officejet 6100 (Network).lnk.Startup MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe MSCONFIG\startupreg: BitTorrent => "C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe" /MINIMIZED MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Programs\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: hmonitor => C:\Program Files (x86)\Hmonitor\hmonitor.exe MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Plex Media Server => "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" MSCONFIG\startupreg: Raptr => "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun HKLM\...\StartupApproved\StartupFolder: => "FAH.lnk" HKLM\...\StartupApproved\StartupFolder: => "Update Notifier.lnk" HKLM\...\StartupApproved\StartupFolder: => "WinZip Preloader.lnk" HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk" HKLM\...\StartupApproved\Run: => "AtherosBtStack" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "IDSCCOMZP2" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "ASUS ShellProcess Execute" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "AvgUi" HKLM\...\StartupApproved\Run32: => "Dropbox" HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\StartupApproved\Run: => "BitTorrent" HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\StartupApproved\Run: => "BingSvc" HKU\S-1-5-21-3678415254-164999130-4254716092-1000\...\StartupApproved\Run: => "Microsoft Security x64" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{3420FA3A-149F-4741-984E-29CE792A66A2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9808A473-AA94-43AF-8260-E95680ACA0F6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{EF7F51C7-58BF-42F1-8C52-BE42A89E5752}D:\games\war thunder\forcesinglegpu.exe] => (Block) D:\games\war thunder\forcesinglegpu.exe FirewallRules: [TCP Query User{B659FFCC-047A-409E-9BEE-EA2A1F39BA39}D:\games\war thunder\forcesinglegpu.exe] => (Block) D:\games\war thunder\forcesinglegpu.exe FirewallRules: [{3DE82E72-6A53-4FB2-B9E4-E9D75900B7D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{74269A51-5C9B-45FA-94A1-8E0B429F58D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CBB2995D-EFA9-41D0-B9A4-0C79583B1F78}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7536C8C6-EDB0-45F4-AE92-89004A5F0648}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{459ECB08-1A4D-4E5D-8B5E-90F0BC416607}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{97A344F1-BADD-436D-918A-BDF388436F4B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{EF27F6F7-90EC-4DCB-8434-61AA12D2533B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{78388472-AD0D-4122-9BE2-52DCFDFE6F94}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{6B99DAAD-0EF9-4393-A004-9B97F60C46C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{00FC6D4F-FC81-43B6-A067-C49A27D0DF15}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{94869CC5-8D44-41B0-BC8B-2EFFD1E756F7}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{1D9E4907-1026-473F-B54B-01602CA87C09}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{5CD798B9-3D80-4C95-84F7-332EF7122DBE}] => (Allow) LPort=51001 FirewallRules: [{AEDFA842-A89A-46C7-AE15-1461B29C91EB}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe FirewallRules: [{F5D2D2FB-7E07-4F10-9B7A-2E98FF04AFFE}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\Minisode_2\Sigmund Holiday Special 2\SigCorp Minisode 2.exe FirewallRules: [{B7999089-9A01-4D5C-851F-6D1729ADDFBD}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe FirewallRules: [{6D6365A2-BFE7-4CEB-B2AD-2A7A59E2DDEF}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\Minisode_1\Sigmund Holiday Special 1\Siggy - Holiday Special.exe FirewallRules: [UDP Query User{CA5B7FCF-72A5-449D-9FAE-129E79D75AB7}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\far cry 4\bin\farcry4.exe FirewallRules: [TCP Query User{A7EF7547-726B-447D-BC35-66B03C7BCEE3}C:\program files (x86)\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{63FC4F3B-2F76-4A77-BC8F-C2C8038A08B1}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe FirewallRules: [TCP Query User{5B68A0F6-A0B8-4F28-89AE-B899A56CAF09}D:\games\dying light\dyinglightgame.exe] => (Allow) D:\games\dying light\dyinglightgame.exe FirewallRules: [{F8103068-9ED8-459A-8A81-719F33D20BC8}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe FirewallRules: [{85B9037D-808C-42AA-AEEF-D6471216EA9B}] => (Allow) D:\Programs\steam\steamapps\common\To the Moon\To the Moon\To the Moon.exe FirewallRules: [{71F94572-2CA4-4890-B87D-BACD9860C043}] => (Allow) D:\Programs\steam\bin\steamwebhelper.exe FirewallRules: [{3DE6B8FB-71CF-4321-98FF-E75615D38BAB}] => (Allow) D:\Programs\steam\bin\steamwebhelper.exe FirewallRules: [UDP Query User{663F7BA0-DAA5-45CB-9E72-DF89C7B2072B}C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{75D6AE8B-983C-4E81-BF7B-A2E14AD9CC5F}C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\pc\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{840B215B-4611-403D-BD0C-7CDED4B0E909}] => (Allow) LPort=1900 FirewallRules: [{2E7DFFEF-8038-4705-B665-40419F7B10CE}] => (Allow) LPort=2869 FirewallRules: [{A9D3DD85-863E-411C-94D4-1986462143E8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5F775F53-B40D-4813-B693-BAA53A1ABEEE}] => (Allow) C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{A486A601-5EDC-4838-B505-0A2B4C174894}] => (Allow) C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{23BC9E76-2EE2-46EE-BFAC-161E2F9C703C}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{954D40E0-CFDA-45AA-BA48-A884FA93C3AA}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{3649D3DC-8E53-4FEA-BDB9-C9E4CB9C12DE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{B853C467-CE81-42C8-9D2A-3926C4E45080}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{16FD298A-44D3-420D-9E09-E59A96714AAA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{01167D9A-1E96-4909-9A69-271F7C654EAA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{FE1127F4-CD5A-44C6-9329-E95CD81509F6}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{8D72D9AF-017A-441F-BA2B-4F2FB0E3E966}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{C9DF7B1F-D2FE-44A0-BE2B-628314EFA8FA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{4EF02500-4CC0-4931-B65B-C1B6F78ABE3F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{F2F753FD-8B8E-4894-982C-6B4E7F1B6E50}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5F00181F-A11C-48C3-88F6-38658ED6012F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5A5BBC6D-6C15-42A3-9BD7-3283E2CC6D18}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5EAAE74F-221C-4F3D-B3DB-BA7BF93F3406}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [UDP Query User{54347776-7AB6-487B-B6BD-852413B9AA36}D:\programs\steam\steamapps\common\war thunder\launcher.exe] => (Block) D:\programs\steam\steamapps\common\war thunder\launcher.exe FirewallRules: [TCP Query User{045337D9-5856-43CE-A793-5932D35570AB}D:\programs\steam\steamapps\common\war thunder\launcher.exe] => (Block) D:\programs\steam\steamapps\common\war thunder\launcher.exe FirewallRules: [{31921910-9421-402F-8667-DF017195051F}] => (Allow) F:\RouterSetup\QISWizard.exe FirewallRules: [{C85195DC-51E1-462C-A122-A71456F80E3F}] => (Allow) F:\RouterSetup\QISWizard.exe FirewallRules: [{1D827F48-39C3-4E40-A26B-16B0706B664D}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{C8D796B3-201D-4671-88BF-537EDC02FF90}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{E170CA5E-3E0F-428B-9FE4-8704C0918073}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{E2EC8651-E84F-444B-A943-E2F91A86DB84}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{E69246B4-DA10-4E54-A712-907A8E619B8B}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{59B883D4-7F3D-4CA1-A2DD-2977E39D7C7A}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{B0877868-9A4E-4CC9-BDCA-BE975A3BCE7D}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{19735BA8-7C53-41E6-A5A9-E6F1C146ECCA}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{5E17DE15-0E0E-42E7-BA1E-82A557EC914C}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{8EBD35CA-25FC-451B-B528-1E9E025AEE3D}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{29C38F1C-1426-4C0F-8AF2-8F97263EFD09}] => (Allow) D:\programs\steam\steamapps\common\company of heroes 2\reliccoh2.exe FirewallRules: [{CAAEB450-2E14-4A75-99FD-D7653B1158DF}] => (Allow) D:\programs\steam\steamapps\common\company of heroes 2\reliccoh2.exe FirewallRules: [{70704BC2-E292-49E7-82B3-8EE76C332370}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{F77C2803-09D3-400E-B9C9-57C7C514FAA6}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{64CA7F09-A30B-4211-922D-001BB1111B1E}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{40853E02-6962-459D-9AB3-4B1D5517BFD8}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{88210114-ED79-47C0-888E-D3BA10CCA5EB}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{6A19E04E-991B-4847-AAC8-42E0831A2C5A}] => (Allow) D:\Programs\steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{2B74B627-5282-4A47-BA43-416E102971E8}] => (Allow) C:\Program Files\HP\HP Officejet 6100\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{BAD8BE16-7374-48E2-964F-2D69A6154CA5}] => (Allow) C:\Program Files\HP\HP Officejet 6100\Bin\HPNetworkCommunicator.exe FirewallRules: [{FEFE3A63-F40F-4C6B-8D8E-9F24382DEA7F}] => (Allow) C:\Program Files\HP\HP Officejet 6100\Bin\DeviceSetup.exe FirewallRules: [{38985018-E537-4ED2-B346-25A5662E6CD8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{223BC680-2219-45B8-8651-B77126BC84AF}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{24F281BE-61D0-4B1E-A0D4-76074FC3A70E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{28741D7F-0FDE-4F02-A789-0DD316393198}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{27037998-9F30-4D15-8558-E0490F3D9928}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{E06E8EC4-8991-4903-A0C4-7CE25A3D0C80}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [UDP Query User{6B64B4AF-DD87-4D04-84C3-122059EA4F5D}D:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\aces.exe FirewallRules: [TCP Query User{36FEC306-4B51-4756-A0B4-BE9A141C47AD}D:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\aces.exe FirewallRules: [UDP Query User{3AB448ED-5E8B-4E03-A96B-3CB5832D0471}D:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\aces.exe FirewallRules: [TCP Query User{3B82ACA9-C20B-44BC-A494-F587163C7927}D:\programs\steam\steamapps\common\war thunder\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\aces.exe FirewallRules: [UDP Query User{32D5FB9F-96A1-4E82-A826-8DBB1A369C85}D:\games\xcom\binaries\win32\xcomgame.exe] => (Block) D:\games\xcom\binaries\win32\xcomgame.exe FirewallRules: [TCP Query User{3749B315-C26F-4965-A625-48D96F4C92A8}D:\games\xcom\binaries\win32\xcomgame.exe] => (Block) D:\games\xcom\binaries\win32\xcomgame.exe FirewallRules: [UDP Query User{0A8EA52C-2E07-4E08-94D2-6F27B3E458D1}D:\games\xcom\binaries\win32\xcomgame.exe] => (Block) D:\games\xcom\binaries\win32\xcomgame.exe FirewallRules: [TCP Query User{5434B940-BB5E-432B-83EF-56637550CD83}D:\games\xcom\binaries\win32\xcomgame.exe] => (Block) D:\games\xcom\binaries\win32\xcomgame.exe FirewallRules: [UDP Query User{DD1FFB6A-E54C-47D0-BB92-55362974C490}D:\programs\steam\steam.exe] => (Allow) D:\programs\steam\steam.exe FirewallRules: [TCP Query User{9248D824-FD02-4B3F-B7C7-EC85228CACE2}D:\programs\steam\steam.exe] => (Allow) D:\programs\steam\steam.exe FirewallRules: [{EB06B5C3-17E3-4936-8D9F-DB8F1479E725}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{E58FAD73-FF3B-4E2E-B911-E36DEC3F2D93}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{4FC11BD5-C27E-41DD-8F64-1B48F042C7E0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{7202B245-1D3C-476A-9037-EAB3BF770141}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{EE47F2A3-BC03-43B3-91A8-23DBF2D2031A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{46652A90-D337-45AC-9240-7AA5E5A3A57B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{2A3C4019-ABAA-4425-ADC5-B319D2FBFF42}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{85257F0B-E623-4521-85B8-8C6778735D3A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{8913A8B2-7DFD-4B4D-89C5-53D47950DA0E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{92C9B836-9BB4-4CE3-92EB-CBBFBA746FE2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{D59FC032-A86F-4ABA-B83C-ACFA18433293}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{D87FA8B2-3F11-406E-B3A2-2E4E7375CD97}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{0C083170-C606-4C53-94B9-86837D778927}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{DDEEC382-486A-488F-AC64-75CBDEBCFD9B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{E1CF27A6-EA01-4AA1-B6E6-0D8E95F2C95F}] => (Allow) D:\Programs\steam\Steam.exe FirewallRules: [{64886294-B61F-4CA8-A30B-9ED20590851D}] => (Allow) D:\Programs\steam\Steam.exe FirewallRules: [{F8325B53-FB7B-4435-9C94-EC9FFD0008D3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{EAF4A554-D0F9-4F59-AF02-BC100438E557}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{29B7E092-37CB-4170-9ABE-43F8C2B97C8E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{A36CC620-262D-417C-AD16-AFD94937D871}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{34366217-D7EC-4E0B-AC5A-08F98A54A48A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{D150CE2B-36D1-490C-9724-BEE15170F240}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{3F226759-A6D3-4B0E-B07F-F5CF119649B0}] => (Allow) D:\Programs\steam\steamapps\common\Deserts of Kharak\DesertsOfKharak64.exe FirewallRules: [{12F46638-14D2-4668-B262-CDB2D9853766}] => (Allow) D:\Programs\steam\steamapps\common\Deserts of Kharak\DesertsOfKharak64.exe FirewallRules: [{6E51189A-3FC5-4AC2-81C3-5CC9E2BFF15C}] => (Allow) D:\Programs\steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [{B2333125-5FE7-4856-9433-90CD49D1780C}] => (Allow) D:\Programs\steam\steamapps\common\War Thunder\launcher.exe FirewallRules: [TCP Query User{866C6036-3097-45AE-9F0E-72C02D59970E}D:\programs\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\win64\aces.exe FirewallRules: [UDP Query User{1DA044B5-E8A8-4E8E-AC26-A2E546780E0E}D:\programs\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\programs\steam\steamapps\common\war thunder\win64\aces.exe FirewallRules: [TCP Query User{FBA0503C-D190-4904-9FC4-01B0245EB00D}D:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2\binaries\win64\xcom2.exe FirewallRules: [UDP Query User{B6BB6A32-DFA1-438A-85B3-BE9E859931B9}D:\games\xcom 2\binaries\win64\xcom2.exe] => (Allow) D:\games\xcom 2\binaries\win64\xcom2.exe FirewallRules: [TCP Query User{3D431F14-1B05-4A6B-A8D0-B66A6E7060EF}D:\games\war thunder\launcher.exe] => (Allow) D:\games\war thunder\launcher.exe FirewallRules: [UDP Query User{BD26F955-C3B1-472B-A59F-EE8FA0816BCF}D:\games\war thunder\launcher.exe] => (Allow) D:\games\war thunder\launcher.exe FirewallRules: [{D2FA9E22-389D-4FE0-8F58-AD337CAA6989}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{D57BA82F-3510-4563-A27C-595CBA11F981}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{2DFB5DCE-9635-40FB-BE49-FE61D99B2E03}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{CBEC76E4-5257-4850-8B11-DB5C7A3DFA87}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{9C97AF9E-D113-478C-A1E9-2058313D26CF}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{BFDE77AE-498B-435E-896D-B17996067947}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [TCP Query User{2C98CE56-CB6B-47EC-ADB8-A257C222A5C7}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe FirewallRules: [UDP Query User{1005F306-79CF-4456-98AC-E91AA4FBA962}C:\program files (x86)\sadptool\sadptool.exe] => (Allow) C:\program files (x86)\sadptool\sadptool.exe FirewallRules: [TCP Query User{C310401E-F938-41E1-B5EC-85C54A64EF17}C:\program files (x86)\laview\laview.exe] => (Allow) C:\program files (x86)\laview\laview.exe FirewallRules: [UDP Query User{82AA12D8-8D5E-4CFD-929F-0F2F8A80B084}C:\program files (x86)\laview\laview.exe] => (Allow) C:\program files (x86)\laview\laview.exe FirewallRules: [{B7C398C2-DCCD-4B9A-8C59-0A1CB4DCB4E5}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{F24CBD8F-B4E0-42EC-A939-FB40DFED3E84}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{A036DD25-D70C-4F2A-9C58-348ED45CD6C4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{DC8F6B62-65D6-46AF-8662-52EC95FE101F}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [UDP Query User{3BC6DB2C-B6A0-4A73-A414-3AE9329527FA}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe FirewallRules: [{8BCC8809-5833-47C7-8754-43670FAAF011}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{5CFE6C22-ADE4-4451-B937-FAD93017F32B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{3F60AA24-0D80-4636-8AA8-F8DF3545DED1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{F0E2391B-B1F3-4DC1-844D-B35E5C48E52D}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{9ED0DF44-71BC-45E1-AA5F-E50D325C2853}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{45325E8C-6F21-49F1-90E4-78B655B2182D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{79A3082D-7DD1-431C-9444-103433C4818B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe ==================== Restore Points ========================= 05-07-2016 18:13:17 Scheduled Checkpoint 07-07-2016 22:54:46 AA11 09-07-2016 18:31:29 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= Name: High Definition Audio Bus Description: High Definition Audio Bus Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318} Manufacturer: AMD Service: HDAudBus Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/09/2016 06:31:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (07/09/2016 06:26:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Yggdrasil.local already in use; will try Yggdrasil-2.local instead Error: (07/09/2016 06:26:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Yggdrasil.local. Addr 10.1.10.149 Error: (07/09/2016 06:26:55 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 10.1.10.149:5353 16 Yggdrasil.local. AAAA 2601:00C4:C202:E800:0000:0000:0000:74A4 Error: (07/09/2016 06:25:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SystemSettingsBroker.exe, version: 10.0.10586.0, time stamp: 0x5632d7b4 Faulting module name: SettingsHandlers_Notifications.dll, version: 10.0.10586.0, time stamp: 0x5632d70b Exception code: 0xc0000005 Fault offset: 0x000000000002b7d1 Faulting process id: 0x2a3c Faulting application start time: 0xSystemSettingsBroker.exe0 Faulting application path: SystemSettingsBroker.exe1 Faulting module path: SystemSettingsBroker.exe2 Report Id: SystemSettingsBroker.exe3 Faulting package full name: SystemSettingsBroker.exe4 Faulting package-relative application ID: SystemSettingsBroker.exe5 System errors: ============= Error: (07/09/2016 06:26:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: %%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (07/09/2016 06:26:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The InstallerService service failed to start due to the following error: %%2 = The system cannot find the file specified. Error: (07/09/2016 06:26:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The bthserv service failed to start due to the following error: %%1069 = The service did not start due to a logon failure. Error: (07/09/2016 06:26:54 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: The bthserv service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: %%1312 = A specified logon session does not exist. It may already have been terminated. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC). Error: (07/09/2016 06:26:36 PM) (Source: Application Popup) (EventID: 875) (User: ) Description: AiChargerPlus.sys Error: (07/09/2016 06:25:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_676ea service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/09/2016 06:25:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s). Error: (07/09/2016 06:25:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Intel Security True Key Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (07/09/2016 06:25:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (07/09/2016 06:25:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Intel Security True Key service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. CodeIntegrity: =================================== Date: 2016-07-09 18:41:57.477 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:57.467 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:57.457 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:57.299 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:57.128 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:57.064 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:57.054 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:57.043 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:57.018 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-07-09 18:41:56.910 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz Percentage of memory in use: 14% Total physical RAM: 15583.14 MB Available physical RAM: 13346.18 MB Total Virtual: 31455.14 MB Available Virtual: 29164.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:243.6 GB) (Free:63.62 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: () (Fixed) (Total:687.37 GB) (Free:504.09 GB) NTFS Drive e: (New Volume) (Fixed) (Total:91.75 GB) (Free:23.3 GB) NTFS Drive g: (Toms Expansion) (Fixed) (Total:3725.9 GB) (Free:3514.52 GB) NTFS Drive z: (New Volume) (Fixed) (Total:74.46 GB) (Free:68.18 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D21ADCE0) Partition 1: (Active) - (Size=243.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) Partition 3: (Not Active) - (Size=687.4 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 74.5 GB) (Disk ID: D0F4738C) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Not Active) - (Size=74.5 GB) - (Type=42) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 91.8 GB) (Disk ID: E686F016) Partition 1: (Active) - (Size=91.7 GB) - (Type=07 NTFS) ======================================================== Disk: 3 (Size: 3726 GB) (Disk ID: FB952065) Partition: GPT. ==================== End of Addition.txt ============================