Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-06-2017 Ran by HelenK (11-06-2017 20:26:39) Running from C:\Users\HelenK\Downloads Windows 7 Ultimate Service Pack 1 (X64) (2017-03-20 15:14:46) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1108279874-2773190112-526637328-500 - Administrator - Disabled) Guest (S-1-5-21-1108279874-2773190112-526637328-501 - Limited - Disabled) HelenK (S-1-5-21-1108279874-2773190112-526637328-1000 - Administrator - Enabled) => C:\Users\HelenK ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1108279874-2773190112-526637328-1000\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.0.1.188 - Adobe Systems Incorporated) Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.127 - Adobe Systems Incorporated) Adobe Media Encoder CC 2017 (HKLM-x32\...\AME_11_1_0) (Version: 11.1.0 - Adobe Systems Incorporated) Adobe Premiere Pro CC 2017 (HKLM-x32\...\PPRO_11_1_1) (Version: 11.1.1 - Adobe Systems Incorporated) Ansel (Version: 382.05 - NVIDIA Corporation) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) Assassin’s Creed Syndicate version 1.0.0 (HKLM-x32\...\Assassin’s Creed Syndicate_is1) (Version: 1.0.0 - Ubisoft) ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.3.9.7 - ASUSTek COMPUTER INC.) ASUS GPU TweakII (x32 Version: 1.3.9.7 - ASUSTek COMPUTER INC.) Hidden ASUS PCE-N15 WLAN Card Utilities & Driver (HKLM-x32\...\{556BEFE2-30FF-4113-98F4-01234396DF2B}) (Version: 1.0.1.2 - ASUS) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.031 - ASUSTek Computer Inc.) Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Bully Scholarship Edition version 1.2.0.0 (HKLM-x32\...\Bully Scholarship Edition_is1) (Version: 1.2.0.0 - Mr DJ) CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Company of Heroes 2 (HKLM-x32\...\Q29tcGFueW9mSGVyb2VzMg==_is1) (Version: 1 - ) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) CyberLink ActionDirector 2 (HKLM-x32\...\{1A7C4187-2C87-4689-AD7D-66429E8A7475}) (Version: 2.0.0906.0 - CyberLink Corp.) DaVinci Resolve (HKLM\...\{5D6009B3-E646-463A-805A-D5B95D0E36A2}) (Version: 12.5.5026 - Blackmagic Design) DaVinci Resolve Panels (HKLM\...\{6FC8261F-6046-4ABB-851B-12FC923D0724}) (Version: 1.0.0.0 - Blackmagic Design) Easy Tune 6 B12.1121.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden EXCALIBUR Spectrum Gaming Keyboard (HKLM-x32\...\{D8CCF4D9-11FA-4806-9F39-2120EE7565E5}}_is1) (Version: - ) Far Cry Primal (HKLM-x32\...\{80BD47AF-CF13-49B2-99BF-7E78FBA26124}_is1) (Version: - Ubisoft) Garena - League of Legends (HKLM-x32\...\LoL) (Version: - Garena Online Pte Ltd.) Garena+ (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden GoPro Studio (x32 Version: 5.12.5383 - GoPro, Inc.) Hidden Growtopia (remove only) (HKU\S-1-5-21-1108279874-2773190112-526637328-1000\...\Growtopia) (Version: - ) HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.4.14.41 - HP Inc.) HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.7.22.13 - HP Inc.) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) iCloud (HKLM\...\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}) (Version: 6.2.1.67 - Apple Inc.) Injustice - Gods Among Us. Ultimate Edition (HKLM-x32\...\Injustice - Gods Among Us. Ultimate Edition_R.G.~AC85A1BE_is1) (Version: - R.G. Mechanics, markfiter) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation) Killing Floor (HKLM\...\Steam App 1250) (Version: - Tripwire Interactive) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Men of War: Assault Squad 2 Update 1 (HKLM-x32\...\TWVub2ZXYXJBc3NhdWx0U3F1YWQy_is1) (Version: 1 - ) Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (español) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 3082) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Français) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1036) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.6.01055 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.8067.2115 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1108279874-2773190112-526637328-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Middle Earth - Shadow of Mordor (HKLM-x32\...\Middle Earth - Shadow of Mordor_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Mozilla Firefox 53.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 en-US)) (Version: 53.0.2 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.05 - NVIDIA Corporation) NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation) NVIDIA Graphics Driver 382.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.05 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.26 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.26 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation) NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.8067.2115 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7967.2073 - Microsoft Corporation) Hidden ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) PowerISO (HKLM-x32\...\PowerISO) (Version: 6.8 - Power Software Ltd) Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) Quik (HKLM-x32\...\{b15a4fb5-7637-45ca-b230-33d94af786a7}) (Version: 2.3.0.5383 - GoPro, Inc.) Quik (Version: 0.1.5383 - GoPro, Inc.) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SharewareOnSale Notifier (HKU\S-1-5-21-1108279874-2773190112-526637328-1000\...\SharewareOnSale Notifier) (Version: 20 - SharewareOnSale) SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden Sid Meiers Civilization VI Proper (HKLM\...\c2lkbWVpZXJzY2l2aWxpemF0aW9udmk_is1) (Version: 1 - ) South Park - The Stick of Truth (HKLM-x32\...\South Park - The Stick of Truth_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) Spotify (HKU\S-1-5-21-1108279874-2773190112-526637328-1000\...\Spotify) (Version: 1.0.56.451.gb2f539fc - Spotify AB) Spotydl 0.9.37.0 (HKLM-x32\...\Spotydl_is1) (Version: 0.9.37.0 - spotydl.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.72365 - TeamViewer) Total War ATTILA Age of Charlemagne version 1.6.0.0 (HKLM-x32\...\Total War ATTILA Age of Charlemagne_is1) (Version: 1.6.0.0 - KNIGHT) VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.) WinRAR 5.21 (32-位) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) XSplit Gamecaster (HKLM-x32\...\{8915913F-E4AF-46C5-B4EF-3535D83BFFDE}) (Version: 2.5.1507.3018 - SplitmediaLabs) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1108279874-2773190112-526637328-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\HelenK\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-1108279874-2773190112-526637328-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0265E82C-A342-4548-8DE3-4B826A818534} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-05-25] (HP Inc.) Task: {0C28348E-2378-42BB-B953-01E7EAC88124} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.) Task: {0D04F147-A884-48D7-96DE-494217B675E4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.) Task: {1EE4CCD5-0DAE-4B89-8E2E-E84092519C23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-20] (Google Inc.) Task: {2A330618-0E63-4D3D-988B-04F71128D8C2} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {31330BAA-9D17-4398-A2CA-995E0C0F056A} - System32\Tasks\Garena+ Plugin Host Service => C:\Program Files (x86)\Garena Plus\ggdllhost.exe [2017-01-18] () Task: {3203E744-721E-42EC-9B00-164A818A1FE5} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-18] () Task: {3F2BBC71-57EC-483D-A16F-F64DB952A2DB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.) Task: {43DB5724-9329-4838-AED3-AD530C687137} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-04] (NVIDIA Corporation) Task: {58D1982E-0FB8-48EF-AA46-145A9311E1DF} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2016-10-17] (TODO: ) Task: {7915BC06-6FCA-474B-A13B-2472124EFBFA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.) Task: {7A985F2E-88EB-46A4-A220-5C4EFDEC742D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.) Task: {7D5B1857-1E5C-47C4-87EB-331590DB908A} - System32\Tasks\AdobeAAMUpdater-1.0-HelenK-PC-HelenK => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {7E12CD2A-A64B-4CC0-A911-3AD16B287DD1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-04] (NVIDIA Corporation) Task: {7FD2722C-0A4F-4DF2-BEAA-E8C67E04DCBE} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-04] (NVIDIA Corporation) Task: {7FDCB5A4-6A46-4855-BFF6-94894C06C7B4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-04] (NVIDIA Corporation) Task: {87976582-260A-4FF7-B823-92FCCE719F1B} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2017-03-20] () Task: {886D33A8-0891-415D-907B-624BA456FA7C} - System32\Tasks\{D099EA21-3874-4564-90EC-E12B866FDA08} => pcalua.exe -a "C:\Users\HelenK\Documents\云之思三轴调参软件与驱动 (1)\云之思三轴调参软件与驱动\驱动\驱动\USB-驱动\USB驱动程序\VCP_V1.3.1_Setup_x64.exe" -d "C:\Users\HelenK\Documents\云之思三轴调参软件与驱动 (1)\云之思三轴调参软件与驱动\驱动\驱动\USB-驱动\USB驱动程序" Task: {8ED92061-C2CC-4B76-ADA3-F6CC229CF1BE} - System32\Tasks\{912A4EB0-7A9D-45DA-816B-2252234DE37C} => pcalua.exe -a C:\Users\HelenK\Downloads\Taboo.Season.1.720p.WEB-DL.x265.ShAaNiG\Gaming_Keyboard_FW_Updater_3540\devcon_32.exe -d C:\Users\HelenK\Downloads\Taboo.Season.1.720p.WEB-DL.x265.ShAaNiG\Gaming_Keyboard_FW_Updater_3540 Task: {93883F45-D07C-4953-8CCF-FFE575284994} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-04] (NVIDIA Corporation) Task: {970A0D95-D711-4D96-8633-DD74517AFA48} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {99554BB1-2CBF-44EC-AED0-BD6F7386275B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-04-06] (HP Inc.) Task: {A0A46553-9417-4C20-BC91-DF6B685761D8} - System32\Tasks\HPCeeScheduleForHelenK => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.) Task: {A11D7D1D-E2EC-4AC5-A95C-C9C1BCABE312} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] () Task: {A9F6649F-B64A-408A-828E-E312D3A9C147} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd) Task: {B7B8ABFD-DDC3-40F0-9C4D-09B578FA9FE6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-14] (Microsoft Corporation) Task: {C0392218-7566-4A6D-AAB5-8604B98F4692} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-05-26] () Task: {CFF70798-633D-4D35-BD22-2B40030AE2D4} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-04] (NVIDIA Corporation) Task: {E5AB8C8F-A712-4B07-957B-B2BE18BEB725} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-26] (Microsoft Corporation) Task: {E6C41CBC-8641-4FC2-B539-9F72F1DF42D2} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-04] (NVIDIA Corporation) Task: {EE7F799A-DCEC-46A1-A86F-C2E6019F75D4} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-04] (NVIDIA Corporation) Task: {F5EBF184-EC60-4FFB-A8FF-7E43D8515A09} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2017-04-07] (HP Inc.) Task: {F8D88A72-5946-4E87-855C-1037869C13B8} - System32\Tasks\{6D05EE9A-00D9-4BDC-925D-765227250D01} => pcalua.exe -a "C:\Users\HelenK\Documents\云之思三轴调参软件与驱动 (1)\云之思三轴调参软件与驱动\驱动\驱动\USB-驱动\USB驱动程序\VCP_V1.3.1_Setup.exe" -d "C:\Users\HelenK\Documents\云之思三轴调参软件与驱动 (1)\云之思三轴调参软件与驱动\驱动\驱动\USB-驱动\USB驱动程序" Task: {FC58BECD-7C65-412F-B7BA-C9B37577CAAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-20] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe Task: C:\Windows\Tasks\HPCeeScheduleForHelenK.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\HelenK\Desktop\Shortcuts\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ShortcutWithArgument: C:\Users\HelenK\Desktop\Shortcuts\tan - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Default" ShortcutWithArgument: C:\Users\HelenK\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Person 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============== 2017-01-18 18:15 - 2017-01-18 18:15 - 00175096 _____ () C:\Program Files (x86)\Garena Plus\ggdllhost.exe 2016-11-01 03:45 - 2016-11-01 03:45 - 00592384 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll 2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2017-04-02 22:29 - 2017-04-02 22:29 - 00959168 _____ () C:\Users\HelenK\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2017-03-23 18:23 - 2017-05-04 04:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-03-16 17:15 - 2017-03-16 17:15 - 00866224 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe 2017-04-02 15:29 - 2017-04-02 15:29 - 01008816 _____ () C:\ProgramData\SharewareOnSale Notifier\SharewareOnSale Notifier.exe 2017-03-15 17:45 - 2017-06-01 18:24 - 09140688 _____ () C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe 2017-03-30 15:19 - 2016-12-29 10:20 - 01772032 _____ () C:\Program Files (x86)\TESORO Gaming\EXCALIBUR Spectrum Gaming Keyboard\HID.exe 2017-03-16 17:15 - 2017-03-16 17:15 - 00037808 _____ () C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe 2016-10-25 09:57 - 2016-10-25 09:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2017-05-12 07:19 - 2017-05-09 17:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-05-12 07:19 - 2017-05-09 17:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll 2017-02-03 18:17 - 2017-05-25 21:37 - 03860944 _____ () C:\Program Files (x86)\Garena Plus\ggspawn.dll 2017-03-23 18:03 - 2012-03-20 14:08 - 00126976 ____N () C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\EnumDevLib.dll 2017-03-23 18:23 - 2017-05-04 04:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-03-23 18:11 - 2017-05-17 09:54 - 00678176 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2017-03-23 18:11 - 2016-09-01 09:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2017-03-23 18:11 - 2016-09-01 09:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2017-03-23 18:11 - 2016-09-01 09:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2017-03-23 18:11 - 2017-06-08 13:42 - 02485536 _____ () C:\Program Files (x86)\Steam\video.dll 2017-03-23 18:11 - 2016-01-27 15:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2017-03-23 18:11 - 2016-01-27 15:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2017-03-23 18:11 - 2016-01-27 15:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2017-03-23 18:11 - 2016-01-27 15:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2017-03-23 18:11 - 2016-01-27 15:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2017-03-23 18:11 - 2017-06-08 13:42 - 00877856 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2017-03-23 18:11 - 2016-07-05 06:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2017-03-23 23:56 - 2017-06-11 00:17 - 67117168 _____ () C:\Users\HelenK\AppData\Roaming\Spotify\libcef.dll 2017-01-18 18:15 - 2017-01-18 18:15 - 00117240 _____ () C:\Program Files (x86)\Garena Plus\CommonLib.dll 2017-01-18 18:15 - 2017-01-18 18:15 - 00046544 _____ () C:\Program Files (x86)\Garena Plus\DibModule.dll 2017-04-05 13:43 - 2017-06-09 21:15 - 00047096 _____ () C:\Program Files (x86)\Garena Plus\VersionModule.dll 2017-01-18 18:15 - 2017-01-18 18:15 - 00063992 _____ () C:\Program Files (x86)\Garena Plus\FileLoader.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00100304 _____ () C:\Program Files (x86)\Garena Plus\PluginKernel.dll 2017-01-18 18:15 - 2017-01-18 18:15 - 00500176 _____ () C:\Program Files (x86)\Garena Plus\CxImage.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00038352 _____ () C:\Program Files (x86)\Garena Plus\PluginModule.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00183288 _____ () C:\Program Files (x86)\Garena Plus\lib\fs\YYFileSystem.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00386088 _____ () C:\Program Files (x86)\Garena Plus\lib\Http.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00197112 _____ () C:\Program Files (x86)\Garena Plus\lib\MP3Module.dll 2012-02-22 16:52 - 2012-02-22 16:52 - 00162304 _____ () C:\Program Files (x86)\Garena Plus\lame_enc.DLL 2017-01-18 18:16 - 2017-01-18 18:16 - 00232440 _____ () C:\Program Files (x86)\Garena Plus\lib\TaskManagerLib.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00164392 _____ () C:\Program Files (x86)\Garena Plus\lib\UILayout.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00970744 _____ () C:\Program Files (x86)\Garena Plus\lib\XLL.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00067576 _____ () C:\Program Files (x86)\Garena Plus\lib\XmlUIModule.dll 2012-02-22 16:52 - 2012-02-22 16:52 - 00573100 _____ () C:\Program Files (x86)\Garena Plus\sqlite3.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00238544 _____ () C:\Program Files (x86)\Garena Plus\Plugins\StatsPlugin.dll 2017-04-05 13:22 - 2017-06-09 21:15 - 02731512 _____ () C:\Program Files (x86)\Garena Plus\Plugins\ggplugin.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00205304 _____ () C:\Program Files (x86)\Garena Plus\ImageModule.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00168400 _____ () C:\Program Files (x86)\Garena Plus\libmpg123.dll 2017-01-18 18:15 - 2017-01-18 18:15 - 04893136 _____ () C:\Program Files (x86)\Garena Plus\ggdownloader.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00078328 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\AudioMixerLib.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00029176 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\ClientTcp.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 01558008 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\FileSender.dll 2013-02-01 13:42 - 2013-02-01 13:42 - 00153088 _____ () C:\Program Files (x86)\Garena Plus\libzmq.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00969168 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\GaFileTransfer.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00257064 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\MediaEngine.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00039376 _____ () C:\Program Files (x86)\Garena Plus\ServerMemAlloc.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00529400 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\RSALib.dll 2017-01-18 18:16 - 2017-01-18 18:16 - 00080424 _____ () C:\Program Files (x86)\Garena Plus\lib\delay_load\UdtLib.dll 2017-03-16 16:09 - 2017-03-16 16:09 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2017-03-16 16:09 - 2017-03-16 16:09 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2017-03-16 16:08 - 2017-03-16 16:08 - 00189752 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll 2016-11-01 03:43 - 2016-11-01 03:43 - 00564736 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll 2017-04-02 22:29 - 2017-04-02 22:29 - 00679624 _____ () C:\Users\HelenK\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2017-03-23 18:12 - 2017-05-09 03:45 - 69516064 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll 2017-06-11 00:01 - 2017-05-17 09:54 - 00678176 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll 2017-03-23 18:11 - 2017-06-08 13:42 - 00385312 _____ () C:\Program Files (x86)\Steam\steam.dll 2017-03-23 18:24 - 2017-05-04 04:20 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2017-03-30 15:19 - 2013-01-16 09:06 - 00061952 _____ () C:\Program Files (x86)\TESORO Gaming\EXCALIBUR Spectrum Gaming Keyboard\HidDevice.dll 2017-03-14 08:31 - 2017-03-14 08:31 - 52051544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2017-03-23 23:56 - 2017-06-11 00:17 - 02253424 _____ () C:\Users\HelenK\AppData\Roaming\Spotify\libglesv2.dll 2017-03-23 23:56 - 2017-06-11 00:17 - 00086640 _____ () C:\Users\HelenK\AppData\Roaming\Spotify\libegl.dll 2017-03-20 23:19 - 2012-07-18 11:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2017-01-25 20:07 - 2017-01-25 20:07 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2017-01-25 20:07 - 2017-01-25 20:07 - 00214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2017-01-25 20:06 - 2017-01-25 20:06 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2017-01-25 20:07 - 2017-01-25 20:07 - 00125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2017-03-14 08:35 - 2017-03-14 08:35 - 00110680 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll 2017-01-25 20:07 - 2017-01-25 20:07 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 10:34 - 2009-06-11 05:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1108279874-2773190112-526637328-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\HelenK\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1D658B3B-94F2-474B-899F-FFCDA6A38616}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{D92672D3-5BB9-4824-8470-8E1440DC41AE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{7B7559E3-8EB6-4FB4-A99D-FA32A7A2B8F4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{0927A31F-D924-40FC-80E1-A1A6FFCFB3EE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [TCP Query User{9ABC91FE-2B8D-4F94-AA57-4E256F6EE21F}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{DF388988-E7EE-46E5-8A43-BF91C585751D}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{3A12DD0E-84C1-43C8-AA98-F38E1EC99BBD}] => (Allow) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtWLan.exe FirewallRules: [{57DDD0DB-8898-42E0-86AC-D31E389B166B}] => (Allow) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RtWLan.exe FirewallRules: [{1A843F25-AEC0-4422-9A2C-2467E255B9B6}] => (Allow) LPort=1542 FirewallRules: [{6206280B-64B0-42D6-8E33-38A6786CA929}] => (Allow) LPort=1542 FirewallRules: [{03A0CDAD-D22A-4CE9-81D0-ABCFF8E87134}] => (Allow) LPort=53 FirewallRules: [{F27A5A7E-B133-45EB-866E-4683C38D56EE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{BF85E22A-2759-4665-9F38-AC97EABD7D75}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{418D2EFB-4E27-472E-8B9C-5CC0ECE521C8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{CA76F957-7D84-4F5B-918A-83F4D9595BB7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{CF34861E-0EFA-4DE3-81AA-910653F6C2D1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5594BED3-C101-4E76-A335-0BA795ACC049}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{65D0EED2-8D8B-47AC-B235-76C296E7EF3A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{62352515-BF61-4E88-9B50-63E411A28044}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{28C9B1A1-5023-46FD-905C-21885E52B7CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{077BE7B5-65C0-410A-93C1-75AB2493EF65}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{D74A98C2-7A6F-42B3-AF55-19ABB422C93B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2021788D-7ADF-4A7D-86BE-55FD17310338}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D2106AFB-9B7F-4A4B-AFFB-BB5D50B3250D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A97BFE2C-E6ED-4995-9C46-87798BD4B62F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{613F14AD-3D35-4F0D-A972-D27BBCC34C2B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{5ECB83D1-B6D7-4964-95D6-4B51256FD46B}C:\users\helenk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helenk\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{1206D3DF-2AEC-44EA-AE4F-070358785A6B}C:\users\helenk\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\helenk\appdata\roaming\spotify\spotify.exe FirewallRules: [{6B4E0305-6D77-4F79-A7FC-09A3510B876B}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{1554EE48-7912-4AFA-B630-28B19890B0F8}] => (Allow) LPort=5357 FirewallRules: [{B85E70EB-5DCE-45B4-AB42-77A54A7253A7}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{29B74C2C-0090-4F8B-9485-0B756B51D504}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C5A31FEC-AFD6-4871-9EE6-D5E31D5161CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{078CB5EB-ECEC-4A1E-A0F3-2EDDC4D9795F}] => (Allow) C:\Users\HelenK\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FF10C431-B8E3-4E38-9CBA-D2833BC111FA}] => (Allow) C:\Users\HelenK\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{AAD3CF1C-EFC4-461B-A670-6FE92CDEDAF7}] => (Allow) C:\Users\HelenK\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D1ECA994-7EC2-43E4-B3D7-9A995061E535}] => (Allow) C:\Users\HelenK\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8D683A8B-4AC9-4143-9546-D57176430893}] => (Allow) C:\Users\HelenK\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2DD15D9C-ECAC-49DE-ADF2-55A1008D7FB9}] => (Allow) C:\Users\HelenK\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{97032B62-944F-426C-A026-0A3EF5662753}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1F3E8E4C-EF37-4AE4-B1EE-FE497281A730}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8E301B78-BA16-4F6A-B1BA-8D9AC0A7E6B1}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe FirewallRules: [{45DA8F17-FC69-4F2D-A90F-7C433AC9C92C}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe FirewallRules: [{44A59272-E6C6-4AF3-A3F7-051B4E1125A2}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe FirewallRules: [{2AD4E089-3375-4660-9299-2D017FDB988D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe FirewallRules: [{675B614D-1DE8-4C98-8DA3-5B78724FA5E6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe FirewallRules: [{F5E799EC-06AD-4893-B2BE-92AA9646443A}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe FirewallRules: [{5710BE27-B23C-4E81-B1DA-27DAA85ED457}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe FirewallRules: [{E5296845-B275-454F-8F71-9AFAF06A2116}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe FirewallRules: [{1575C151-0991-435B-8AA3-49259D9DA5D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe FirewallRules: [{9E378F06-E842-41A8-A991-A169862E8D01}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe FirewallRules: [{913DE28D-92C1-467C-ADAB-AE3E04E8C6AB}] => (Allow) C:\Program Files (x86)\Mr DJ\Bully Scholarship Edition\Bully.exe FirewallRules: [{B697E904-705E-42CB-952F-F22DE56185CD}] => (Allow) C:\Program Files (x86)\Mr DJ\Bully Scholarship Edition\Bully.exe FirewallRules: [{6763F6B1-9608-4BB5-B72E-F97CDDFFB5D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F6F89A59-5A63-4531-BE06-AFF8CE043177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EAADF6E2-8322-4D8E-9932-19DF15544E4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D28BC2AB-C108-4F47-A6C6-DE937C7900F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{120D0587-6FBB-457E-8A1C-E729762D3178}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EAD7310C-64A2-48AE-B6C6-315A651FA5CA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DC566085-C1A6-4C71-9C9E-34D8CD27A670}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{699B3FD4-CDA8-4960-A5D2-7A57F790F979}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{5023BC74-1265-45C4-A9F8-F6CA214587FE}C:\games\battlefield 1\bf1.exe] => (Allow) C:\games\battlefield 1\bf1.exe FirewallRules: [UDP Query User{B9F67D78-3F35-4CCC-A005-C21A527A2A80}C:\games\battlefield 1\bf1.exe] => (Allow) C:\games\battlefield 1\bf1.exe FirewallRules: [{6AF895BC-EC99-484C-9FD0-53120E7AD5A4}] => (Allow) C:\Program Files\CyberLink\ActionDirector2\PDR10.EXE FirewallRules: [{929D1873-F7ED-4F48-A43D-FFEB6F7952D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CF42E960-E006-4081-A078-632808914899}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{1231BA32-63A6-42BB-B6EE-28E118356ABC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FC34C4C7-04BC-4476-8E0D-B9971527F31C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{24A0E328-E39F-4712-8191-F91CBF5BC2AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3AE1F615-FBE6-4A2E-9ADE-B24C0434F31B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F831A8AA-88A6-4814-945D-AE38F2D785FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C6322AB7-D077-464A-8487-D8BB2B1AD28C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{982E87C0-0EA8-468F-B897-8100F08A058B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{406C9499-C0FC-4B39-AB51-04A4F82ED1F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D3063BCB-6414-497C-B391-D11C20AC6371}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{94F487BF-0241-42C5-85D1-C2F22B93CA26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{AEAB0A88-654A-4E98-8658-31781BB3DFDF}C:\users\helenk\downloads\lolinstaller.exe] => (Allow) C:\users\helenk\downloads\lolinstaller.exe FirewallRules: [UDP Query User{71D91C04-E842-46B7-AD20-F540C0C6F9E9}C:\users\helenk\downloads\lolinstaller.exe] => (Allow) C:\users\helenk\downloads\lolinstaller.exe FirewallRules: [TCP Query User{A29801EA-E983-4177-988D-67D6D6ED08E0}C:\program files (x86)\garena plus\garenamessenger.exe] => (Allow) C:\program files (x86)\garena plus\garenamessenger.exe FirewallRules: [UDP Query User{64160B77-7058-421A-B2F0-5F4290B24105}C:\program files (x86)\garena plus\garenamessenger.exe] => (Allow) C:\program files (x86)\garena plus\garenamessenger.exe FirewallRules: [TCP Query User{37488A0D-F6CE-460C-AAC0-F3F87D966034}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe FirewallRules: [UDP Query User{F340DC9B-FC9D-4BE5-A724-7C0B87C725FB}C:\program files (x86)\garena plus\bbtalk\bbtalk.exe] => (Allow) C:\program files (x86)\garena plus\bbtalk\bbtalk.exe FirewallRules: [{8569C539-8C72-43A0-A8EE-44B8006629D2}] => (Allow) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RTLDHCP.exe FirewallRules: [{6598C614-FEFB-4461-96CC-B74D53E1C7F4}] => (Allow) C:\Program Files (x86)\ASUS\PCE-N15 WLAN Card Utilities\RTLDHCP.exe FirewallRules: [{3C6301D0-2792-4DD0-AB27-6B84909D9D1B}] => (Allow) LPort=67 FirewallRules: [{CA188F72-F7C8-4FDB-A7A9-CC8ADD7291EA}] => (Allow) LPort=68 FirewallRules: [{8C4F3E70-CCEE-4AF9-9286-7C44A3440EC5}] => (Allow) LPort=67 FirewallRules: [{E117A3DD-1F9D-4F8F-BB95-7141C3A99CEB}] => (Allow) LPort=68 FirewallRules: [{EB0DE1B4-A356-4338-9C5F-02781969F034}] => (Allow) LPort=67 FirewallRules: [{80BD3D85-F053-416C-87BE-DE04939078E6}] => (Allow) LPort=68 FirewallRules: [{3E470000-7FFF-4E42-BC36-3D4D8F2C3FA2}] => (Allow) LPort=67 FirewallRules: [{0A6BAF6B-49BA-4C36-AB81-500EA751278B}] => (Allow) LPort=68 FirewallRules: [{48A857CA-3FFF-4BF5-B5F4-44F8678C6D98}] => (Allow) LPort=67 FirewallRules: [{EB9C54A4-4AD7-4C38-9634-3A9948AC73A2}] => (Allow) LPort=68 FirewallRules: [{AB52F0D2-5C8B-41D4-AF9B-2D47CDABB579}] => (Allow) LPort=67 FirewallRules: [{8689845C-D003-4803-AE59-8F9A13A78E94}] => (Allow) LPort=68 FirewallRules: [{C8A911B0-4518-4E87-905D-A5907F1ACBF7}] => (Allow) LPort=67 FirewallRules: [{EECA4F5B-FFC3-4FE0-94E1-071CA0E9ECA6}] => (Allow) LPort=68 FirewallRules: [{61B0C7CC-A9A3-4B85-8564-DEF2C3B35430}] => (Allow) LPort=67 FirewallRules: [{E05FA2A2-2BEA-454A-BE3D-3B19F14972CF}] => (Allow) LPort=68 FirewallRules: [{88889C1C-A571-4248-BD21-B065DB96A238}] => (Allow) LPort=67 FirewallRules: [{1F3FB371-8841-47D5-AABE-78B033764E8A}] => (Allow) LPort=68 FirewallRules: [{E9AAD93C-CFB1-42DE-B177-C443CB40D180}] => (Allow) LPort=67 FirewallRules: [{1180A71E-C164-4696-AE1F-39B3A3D13110}] => (Allow) LPort=68 FirewallRules: [{7FF1AD99-F80A-4976-89A4-5B91DE3C263E}] => (Allow) LPort=67 FirewallRules: [{4B1F1A24-D82A-4530-8796-DCE3277E5758}] => (Allow) LPort=68 FirewallRules: [{FB417398-2BF1-44F0-918E-6B744DD63457}] => (Allow) LPort=67 FirewallRules: [{3EE1132F-4622-47BF-8895-D61E05FC50C3}] => (Allow) LPort=68 FirewallRules: [{12C6D8D7-0D2E-477D-8635-A47C39EC425E}] => (Allow) LPort=67 FirewallRules: [{DFF35A59-2868-4EE3-80F7-D4664334D0DB}] => (Allow) LPort=68 FirewallRules: [{8B892FDA-0887-400C-87CE-5CE44B4A999C}] => (Allow) LPort=67 FirewallRules: [{65C2B1DC-6DD7-40B9-88AD-64AF4BF94BCA}] => (Allow) LPort=68 FirewallRules: [{63DA753A-9716-4743-AEDF-ADB87FE07782}] => (Allow) LPort=67 FirewallRules: [{37024275-98EB-450C-A1EF-5C4930B0F99E}] => (Allow) LPort=68 FirewallRules: [{46CB50AE-3F7E-4FD3-AABC-1436393971B3}] => (Allow) LPort=67 FirewallRules: [{7EFDCE2B-BDE2-4B57-A7C6-AFECB4B8044E}] => (Allow) LPort=68 FirewallRules: [{E0FAD2E1-EA16-4DF7-863C-1CE52406A37D}] => (Allow) LPort=67 FirewallRules: [{C2D8BEBF-3549-49FA-95B5-45949D728F20}] => (Allow) LPort=68 FirewallRules: [{1DC425F0-DB88-4234-9FEE-10F14058ABDB}] => (Allow) LPort=67 FirewallRules: [{3FBB5C55-2DCC-404E-A6D2-2CEDC2CFF5CF}] => (Allow) LPort=68 FirewallRules: [{BD75CAA6-45A8-4453-BD05-DE8827920339}] => (Allow) LPort=67 FirewallRules: [{19D9B859-D5FB-41FF-B08D-0E8902988C4E}] => (Allow) LPort=68 FirewallRules: [{E170196B-95C6-4065-BEDB-23C96E9ACBD7}] => (Allow) LPort=67 FirewallRules: [{1EB1E396-593C-4CA1-B2DE-58A053B3770D}] => (Allow) LPort=68 FirewallRules: [{2B200DBA-AF95-4955-A24B-A73C2C6E43E9}] => (Allow) LPort=67 FirewallRules: [{436A7A10-01FD-4FD7-983B-837350DB9A0A}] => (Allow) LPort=68 FirewallRules: [{2A622089-08A0-42B5-A256-A9BC6E693DDA}] => (Allow) LPort=67 FirewallRules: [{6283A0D9-7EB5-4231-8AC1-6DF25A86900F}] => (Allow) LPort=68 FirewallRules: [{166F9075-8768-44D6-B868-BBFE0D831932}] => (Allow) LPort=67 FirewallRules: [{4BB574D1-3AF0-47DC-951D-F2752E0D9EA3}] => (Allow) LPort=68 FirewallRules: [{17EF432B-E939-4945-BC77-E590AF55F1F1}] => (Allow) LPort=67 FirewallRules: [{21EA0BA8-C572-4414-B588-3BA22B2D37EE}] => (Allow) LPort=68 FirewallRules: [{56F71C94-30F3-428A-9BBF-59D354CC3579}] => (Allow) C:\Program Files (x86)\Garena Plus\Room\garena_room.exe FirewallRules: [{0FDF77C9-085E-42F7-BC85-33FCDA0F2DF0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0343A628-3695-43A2-9B05-416D0526A969}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3C316B46-C4E2-4F43-9F00-1B0CF0427C54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{06807721-A51D-4921-8BD8-954AE47A1C71}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{472A197F-C01A-40E3-B524-1B34CC2ED4D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4E039D83-5150-4ED8-B89A-09EAB4B3C2AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{24C7A673-095F-4B32-9F01-BF0FD224F3C7}C:\program files (x86)\garena plus\updatemanager.exe] => (Allow) C:\program files (x86)\garena plus\updatemanager.exe FirewallRules: [UDP Query User{5AE0DB31-7E4E-47CC-A3A1-6D8178303454}C:\program files (x86)\garena plus\updatemanager.exe] => (Allow) C:\program files (x86)\garena plus\updatemanager.exe FirewallRules: [{F87A216F-EF1A-4007-9C8E-2EE3A82F08A8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DDDFE936-500A-4F4E-9657-4CE57E5D3D55}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E924AB8B-EB15-46A9-A3C7-3A43AB8146A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{90D931A5-7CB2-42BA-AC16-716F3775ACD0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9DD941F1-A792-42DF-91EA-A3D48A7C2477}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9C7F39C3-986F-4253-B235-CC17114B591B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{490DE07E-475D-4FCA-8EC8-BED9B0141EA7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0BE01F14-0E6D-4BCF-AB8F-677DEEC7A75D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{52F972BB-39B7-4E31-9961-C212D6835C67}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9E73E399-9C9C-4DD5-B875-3294644E9115}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FE5F382F-3202-467F-A367-1CAF30E7BA44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{D10E5728-348E-4F76-8526-F4BA31EDA149}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{B78DDF28-E900-4EF2-BF9E-729594725F11}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9DD929F6-74D8-43D7-A0F0-57AC3A337C75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{EE3857AF-516F-4CEF-BF4F-B2B3B0925D19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9E24D4DC-3187-4082-894A-3DB340273269}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8F45DCA7-297B-4994-A7CD-575F77574568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AD92AC24-C3BA-45A2-B49D-375A4C91964E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3F7C1C24-CD9E-48C6-9FFF-31F06E6AA53D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{052247AA-8C4D-4E1E-898F-AA610B306538}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{C3AB2E53-4D1E-4BDF-9206-700E2C588CAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{00AFDCC4-A984-448A-943E-21D0657750F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{84709A53-71A3-4990-A962-909ADF318983}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2F96D5EB-B169-4684-A317-53C09FC01148}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E9C2D676-5381-459D-8C78-3C77C0D60A5D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{BD10C0CB-019C-4002-B56A-2FD88E99139B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{CD947D26-EE98-4302-BCDE-49A5F30479AD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{6C7AA55B-04D0-4C45-8737-2991EAD371FD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4E2A50D5-D708-4486-804A-B50870B9393E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8ACF6492-BE56-498E-9EA0-C1FF0018655A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E9AE8376-6724-49F2-B749-359487FA38ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2857D414-7F68-4464-B51F-CB800393A876}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{90FA61CA-2D23-464B-863C-5114F62AB54B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7B7F674C-E92A-4F08-850A-7F3EA1BC5B5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8B7BABFE-79D2-41CB-9FBC-9CEC83170F68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{F9E0C9BE-C0EF-4FD5-90E6-249C265DFBC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4DCE4F7C-F9F1-4901-8359-0078A31CFF04}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{AB745A4E-1CF9-4803-9C29-83342EC1E03D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{53B95867-3DC6-445F-B910-00D70CF1D0DB}D:\total war attila age of charlemagne\attila.exe] => (Allow) D:\total war attila age of charlemagne\attila.exe FirewallRules: [UDP Query User{7A3B1806-6BB6-4E61-8F23-1C8CD8207983}D:\total war attila age of charlemagne\attila.exe] => (Allow) D:\total war attila age of charlemagne\attila.exe FirewallRules: [{E26C80E8-79D0-499D-A7DB-DDC1EED0A908}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{170966BF-4793-4C61-A06B-3FFE8DFE4C1C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{3529616A-3081-418F-A40A-468C4FD9E1ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BF6E2570-F25D-40E6-86A4-6C47A390AB77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{40FC2A5B-C05E-4856-A312-7FBE5AEDA8D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FDBA0599-7451-4130-B2D4-7A90D67C5722}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{6767C460-C0E0-4589-8D5C-CD770C7907A0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2952C1DB-80B5-4B6D-807F-21B85CDADB0F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{7A1B047A-3CB5-451A-8407-8FFB98D376F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{9C4EFABE-4C7C-4CF9-B9BC-C89233C1506D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{8D907408-1B5B-4B5D-A8BC-0A97519BA151}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{7A272A0E-CE3E-4B18-BFD9-0C061DA1F3E4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BA29F355-EAA2-4B81-855B-CD37EA028270}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{392FDE88-5416-4FA6-B12B-7F5E681429AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{5C288405-5AA2-4851-B1C9-3BC4EDEBCFC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{77B822CA-564D-4D00-AF09-98F1E90E2706}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{E81C94B2-71A4-41F4-952E-FF959B93BD6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{BCE5476B-8C01-4803-A092-F03D1842B1BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{4EBCD157-9E2E-4770-9710-E8A0E9DBDC52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{A6B3958E-8122-4D14-9C27-4E47CBFDBE61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{DFC3751D-435E-4DA4-B185-A7E23C0F44C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2BA9448B-06F8-424D-883F-3A4876BF29F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{2030DD3A-A58E-480E-8C81-E1D44D600BA2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{FF7CEF4D-71BA-4140-B570-45CC0DC53CA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{0E0AB41D-0812-4D0C-9CAD-6873E76DE2D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [TCP Query User{BD75BB6D-D2A9-4E35-82F5-DDD85D701A99}D:\supernatural.s12e18.web-dl.x264-fum[ettv]\company of heroes 2\reliccoh2.exe] => (Allow) D:\supernatural.s12e18.web-dl.x264-fum[ettv]\company of heroes 2\reliccoh2.exe FirewallRules: [UDP Query User{45861934-C9AC-4281-88E4-E60A979B0EDE}D:\supernatural.s12e18.web-dl.x264-fum[ettv]\company of heroes 2\reliccoh2.exe] => (Allow) D:\supernatural.s12e18.web-dl.x264-fum[ettv]\company of heroes 2\reliccoh2.exe FirewallRules: [{3522AD8B-4750-4F5C-B849-E3D49063F4BF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [TCP Query User{90D2906B-F13A-4E7F-A1A5-67EEB81F4193}D:\far cry primal\bin\fcprimal.exe] => (Block) D:\far cry primal\bin\fcprimal.exe FirewallRules: [UDP Query User{140C3214-9F5E-4340-AD38-862CBFAD9FA1}D:\far cry primal\bin\fcprimal.exe] => (Block) D:\far cry primal\bin\fcprimal.exe FirewallRules: [TCP Query User{F590BBA4-D68E-482F-A919-16D7F29A5FB4}C:\program files (x86)\garena plus\garenamessenger.exe] => (Allow) C:\program files (x86)\garena plus\garenamessenger.exe FirewallRules: [UDP Query User{A5C09C02-0A6D-4428-A354-D682232A291A}C:\program files (x86)\garena plus\garenamessenger.exe] => (Allow) C:\program files (x86)\garena plus\garenamessenger.exe FirewallRules: [{112E14FA-F65F-4B2C-8F2C-1B2E7ACDC7FB}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoPro Quik.exe FirewallRules: [{41A04C7C-432C-4D65-879E-B88636D2B33C}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProMsgBus.exe FirewallRules: [{58A4B3D7-3187-4095-B0EF-DADF2C807E9B}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProIDService.exe FirewallRules: [{6E42F28B-43CC-4F37-8E5C-2D7AF34DFF4B}] => (Allow) C:\Program Files\GoPro\GoPro Desktop App\GoProLauncher.exe FirewallRules: [TCP Query User{D2A3CB52-FFB2-48F2-AB3C-6DE90C877A59}D:\fallout 4\fallout 4\fallout4.exe] => (Allow) D:\fallout 4\fallout 4\fallout4.exe FirewallRules: [UDP Query User{345DBAE3-1D60-40D9-A0E0-DA75EBA01228}D:\fallout 4\fallout 4\fallout4.exe] => (Allow) D:\fallout 4\fallout 4\fallout4.exe ==================== Restore Points ========================= 11-06-2017 00:09:23 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== System errors: ============= ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz Percentage of memory in use: 63% Total physical RAM: 8137.73 MB Available physical RAM: 3001.39 MB Total Virtual: 16273.64 MB Available Virtual: 10519.19 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:394.06 GB) (Free:111.89 GB) NTFS Drive d: () (Fixed) (Total:537.11 GB) (Free:152.71 GB) NTFS Drive e: (V1361) (CDROM) (Total:2.43 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1ACD04C5) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=394.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=537.1 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================