Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by Chad (01-04-2017 13:02:24) Running from C:\Users\Chad\Downloads Windows 8.1 (Update) (X64) (2014-12-27 07:11:20) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-985218096-2591489430-401931631-500 - Administrator - Disabled) Chad (S-1-5-21-985218096-2591489430-401931631-1001 - Administrator - Enabled) => C:\Users\Chad Guest (S-1-5-21-985218096-2591489430-401931631-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-985218096-2591489430-401931631-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.) Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.) Ashes of the Singularity (HKLM\...\Steam App 228880) (Version: - Oxide Games) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Cisco WebEx Meetings (HKU\S-1-5-21-985218096-2591489430-401931631-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc) Dishonored 2 (HKLM\...\Steam App 403640) (Version: - Arkane Studios) DOOM (HKLM\...\Steam App 379720) (Version: - id Software) Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios) GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HP Color LaserJet Enterprise M553 (HKLM-x32\...\{04eddfdb-3203-4605-aa4b-42659b357884}) (Version: 14.0.16124.472 - Hewlett-Packard) HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.5.32.203 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPCLJEnterpriseM553 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden HPDXP (x32 Version: 3.0.26.30 - HP) Hidden Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation) iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab) Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad) LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4903.1002 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation) NVIDIA 3D Vision Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation) NVIDIA Graphics Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation) NVIDIA Miracast Virtual Audio 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4903.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden Offworld Trading Company (HKLM\...\Steam App 271240) (Version: - Mohawk Games) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com) Radium (HKLM-x32\...\Steam App 355410) (Version: - Lukas Jaeckel) Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.20.15.29092 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version: - Firaxis) Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games) Sid Meier's Starships (HKLM-x32\...\Steam App 282210) (Version: - Firaxis Games) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Terraria (HKLM\...\Steam App 105600) (Version: - Re-Logic) Torment: Tides of Numenera - Alpha Systems Test (HKLM-x32\...\Steam App 342210) (Version: - ) Torment: Tides of Numenera (HKLM-x32\...\Steam App 272270) (Version: - inXile Entertainment) Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version: - Creative Assembly) Undertale (HKLM\...\Steam App 391540) (Version: - tobyfox) VanDyke Software SecureCRT and SecureFX 7.2 (HKLM\...\{B0DBE649-D31A-4D5A-8D25-B0036A27B163}) (Version: 7.2.3 - VanDyke Software, Inc.) Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.) Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version: - inXile Entertainment) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {2DB5CF7C-D427-473B-8377-2053DF91BF43} - System32\Tasks\HPCeeScheduleForChad => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.) Task: {3257EA91-AAD3-4D38-8D02-2A573A1F66DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-03-02] (HP Inc.) Task: {3F24D2F4-E135-4A4E-8EB5-96460DB1964E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {4F63F209-BDB6-4A5A-96D5-E48C42644276} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {573843F5-E04E-4146-AF81-C83A52B2437D} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {6D4CF4DF-896F-4A64-B124-86E11E62A82E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation) Task: {79D3C387-CDCC-45C5-A138-792A542374D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-03-10] (HP Inc.) Task: {7CA2B428-FF82-4236-A8C0-9F4A313233FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {7E17418A-1572-4E23-AEBE-882C99696E57} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.) Task: {9BA2270A-56E1-4BD7-8DAC-BFD653347262} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation) Task: {B2C3E9C9-2DD6-40BF-9838-ACBDD6961914} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.) Task: {B8C81677-5B9A-425E-A83F-3F332319BFE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {D7E38BA9-87F8-47FA-8CFF-88D5757048D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.) Task: {D962BA15-9EAC-4B91-8F57-DA96015899FC} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab) Task: {E1BAB7B0-8524-42BE-A4E0-A818AECFC928} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation) Task: {EC6A2B8C-D155-4761-8200-64E85DD6F683} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\HPCeeScheduleForChad.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2014-12-27 04:31 - 2016-03-08 02:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2015-01-02 16:09 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-11-04 19:11 - 2015-11-04 19:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-10-30 03:22 - 2016-05-24 12:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2016-07-05 15:22 - 2016-07-05 15:22 - 00313144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll 2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll 2015-04-05 13:39 - 2016-05-02 02:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-02-26 04:29 - 2016-02-26 04:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-985218096-2591489430-401931631-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{68F4B6B6-9CB8-481A-BE78-35B63300C265}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{DAC5AFAC-222E-4C11-8D12-4147B08CB45D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{695252AE-261C-45D4-86C1-84EAAC006A55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{348913C1-C597-4923-9367-472ED399A3E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C366BDA2-7EA8-48D4-B8CD-6C9417B15A50}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{EBE9778D-0B24-4729-ADE4-E622B52B4A2C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D60EADC7-A49B-4051-9928-DF74E92E2021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe FirewallRules: [{0C42E770-01F4-4C52-B530-823672581EC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe FirewallRules: [{463B852B-8DB7-4548-B63E-2DF5F7F4B3E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe FirewallRules: [{CF75EEEB-94AC-4AB8-A618-FBF167BBC3ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe FirewallRules: [{71B898D0-093B-4FE9-AC08-7C22D58D402C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe FirewallRules: [{415862B5-5689-400E-BA62-EE521A432B5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe FirewallRules: [{E6A902D5-4F10-4A7E-9DDA-0E0FE0EDBCB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Starships\Starships64.exe FirewallRules: [{C0A0FA6C-1400-4CD7-A0CD-97AD1B03826B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Starships\Starships64.exe FirewallRules: [{5A4CB118-4050-448C-B297-1F026509C36C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Radium\Radium.exe FirewallRules: [{7B3483A7-C475-4092-B1CD-110D83DE7568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Radium\Radium.exe FirewallRules: [{758A82A0-DBF0-46A0-B7B6-4CCC090231F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe FirewallRules: [{1451DD07-1024-4BDC-A91E-1C362C2A8807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe FirewallRules: [{2CB355FD-56E9-42CD-A9A8-75576BF4FE30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe FirewallRules: [{83CE318A-8415-4CF4-9AAC-4B02D86D3BFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe FirewallRules: [{E55105EB-7A60-4F52-8F2A-9BCB8E8F5EA8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{652AE1DE-6969-4819-A572-F9375608B321}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torment Tides of Numenera - Alpha Systems Test\WIN\AST0.exe FirewallRules: [{4D78C71F-C624-4603-ABC0-260705DACD31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torment Tides of Numenera - Alpha Systems Test\WIN\AST0.exe FirewallRules: [{DEE0F511-1F7A-448C-ADE0-ED2DA249554E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{A8281EF8-AC92-4FBC-82ED-786CC68FF032}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe FirewallRules: [{DCF2D7B3-4C68-49F5-BE94-8374C735713F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{11221F4B-7178-4EB0-89DC-75FF617B7B20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe FirewallRules: [{CB9C0C9C-897B-4AF6-A736-4B3DC0FEA2E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torment Tides of Numenera\WIN\TidesOfNumenera.exe FirewallRules: [{65F7237F-DA0C-4EC2-9751-62292EBA9274}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torment Tides of Numenera\WIN\TidesOfNumenera.exe FirewallRules: [{47D670F8-5621-4764-A633-6A479E2E7872}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{2B4AEEA7-C3BD-46CF-AF9F-6620C23B79FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{7C43D5E6-B084-4A00-8919-72F76B623243}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E3A4259B-0151-428D-A066-5E4029742151}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{FE8C2610-A4C8-41AB-AD46-8460AED69ACC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{AB8CE729-78F2-40C3-A42E-55EA1395003C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{2B6B5E5B-42A2-47FA-9C7A-98F062D8801C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{4CFFF110-EA9F-4C00-9501-54755A2DF01D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2CD9142E-9925-4BA3-ADBA-3E0152ED23B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{B075D2AD-4FC9-450F-905A-D13A1ABFA2AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX11.exe FirewallRules: [{8F5F6A95-2745-467B-92FE-0483001CC122}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX11.exe FirewallRules: [{BF346554-EEE8-45DF-8A47-4165A769DE5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX12.exe FirewallRules: [{8656C4AB-6445-4416-B823-93149761E533}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX12.exe FirewallRules: [{DF3CD2AA-5097-4983-B391-8B1DB150DEC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe FirewallRules: [{4DF01B44-63A0-45C8-8A26-C3EDC85A13FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe FirewallRules: [{7259F099-FEFA-419E-8D30-A4A8D2143277}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe FirewallRules: [{5DBF28F2-56F9-48EC-833E-5451C263FC64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe FirewallRules: [{E12FEFEF-620F-4390-86E4-4A27D6D787B9}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{B53181F0-C7F5-42BF-AAFC-69C76E9BC150}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{A93A205B-3AD2-4F13-BF6B-370D20D615FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{C33CDCB2-CACF-4C86-8144-775F0D6D576B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe FirewallRules: [{48D696B3-8ED9-4CB3-824C-C0C42ED11940}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe FirewallRules: [{E4C85C47-5C78-4A11-8E88-C128E1C50F94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe FirewallRules: [{83DE359A-B92E-48D4-815D-5C658B7C83B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe FirewallRules: [{A391E80B-273B-410E-A7F1-A63128DE780D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{55BEE292-D25D-4041-BCC9-6A004DC21C21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{B6FE41F8-CD24-40AB-BE6E-8FEFD5C124EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\StardockLauncher.exe FirewallRules: [{74FF24F4-231A-4F1B-B761-C21994AA9763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\StardockLauncher.exe FirewallRules: [{4415FC25-D352-444E-9B33-19D060516F9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{58755441-0BDE-4033-96EA-E4D952EDE671}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe FirewallRules: [{EEF00477-E552-4461-9CC5-78814A2634A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe FirewallRules: [{40DF0F58-8628-4081-9892-BEACC21277F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe FirewallRules: [{AA9528AF-BBB0-4F4D-9D17-886A91EEE8AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe ==================== Restore Points ========================= 06-03-2017 09:27:36 Scheduled Checkpoint 16-03-2017 18:42:36 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/01/2017 12:55:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IAStorDataMgrSvc.exe, version: 13.1.0.1058, time stamp: 0x53642550 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x0182680d Faulting process id: 0xdbc Faulting application start time: 0x01d2ab089fcc5bd7 Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Faulting module path: unknown Report Id: f723a40f-16fb-11e7-82aa-001fbc119acd Faulting package full name: Faulting package-relative application ID: Error: (04/01/2017 12:55:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: IAStorDataMgrSvc.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() at IAStorUtil.SystemDataModelListener.LoadSavedSystemState() at IAStorDataMgr.EventRelay.b__0(System.Object) at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (04/01/2017 12:52:28 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2071.1338, time stamp: 0x5726e00c Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5726d98c Exception code: 0xc0000005 Fault offset: 0x0000000000010f73 Faulting process id: 0x12ec Faulting application start time: 0x01d2ab08577572ec Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll Report Id: 966ba460-16fb-11e7-82aa-001fbc119acd Faulting package full name: Faulting package-relative application ID: Error: (04/01/2017 12:47:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: teglon) Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/01/2017 12:46:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2071.1338, time stamp: 0x5726e00c Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5726d98c Exception code: 0xc0000005 Fault offset: 0x0000000000010f73 Faulting process id: 0xfdc Faulting application start time: 0x01d2ab078eb99570 Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe Faulting module path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll Report Id: cda56b4b-16fa-11e7-82a9-001fbc119acd Faulting package full name: Faulting package-relative application ID: Error: (04/01/2017 12:43:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: teglon) Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/01/2017 12:39:45 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (04/01/2017 12:38:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: teglon) Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/01/2017 12:38:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IAStorDataMgrSvc.exe, version: 13.1.0.1058, time stamp: 0x53642550 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x016c6805 Faulting process id: 0x124c Faulting application start time: 0x01d2ab06459ecd47 Faulting application path: C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe Faulting module path: unknown Report Id: 9d092fc4-16f9-11e7-82a8-001fbc119acd Faulting package full name: Faulting package-relative application ID: Error: (04/01/2017 12:38:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: IAStorDataMgrSvc.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() at IAStorUtil.SystemDataModelListener.LoadSavedSystemState() at IAStorDataMgr.EventRelay.b__0(System.Object) at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() System errors: ============= Error: (04/01/2017 12:55:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). Error: (04/01/2017 12:47:03 PM) (Source: DCOM) (EventID: 10001) (User: teglon) Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error: "15612" Happened while starting this command: "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel Error: (04/01/2017 12:43:39 PM) (Source: DCOM) (EventID: 10001) (User: teglon) Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error: "15612" Happened while starting this command: "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel Error: (04/01/2017 12:39:31 PM) (Source: bowser) (EventID: 8003) (User: ) Description: The master browser has received a server announcement from the computer GALLIFREY that believes that it is the master browser for the domain on transport NetBT_Tcpip_{398B59D8-A2F1-49A7-9E30-547D15B8512B}. The master browser is stopping or an election is being forced. Error: (04/01/2017 12:38:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). Error: (04/01/2017 12:38:20 PM) (Source: DCOM) (EventID: 10001) (User: teglon) Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error: "15612" Happened while starting this command: "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel Error: (04/01/2017 12:37:09 PM) (Source: DCOM) (EventID: 10001) (User: teglon) Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error: "15612" Happened while starting this command: "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel Error: (04/01/2017 12:37:05 PM) (Source: DCOM) (EventID: 10001) (User: teglon) Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error: "15612" Happened while starting this command: "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel Error: (04/01/2017 12:36:48 PM) (Source: DCOM) (EventID: 10001) (User: teglon) Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error: "15612" Happened while starting this command: "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel Error: (04/01/2017 12:36:44 PM) (Source: DCOM) (EventID: 10001) (User: teglon) Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error: "15612" Happened while starting this command: "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-5930K CPU @ 3.50GHz Percentage of memory in use: 9% Total physical RAM: 32691.78 MB Available physical RAM: 29640.49 MB Total Virtual: 37555.78 MB Available Virtual: 33779.73 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:744.7 GB) (Free:394.59 GB) NTFS Drive d: (Datalore) (Fixed) (Total:1862.89 GB) (Free:1105.61 GB) NTFS Drive f: (CANON_DC) (Removable) (Total:7.47 GB) (Free:5.13 GB) FAT32 Drive h: (Seagate Backup Plus Drive) (Fixed) (Total:4657.4 GB) (Free:3912.29 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 745.2 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 3 (MBR Code: Windows 7 or 8) (Size: 4657.5 GB) (Disk ID: 9AB8C987) Partition: GPT. ======================================================== Disk: 4 (Size: 7.5 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================