Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017 Ran by I am (26-05-2017 18:35:02) Running from C:\Users\I am\Desktop Windows 10 Home Version 1703 (X64) (2017-05-13 18:18:08) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-465181129-2301691221-1871877518-500 - Administrator - Disabled) ASPNET (S-1-5-21-465181129-2301691221-1871877518-1002 - Limited - Enabled) DefaultAccount (S-1-5-21-465181129-2301691221-1871877518-503 - Limited - Disabled) Guest (S-1-5-21-465181129-2301691221-1871877518-501 - Limited - Disabled) I am (S-1-5-21-465181129-2301691221-1871877518-1001 - Administrator - Enabled) => C:\Users\I am ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.24 - ASUSTeK Computer Inc.) AIDA64 Extreme v5.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.60 - FinalWire Ltd.) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology) ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.) ASUSRAMCACHE (HKLM-x32\...\ASUSRAMCACHE) (Version: 1.07.16 - FNet Co., Ltd.) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BT Desktop Help (HKLM-x32\...\BT Desktop Help) (Version: - ) Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward) Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward) Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden CPUID PRO GAMING CPU-Z 1.72.1 (HKLM\...\CPUID PRO GAMING CPU-Z_is1) (Version: 1.72.1 - CPUID, Inc.) Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts) DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 6.1.0.0485 - Disc Soft Ltd) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FireStorm version V1.0.45.000 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.45.000 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.) Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.551.2 - McAfee, Inc.) Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts) Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 3.00.13 - ASUSTeK Computer Inc.) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.8067.2115 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-465181129-2301691221-1871877518-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation) NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation) NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.) Raiden IV: OverKill (HKLM\...\Steam App 323460) (Version: - Moss Co., Ltd.) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.1.3 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games) ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.31 - ASUSTeK Computer Inc.) Samsung CLX-4190 Series (HKLM-x32\...\Samsung CLX-4190 Series) (Version: 1.20 (21/05/2015) - Samsung Electronics Co., Ltd.) Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14/03/2014) - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.77.00(12/02/2015) - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.) Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.10.19 (12/03/2014) - Samsung Electronics Co., Ltd.) Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.16 - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Sound Blaster Z-Series (HKLM-x32\...\{A15CAB30-128B-4CB3-8C9F-091A69028167}) (Version: 1.00.28 - Creative Technology Limited) Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) View User's Guide (HKLM-x32\...\View User Guide) (Version: 3.60.45.0 - ) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {069D5F4E-FF37-471D-88B5-AFEA5500BF53} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.) Task: {1FE21F3F-B72B-4D51-BA1B-D7EBC176F3D3} - System32\Tasks\{0B224D43-A97E-4F8D-9D2E-544B2E947BA4} => pcalua.exe -a D:\Setup.EXE -d D:\ Task: {35BFEC8E-567C-46A7-A77A-8F5C32FD90A5} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2015-02-06] () Task: {3DD518E2-9B3A-456F-8DF7-7A930FF7FF25} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2015-06-04] (TODO: ) Task: {41DA8983-5512-4D8B-9C5B-C637DA6A29D2} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [2015-05-12] () Task: {42968FEE-A792-4CAE-95D8-048396BB216C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-15] (Google Inc.) Task: {4D4497AA-0399-46BA-A6A6-6617364E9230} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2015-06-30] (ASUSTeK Computer Inc.) Task: {5D52DA4D-EF5D-4C28-9460-B9BE57649D4B} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] () Task: {90A809BA-5E92-49B0-AC3E-DA6C5E447DAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {9FD378DA-F7FB-4065-AA78-1B75DC7E9157} - System32\Tasks\{71CD92AA-5F4B-4C9B-A99F-B388D595AA97} => pcalua.exe -a "C:\Program Files\FileViewPro\unins000.exe" Task: {A86EA4F2-2FC0-4538-AEED-C0320D2CEA5A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-10] (Adobe Systems Incorporated) Task: {A9804BE9-4DA8-4437-99DF-4829485BD390} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {AF496587-0E1F-40F0-B42B-05D1EF3591A8} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.) Task: {B23CD5F2-7775-4A5A-9857-F2092C2B0BFC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] () Task: {D4295155-BEC9-40E6-8297-DC39CD8A7820} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe Task: {DBCEF153-3F46-4B2B-82CF-B79F576D0763} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2015-06-30] () Task: {E6DF9BD2-6B86-4A14-80B1-E95A04B156BB} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-25] () Task: {EA45365E-33E3-446B-8B39-43FFDA779838} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {EAB0D03C-C18C-42CB-BF2F-AA458B72E512} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-05-23] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-05-11 11:35 - 2015-04-24 12:46 - 00022528 _____ () C:\WINDOWS\System32\ssy4clm.dll 2015-12-15 15:20 - 2009-11-04 14:18 - 00189440 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\lxebdrpp.dll 2016-02-15 21:01 - 2016-02-15 21:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll 2015-12-15 20:16 - 2014-09-26 14:40 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2015-12-15 20:14 - 2015-05-08 07:26 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2015-12-16 20:06 - 2017-03-25 16:16 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-09-24 23:20 - 2016-09-24 23:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2017-05-19 13:34 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2015-12-16 20:06 - 2017-05-21 18:40 - 00348360 _____ () C:\WINDOWS\SysWOW64\PnkBstrB.exe 2017-05-13 18:53 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-12-15 20:16 - 2015-02-06 15:53 - 01462584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe 2015-12-15 20:21 - 2015-05-12 22:49 - 00304952 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe 2015-12-15 20:16 - 2015-06-30 23:23 - 01275672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe 2017-03-18 21:58 - 2017-03-18 21:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2016-03-14 18:48 - 2017-05-25 20:22 - 08931008 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2017-03-18 21:59 - 2017-03-19 03:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-05-15 22:03 - 2017-05-09 10:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-05-15 22:03 - 2017-05-09 10:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll 2015-12-11 16:57 - 2014-05-22 09:24 - 00096568 _____ () C:\WINDOWS\SYSTEM32\audioLibVc.dll 2015-12-15 16:36 - 2013-01-23 14:29 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe 2015-12-15 16:36 - 2013-01-23 14:29 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe 2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2015-12-15 20:21 - 2015-06-01 20:20 - 01189688 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ShareEdit.exe 2015-12-15 20:21 - 2015-06-01 20:20 - 02536760 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe 2015-12-15 20:21 - 2015-06-03 20:46 - 00086840 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe 2015-12-15 20:16 - 2014-08-01 16:37 - 01056768 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe 2015-12-15 20:16 - 2014-08-28 11:37 - 00033424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe 2015-12-15 20:15 - 2015-06-30 15:54 - 01263384 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe 2015-12-15 20:14 - 2017-05-20 13:34 - 00038696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2015-12-15 20:14 - 2015-05-08 07:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2017-01-15 16:00 - 2017-05-17 19:20 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2015-07-11 00:37 - 2015-07-11 00:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-12-15 20:16 - 2014-10-09 10:31 - 00237568 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll 2015-12-15 20:16 - 2014-02-24 18:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll 2015-12-15 20:15 - 2015-06-03 17:17 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll 2015-12-15 20:15 - 2015-06-03 17:17 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2015-12-15 20:15 - 2015-02-09 18:53 - 00872960 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll 2015-12-15 20:16 - 2015-07-03 00:20 - 04662272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll 2015-12-15 20:16 - 2015-06-04 01:48 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll 2015-12-15 20:16 - 2015-05-21 23:57 - 01141248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll 2015-12-15 20:16 - 2015-06-26 14:50 - 00906240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\LED Control\LEDControl.dll 2015-12-15 20:16 - 2015-06-23 11:17 - 01338368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll 2015-12-15 20:15 - 2015-06-28 17:37 - 00829440 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll 2015-12-15 20:15 - 2014-09-08 07:26 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll 2015-12-15 20:15 - 2014-09-26 14:40 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll 2015-12-15 20:14 - 2015-05-08 07:26 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll 2015-12-15 20:16 - 2015-06-25 00:16 - 00236544 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll 2015-12-15 20:16 - 2015-06-04 01:48 - 00712192 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2015-12-15 20:16 - 2015-06-30 23:22 - 00863744 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll 2015-12-15 20:16 - 2015-06-04 01:48 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 2015-12-15 20:16 - 2015-07-01 17:33 - 00815104 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2015-12-15 20:16 - 2015-06-04 01:48 - 00507392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\AsKeyboardFocusHooker.dll 2016-02-18 00:41 - 2016-01-23 03:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-12-15 16:36 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll 2015-12-15 16:36 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll 2015-12-15 16:36 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebDRS.dll 2015-12-15 16:36 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll 2015-12-15 16:36 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epfunct.DLL 2015-12-15 16:36 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll 2015-12-15 16:36 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Eputil.DLL 2015-12-15 16:36 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epwizard.DLL 2015-12-15 16:36 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Imagutil.DLL 2015-12-15 16:36 - 2010-04-05 06:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPWizRes.dll 2015-12-15 16:36 - 2010-04-05 06:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll 2015-12-15 16:36 - 2010-04-05 06:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPOEMDll.dll 2015-12-15 16:36 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll 2015-12-15 16:36 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll 2015-12-15 20:21 - 2015-05-12 22:49 - 00253952 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\pngio.dll 2017-02-20 09:10 - 2017-02-20 09:10 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2015-12-15 20:16 - 2013-11-20 11:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll 2015-12-15 20:16 - 2013-07-02 11:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll 2015-12-15 20:16 - 2015-06-29 13:35 - 00383488 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\SystemCleaner.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2017-04-24 14:54 - 00000863 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-465181129-2301691221-1871877518-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: lfsvc => 3 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A6E5677F-C8D9-482E-829C-386314600CB4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe FirewallRules: [{52830E4D-ECF2-4E8B-A3A6-59EEEE54BCF7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe FirewallRules: [{BD1D0082-96D9-46E9-B4FB-D876D0159B46}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{A2601310-5170-4463-8B82-08B7363F0F00}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe FirewallRules: [{FB552919-B8C2-4D66-ACD8-3A9A0E021DE6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{40B219C9-9B58-4739-83F2-8C170EBC4722}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{F9479B09-2DA7-4EB4-948E-4250DDE73C52}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{C6B05E3F-D6E8-4862-87AC-49356034770D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{E90CDBC5-19BD-4AF6-B0AA-6EE69B5FAFF8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{179ECA99-5B1E-4B3A-B1CB-1AF7E6D511B8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe FirewallRules: [{06AD1A3C-EA12-4E16-867A-CFF073F07879}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe FirewallRules: [{3A12DA09-0A9D-43A7-A511-E1EBB6714CCE}] => (Allow) C:\Windows\twain_32\Samsung\CLX4190\SCNSearch\USDAgent.exe FirewallRules: [{54556DAF-A60E-4E59-AD14-143F312F3181}] => (Allow) C:\Windows\twain_32\Samsung\CLX4190\SCNSearch\USDAgent.exe FirewallRules: [{660F41BB-902E-4C0F-AB8F-3A48B1B16697}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{93CF57E8-8893-41CF-8E80-B0F12AB8E3D9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DCC179D9-4319-4812-AE78-D85E046850DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{4574B65C-53EE-4135-AEF7-75459290358A}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{D1EA443F-D764-4135-BC7B-B685D4F50F29}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{A37B3346-1421-48B5-BE24-3B939871F357}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{5A1D90D8-6488-474C-A0AA-8EB4F2603F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raiden IV OverKill\game.exe FirewallRules: [{FDFC9EA5-5C54-46C6-9394-6B9C39AF03AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raiden IV OverKill\game.exe FirewallRules: [{E7AB2F3E-9852-4D78-8F5A-8319DD1780E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe FirewallRules: [{3FCBF01C-6B5B-4569-A939-126D84BC251D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe FirewallRules: [{B0559F79-C7C9-471D-9C3F-E107A3E45AF8}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{308DF9E3-780E-44E1-A122-E37B21166903}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{D722C5E5-32F2-4A1D-AF45-11AA40094CC6}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe FirewallRules: [{ADA0F511-C251-4042-A09E-77DC40CA8DB9}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe FirewallRules: [{2C0FDDA6-4371-44C5-9CA9-15812493CD2B}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe FirewallRules: [{465BE654-DAA7-4F6A-9FC4-0B9853AD52BF}] => (Allow) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe FirewallRules: [{1FE89A76-B80B-4198-89D2-F87190CD101D}] => (Allow) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe FirewallRules: [{C05CA338-6D29-4651-A9D9-0CBF1AB3437E}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\node.exe FirewallRules: [{2310F602-1571-4A2A-A3D6-B1E64FFA5DD8}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\node.exe FirewallRules: [{3E560386-CAE3-443E-A0D6-C58BBBEA58B2}] => (Allow) C:\windows\system32\lxebcoms.exe FirewallRules: [{9AE10C5B-C383-496E-98D2-4280818F8D3D}] => (Allow) C:\Windows\System32\lxebcoms.exe FirewallRules: [{C2D64146-0ED7-4A56-BBD6-418099901C04}] => (Allow) C:\Windows\System32\lxebcoms.exe FirewallRules: [{9094DC80-8C15-4263-B0E2-082FB3F8E7D1}] => (Allow) C:\windows\system32\LXEBcoms.exe FirewallRules: [{D00F2924-D488-4419-9E2D-76A414F7865F}] => (Allow) C:\windows\system32\LXEBcoms.exe FirewallRules: [{694E79FC-2070-4150-93C4-9A6AB685DD4F}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{9A9467E8-CFA4-4478-A99C-5E1F4A8C8D16}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{BB22529C-08C8-40E2-A705-47B210A94F6C}] => (Allow) C:\windows\SysWOW64\ftp.exe FirewallRules: [{C75C202D-C096-4C25-8B52-F964B4A7EB7C}] => (Allow) C:\windows\SysWOW64\ftp.exe FirewallRules: [{7ACDDE30-87DC-46B3-8FEA-736A03ED9EA3}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{78D93382-008D-4867-879C-79844E60051B}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe FirewallRules: [{354753D6-708E-4C50-AF01-CB9EC863729D}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe FirewallRules: [{1274B418-0DDF-4827-85BB-AB072D808F57}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe FirewallRules: [{E8F42E07-B8AE-47C3-BF42-88A65F696848}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe FirewallRules: [{11EB78BD-8C7C-48CD-9C5D-159957D27607}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe FirewallRules: [{F43782AE-E9EE-43C5-A071-47C53C36EC02}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe FirewallRules: [{2A83218B-70ED-4582-B431-BB0AAE59D0D8}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe FirewallRules: [{475C0AFE-FDB4-472A-93A7-47642BDD5D62}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe FirewallRules: [{CF3225AC-032A-4AF4-A2B8-1A74D4F44A3F}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe FirewallRules: [{1F07AE35-7F36-4955-9F8E-D0343CF87C21}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe FirewallRules: [{D30B1280-5D22-433A-82BE-4F27DA0C27E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{18D26EDA-1DF5-4048-AA1E-A5BB6A4AD593}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8951B72A-EEBC-4DE7-B5F5-D7110446A902}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A250BB7B-3625-4D42-A429-82BF046FEE45}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{30C544B1-C146-4236-ACDE-D905B36B6DF9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{BC8C92E9-4445-4017-A0EA-49D2A2B4C35A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{38D24427-7BC7-4293-812E-E6D45944CB88}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe FirewallRules: [{7F0E090D-B8A7-4D47-A020-709F5A85ECCB}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe FirewallRules: [{460D1890-23C7-461E-9CE8-2D79E075C1F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{42EA20C1-99FE-4A47-A103-C4301C78C28A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{918FC010-5826-4901-8BA7-90E1952C203E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{8C25577B-23FE-429E-B185-423DC98764DB}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{654ED0D2-5557-4422-B898-0ED0D79A6005}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe FirewallRules: [{2CC93236-0A84-4F8C-8697-E8B2A37EAC13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe FirewallRules: [{B4D939EE-5EF2-4DF6-8B5C-31A615EC7044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [{F60A0649-787F-4F9E-86F6-0F9684236EA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [{E0C6B92B-8967-4855-B89D-5A5249AF527D}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{D0EBFFA2-AA05-4252-9F1D-B945ABE6C50D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{88974A9B-4951-4304-B477-AFCC51425A5F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{C2444971-5A7C-44E9-977F-C3905631DC14}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{24EEADA0-B30D-42B5-87A1-82250132E392}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{1F92A5F7-3AC5-4A12-9027-D26976922472}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{C9E93BFF-2460-4CEA-BEBD-7080785774A3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [TCP Query User{7C52CC85-C31D-4697-B269-C2F47C1DC620}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{93A06861-AC96-4A33-9BE4-91FBBF96165E}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{8CF6ED5A-0910-4CAE-AEF7-CDD0CB67C658}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{C03F0547-984E-44AD-853A-A84EEF2B3C56}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe FirewallRules: [{6B7B49CD-8E8A-40D1-8F32-1D1EAEE0AC74}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe FirewallRules: [{8D046B9D-449D-4563-A317-7A6FABC1035D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{12AA9C10-4465-4D9C-8DAB-7CC26AFD6743}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{804885C7-175B-482F-AEF4-A397AC0FF002}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F787F48E-EDE3-4DD7-86FA-35936290C987}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{7C73140F-DF19-4C39-8D61-71C31DE06509}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B119F957-1141-4851-AD4A-62C2AA66568F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0663E39A-DD18-41F6-88E2-FFB01EADD37D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{28F61605-ABD5-4366-8627-65D26ED59450}] => (Allow) C:\windows\system32\LXEBcoms.exe FirewallRules: [{8DD7A7CC-624B-4C1E-834D-5DF0F2D21376}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{025826C7-D239-4C37-9DC4-D0FD291E9C6F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{86B1D895-C4F8-4A26-B139-16330B0A13EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C4BFE80C-5E2B-4FE1-9B27-6640395A2797}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C42BD8ED-C697-4062-A265-B7D0FCA33A22}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{9E9BA7C1-6BD3-4C71-81EA-7ED2D41A1534}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{2CEFE999-37B7-408D-8FEA-21C1C770E889}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe FirewallRules: [{FD115A5C-8E57-4A3E-BDBE-311BAB0701C3}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe ==================== Restore Points ========================= 19-05-2017 12:23:52 Windows Update 19-05-2017 15:48:25 JRT Pre-Junkware Removal 23-05-2017 16:14:57 Windows Update 26-05-2017 10:05:45 JRT Pre-Junkware Removal ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/26/2017 06:02:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-B72NMJ6) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (05/26/2017 03:36:56 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/23/2017 04:17:57 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/22/2017 10:04:07 AM) (Source: ESENT) (EventID: 104) (User: ) Description: qmgr.dll (11256) QmgrDatabaseInstance: The database engine stopped the instance (0) with error (-1090). Internal Timing Sequence: [1] 0.000002 +J(0) [2] 0.000009 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K) [3] 0.000001 +J(0) [4] 0.000002 +J(0) [5] 0.0 +J(0) [6] 0.000044 +J(0) +M(C:0K, Fs:2, WS:-72K # 0K, PF:-80K # 0K, P:-80K) [7] - [8] 0.000003 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K) [9] 0.002367 +J(0) +M(C:0K, Fs:6, WS:-48K # 0K, PF:-140K # 0K, P:-140K) [10] - [11] 0.000004 +J(0) +M(C:0K, Fs:1, WS:4K # 0K, PF:0K # 0K, P:0K) [12] - [13] 0.000016 +J(0) +M(C:0K, Fs:0, WS:-4K # 0K, PF:-4K # 0K, P:-4K) [14] 0.000363 +J(0) +M(C:0K, Fs:0, WS:0K # 0K, PF:-4K # 0K, P:-4K) [15] 0.000007 +J(0) +M(C:0K, Fs:0, WS:-8K # 0K, PF:-12K # 0K, P:-12K) [16] 0.000001 +J(0). Error: (05/22/2017 10:04:07 AM) (Source: ESENT) (EventID: 471) (User: ) Description: qmgr.dll (11256) QmgrDatabaseInstance: Unable to rollback operation #-75 on database C:\ProgramData\Microsoft\Network\Downloader\qmgr.db. Error: -510. All future database updates will be rejected. Error: (05/22/2017 10:04:07 AM) (Source: ESENT) (EventID: 492) (User: ) Description: qmgr.dll (11256) QmgrDatabaseInstance: The logfile sequence in "C:\ProgramData\Microsoft\Network\Downloader\" has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart or restore from backup. Error: (05/22/2017 10:04:07 AM) (Source: ESENT) (EventID: 413) (User: ) Description: qmgr.dll (11256) QmgrDatabaseInstance: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032. Error: (05/22/2017 10:04:07 AM) (Source: ESENT) (EventID: 488) (User: ) Description: qmgr.dll (11256) QmgrDatabaseInstance: An attempt to create the file "C:\ProgramData\Microsoft\Network\Downloader\edbtmp.log" failed with system error 80 (0x00000050): "The file exists. ". The create file operation will fail with error -1814 (0xfffff8ea). Error: (05/21/2017 05:35:11 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-B72NMJ6) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (05/21/2017 10:00:41 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-B72NMJ6) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (05/26/2017 06:02:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC} did not register with DCOM within the required timeout. Error: (05/26/2017 06:02:17 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout. Error: (05/26/2017 10:06:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/26/2017 10:05:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/26/2017 10:05:07 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/25/2017 08:42:49 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC} did not register with DCOM within the required timeout. Error: (05/25/2017 06:21:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC} did not register with DCOM within the required timeout. Error: (05/25/2017 04:35:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC} did not register with DCOM within the required timeout. Error: (05/25/2017 04:35:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout. Error: (05/25/2017 04:35:27 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {0002DF02-0000-0000-C000-000000000046} did not register with DCOM within the required timeout. CodeIntegrity: =================================== Date: 2017-05-25 16:08:32.545 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-25 16:07:50.921 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-25 16:07:50.175 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-25 16:07:47.127 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-25 16:07:45.216 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-25 16:07:44.141 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-25 16:07:43.893 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-24 19:56:59.330 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-24 19:56:23.803 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-24 19:56:23.661 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz Percentage of memory in use: 20% Total physical RAM: 16324.56 MB Available physical RAM: 12937.09 MB Total Virtual: 19268.56 MB Available Virtual: 14944.21 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:930.2 GB) (Free:675.77 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 623637DF) Partition: GPT. ==================== End of Addition.txt ============================