Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-10-2017 Ran by jayhooks (28-10-2017 19:50:06) Running from C:\Users\jayhooks\Desktop Windows 10 Home Version 1607 14393.1066 (X64) (2017-04-27 02:21:55) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4042677840-2483703146-3127757777-500 - Administrator - Disabled) Angie (S-1-5-21-4042677840-2483703146-3127757777-1002 - Limited - Enabled) => C:\Users\Angie DefaultAccount (S-1-5-21-4042677840-2483703146-3127757777-503 - Limited - Disabled) Guest (S-1-5-21-4042677840-2483703146-3127757777-501 - Limited - Disabled) jayhooks (S-1-5-21-4042677840-2483703146-3127757777-1001 - Administrator - Enabled) => C:\Users\jayhooks ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\uTorrent) (Version: 3.5.0.44090 - BitTorrent Inc.) Active Directory Authentication Library for SQL Server (HKLM\...\{E646D196-A17B-4F14-BE7B-F774527FE5E0}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden Active Directory Authentication Library for SQL Server (x86) (HKLM-x32\...\{44DC843A-C591-4064-BE1F-2BDC177AF50C}) (Version: 13.0.1100.286 - Microsoft Corporation) Hidden Akamai NetSession Interface (HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\Akamai) (Version: - Akamai Technologies, Inc) AnonymizerGadget (HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\AnonymizerGadget) (Version: 1 - Jetico lim) <==== ATTENTION Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{981F324E-98F4-4784-B76F-04E92039F3F6}) (Version: 5.2.60328.3 - Microsoft Corporation) Azure AD Authentication Connected Service (HKLM-x32\...\{3FEAC561-1CF6-41D6-B0F3-BECDD9C88A1B}) (Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (HKLM-x32\...\{1E5CA362-39B6-4BD0-B9C0-69CF15F0FEA2}) (Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden CloudExtender (HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\CloudExtender) (Version: - AltoCloud) <==== ATTENTION Cuphead (HKLM-x32\...\1963513391_is1) (Version: 20170929 - GOG.com) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.1.0230 - Disc Soft Ltd) Dark Souls 2 (HKLM-x32\...\Dark Souls 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 19.2.17.55 - Synaptics Incorporated) Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team) Dotfuscator and Analytics Community Edition 5.19.1 (HKLM-x32\...\{2A7F99F6-88A4-4B44-B350-41C0B147A39C}) (Version: 5.19.1.3091 - PreEmptive Solutions) Hidden DragonBoost (HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\119) (Version: - ) <==== ATTENTION Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation) Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) KB4023057 (HKLM\...\{264FDD69-C4DF-476F-B1B8-7DCEE4AF839B}) (Version: 2.4.0.0 - Microsoft Corporation) Krita (x64) 3.1.4.0 (HKLM\...\Krita_x64) (Version: 3.1.4.0 - Krita Foundation) League of Legends (HKLM-x32\...\{E80C09B5-A296-47E9-BD4B-BCCF2FDCA13E}) (Version: 4.1.2 - Riot Games) Hidden League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games) Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) MCSetup_Chrome version 1.5 (HKLM-x32\...\{A9B30652-6C72-41EC-8075-74DC91E3A854}_is1) (Version: 1.5 - KOG Games) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25123 - Microsoft Corporation) Microsoft Office Professional 2016 - en-us (HKLM\...\ProfessionalRetail - en-us) (Version: 16.0.8528.2139 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2016 LocalDB RC0 (HKLM\...\{9CED5D08-5664-4668-A927-CD6C60C4175D}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft SQL Server 2016 Management Objects RC0 (HKLM-x32\...\{948B5F49-A57E-46B4-9F1E-145D7A9E66D7}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft SQL Server 2016 Management Objects RC0 (x64) (HKLM\...\{F6F8053F-D328-4ACA-93A1-A49E495899F2}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft SQL Server 2016 T-SQL Language Service RC0 (HKLM-x32\...\{1852BD30-570B-4E47-8752-461448E8E250}) (Version: 13.0.12000.52 - Microsoft Corporation) Microsoft SQL Server 2016 T-SQL ScriptDom RC0 (HKLM\...\{D9F55D00-A8AB-4518-A56E-D9D5E615542A}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (14.0.60311.1) (HKLM-x32\...\{28292CA9-8D65-4E37-95A3-753EEB38F122}) (Version: 14.0.60311.1 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM\...\{495CC0B4-D4C3-4D87-8317-F66BA48C5552}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2016 RC0 (HKLM-x32\...\{3A87F9F2-D65D-4BA9-8459-E5BBE31EA64D}) (Version: 13.0.1100.286 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio Community 2015 with Update 2 (HKLM-x32\...\{04fa3a35-1f49-4510-8051-819cdc1e6e01}) (Version: 14.0.25123.0 - Microsoft Corporation) Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft 1.8.4 With Optifine 1.00 (HKLM-x32\...\Minecraft 1.8.4 With Optifine 1.00) (Version: - ) MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{13FE8B50-B340-4FDA-BB6E-AA1F5FAB8205}) (Version: 14.0.25123 - Microsoft Corporation) Hidden Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8528.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8528.2139 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0409-0000-0000000FF1CE}) (Version: 16.0.8431.2079 - Microsoft Corporation) Hidden osu! (HKLM-x32\...\{1c989adc-41fe-465f-9140-a8f69fac6f08}) (Version: latest - ppy Pty Ltd) PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.) Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.6.8 - Reimage) <==== ATTENTION Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Roslyn Language Services - x86 (HKLM-x32\...\{E6CAD8B3-5682-31CA-A05E-79F6DBF81066}) (Version: 14.0.25132 - Microsoft Corporation) Hidden ScpToolkit (HKLM\...\{AC052048-9828-45E3-872B-04CE30A3B58B}) (Version: 1.6.238.16010 - Nefarius Software Solutions) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) South Park The Fractured But Whole version 1.0 (HKLM\...\South Park The Fractured But Whole_is1) (Version: 1.0 - CODEPUNKS) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Team Explorer for Microsoft Visual Studio 2015 Update 2 (HKLM-x32\...\{7932CD6F-86D3-3EE4-8A02-B954404D1FFC}) (Version: 14.95.25118 - Microsoft) Hidden TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.83369 - TeamViewer) Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden Trezaa (HKLM-x32\...\{429B6B35-320D-41F2-AA7E-6B10D36055A1}) (Version: 1.0.0 - Trezaa) TypeScript Power Tool (HKLM-x32\...\{60890089-588B-4362-B9C5-A9C11D6E5DD1}) (Version: 1.8.9.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{4AC64C61-A7EC-4E4E-8F28-F57EB3430334}) (Version: 1.8.31.0 - Microsoft Corporation) Hidden Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com) Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Visual Studio 2015 Update 2 (KB3022398) (HKLM-x32\...\{78c1b501-a6eb-4f29-88c5-84189564827e}) (Version: 14.0.25123 - Microsoft Corporation) VS Update core components (HKLM-x32\...\{6A878817-D626-305A-BE8D-94C93F70E27A}) (Version: 14.0.25123 - Microsoft Corporation) Hidden vs_update2notification (HKLM-x32\...\{C0719D2C-5CA9-3824-903F-74F2CB9257D3}) (Version: 14.0.25132 - Microsoft Corporation) Hidden Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.8-6 - Wacom Technology Corp.) WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.) Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation) WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH) YoutubeAdBlock (HKLM-x32\...\E3605470-291B-44EB-8648-745EE356599A) (Version: 2.0.0.364 - Company Inc.) <==== ATTENTION Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\jayhooks\AppData\Local\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-07-25] () ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers4: [###MegaContextMenuExt] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\jayhooks\AppData\Local\MEGAsync\ShellExtX64.dll -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-02-16] (Intel Corporation) ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2017-07-25] () ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-11-18] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {039D54BE-3712-4E90-BA77-9DCCF7B8DA79} - System32\Tasks\zjwPaeaadZaNwF => rundll32 "C:\Program Files (x86)\JIdcnntTvnKU2\VHHEuuxfkAvry.dll",#1 Task: {07213F76-E7BB-49DF-963E-93D7BB58356F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-12] (Microsoft Corporation) Task: {0E35DAD4-7596-467D-A16A-CDB0B8B312AE} - System32\Tasks\GoogleUpdateSecurityTaskMachine_NP => C:\Users\jayhooks\AppData\Roaming\9cecf9e697aa49f788db4ea21a209ae1\chipset.exe exec hide TBHYQOQJGY.cmd <==== ATTENTION Task: {1BBEE8CD-B376-46F9-B60E-AA82528E864F} - System32\Tasks\GoogleUpdateSecurityTaskMachine_DO => C:\Users\jayhooks\AppData\Local\Temp\4d77ba52b4a249ed8245ca7025a911b0\chipset.exe exec hide MMSOTUVFOR.cmd <==== ATTENTION Task: {2D8B565D-95D4-4621-8D45-A19F41C17D40} - System32\Tasks\GoogleUpdateSecurityTaskMachine_AB => C:\Users\jayhooks\AppData\Roaming\528c97a8d4f5494fb1187f6bf90329d8\chipset.exe exec hide IGKZBMXNHK.cmd <==== ATTENTION Task: {3A0A7E58-43C3-40FD-9D13-805730E51F08} - System32\Tasks\Simple Giga => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\Simple Giga\Simple Giga.dll",ApbDpQFeN <==== ATTENTION Task: {3B6D1D1C-1503-4A6B-B2D1-F7C5B0606265} - \LaunchPreSignup -> No File <==== ATTENTION Task: {3FCAEA86-8B2A-4DDC-91E7-5599CB7DB9EA} - System32\Tasks\GoogleUpdateSecurityTaskMachine_KP => C:\Users\jayhooks\AppData\Local\935b845965f14e518271229e50212345\chipset.exe exec hide TWBPTJVILS.cmd <==== ATTENTION Task: {4C19B206-AA05-44A2-91D7-839E99CEA4E5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-30] (Piriform Ltd) Task: {4EA7FEB8-3E25-46FE-B91C-CA0D3A44B07C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-10-01] () Task: {592A1E9A-BE8D-42F6-BF39-50BD6A1DE3CC} - System32\Tasks\Trezaa Scheduler => C:\Program Files [Argument = s] Task: {611BC32D-3CE4-4975-B928-BD8916221663} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-12] (Microsoft Corporation) Task: {7631081A-08D1-4261-8CF7-9EE5DB4489D6} - System32\Tasks\PjDfytumxbayONn2 => rundll32 "C:\Program Files (x86)\kqEuPYMaU\HEufAr.dll",#1 Task: {88A39D7F-FF5A-4C09-80C6-582D8D37F062} - System32\Tasks\{75C2B97E-C84F-4CA6-AE0B-1B80231BDFCC} => C:\WINDOWS\system32\pcalua.exe -a C:\Users\jayhooks\AppData\Local\{72FF44A3-5657-281B-3BCF-0DF31FA7F16B}\uninstall.exe -c /Uninstall /s /noun /DelSelfDir Task: {9DC5472B-A7A5-4379-B5A3-675BFB8AE782} - System32\Tasks\{36AFB8E9-93C7-433E-B90C-A0DE5BC87DFE} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\MotioninJoy\unins000.exe" Task: {ADAC9D4A-6EB9-49DD-A741-C2A20C37C345} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-05-15] (Microsoft Corporation) Task: {B2B63303-AE01-4087-9FDB-20EB8F2CEF90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.) Task: {C4BEE5CC-1AAD-448F-B002-832F500C6260} - System32\Tasks\wmipr => C:\Users\jayhooks\AppData\Local\wmipr\wmipr.exe [2017-10-27] () <==== ATTENTION Task: {C943B759-E84C-4CC0-9538-F5B2ACF5FE3C} - System32\Tasks\GoogleUpdateSecurityTaskMachine_HM => C:\Users\jayhooks\AppData\Roaming\adaf2a586c6c4167a5955460e2885d84\chipset.exe exec hide FCHSADMBSN.cmd <==== ATTENTION Task: {CBBA9BCE-CB23-4E5D-9C59-8F7E3E355A8C} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-09-11] (Reimage®) <==== ATTENTION Task: {CCD1C2B2-5A4D-4178-A1B4-EC03C4911395} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-07-27] (Realtek Semiconductor) Task: {DA787D0B-273B-41E3-97D4-50EC14C3779C} - System32\Tasks\AGProxyCheck => C:\Program [Argument = Files (x86)\AnonymizerGadget\AGService.exe /recove] Task: {E29BB469-38ED-4341-BD93-731CC251F605} - System32\Tasks\PjDfytumxbayONn => rundll32 "C:\Program Files (x86)\kqEuPYMaU\HEufAr.dll",#1 Task: {E92C0622-B088-431B-B872-11302A5144D3} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-10-01] () Task: {F1B8A1C9-1041-47DA-A38D-7585F3969AF5} - System32\Tasks\updater => C:\Users\jayhooks\Desktop\ps3\ScpUpdater.exe [2016-01-10] (Nefarius Software Solutions) Task: {F5A8A9E8-1ADA-4808-85F3-F6B318F875A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-04] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\PjDfytumxbayONn.job => C:\Program Files (x86)\kqEuPYMaU\HEufAr.dll Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 2e5fbf7f-b735-4e23-86be-b401f56a1b3f.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task c1f86ff2-8995-4763-bf7d-a31a6db91616.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\jayhooks\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> url,FileProtocolHandler "hxxp://www.mail.ru/cnt/20775012?gp=811008" ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 07:42 - 2016-07-16 07:42 - 000231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-04-27 02:08 - 2017-03-28 02:22 - 002681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-10-22 22:09 - 2015-06-01 12:14 - 002144768 _____ () C:\Program Files\Simple Giga\Simple Giga.dll - - 000000000 __RSH () C:\Windows\Microsoft\svchost.exe - - 000000000 _____ () C:\Windows\Microsoft\svchost.exe.exe 2017-07-25 00:04 - 2017-07-25 00:04 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll 2016-05-07 17:03 - 2014-05-21 12:14 - 001356568 ____N () C:\Program Files\Tablet\Wacom\libxml2.dll 2016-11-20 14:11 - 2016-11-20 14:11 - 000134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-04-27 02:10 - 2017-03-04 02:31 - 000474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-04-27 02:10 - 2017-03-04 02:30 - 000693248 _____ () C:\Windows\ShellExperiences\MtcUvc.dll 2017-04-27 02:08 - 2017-03-04 02:12 - 009760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-04-27 02:08 - 2017-03-04 02:05 - 001401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-04-27 02:08 - 2017-03-04 02:05 - 000757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-04-27 02:08 - 2017-03-28 01:07 - 001033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-04-27 02:08 - 2017-03-28 01:08 - 002424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-04-27 02:08 - 2017-03-28 01:11 - 004853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-04-27 02:08 - 2017-03-04 02:04 - 000114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll 2017-10-22 22:08 - 2017-10-22 22:09 - 001378816 _____ () C:\Program Files (x86)\Google\Chrome\Application\WINHTTP.dll 2017-09-24 05:27 - 2017-09-21 03:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll 2017-09-24 05:27 - 2017-09-21 03:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll 2017-10-27 15:01 - 2017-10-27 21:41 - 000799728 _____ () C:\Users\jayhooks\AppData\Local\wmipr\wmipr.exe 2017-10-22 22:09 - 2017-10-22 22:09 - 000781312 _____ () c:\users\jayhooks\appdata\local\adservice\adservice.dll 2017-10-28 19:51 - 2017-10-27 21:41 - 000799728 ____N () C:\Users\jayhooks\AppData\Local\Temp\7B2E.tmp.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Sound, video and game controllers" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\aeriagames.com -> hxxp://aeriagames.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-01-04 03:57 - 2017-10-28 18:23 - 000000000 _____ C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 172.16.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: ) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\StartupFolder: => "ScpToolkit Tray Notifications.lnk" HKLM\...\StartupApproved\Run: => "Logitech Download Assistant" HKLM\...\StartupApproved\Run: => "XboxStat" HKLM\...\StartupApproved\Run32: => "AnonymizerGadget" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "Akamai NetSession Interface" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "RazerCortex" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "BingSvc" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "HXALB37NC51CYMR" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "LMLMIRBT1NEPC5S" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "GZVU56B32TDOSX2" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ldsxm0s225y" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "rqrlletxdjh" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "atfkmtevyeb" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "5q51nypeakk" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "l51zox2kvvc" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "uurmtxeqqom" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "5w2grnjfduo" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "p5tx40ym5io" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "e023wqecvcm" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "skypgg2ch0b" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "jrsofcpjawq" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "u4igtxdwlkd" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "gjjhu03xnke" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "sjl5n0zexek" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "beswiy03mgj" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "f3nsfxhxrf0" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "hhpjcyau5v0" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "1ingm3zhms1" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ol1d0qinx12" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "d5c5sh2ko4c" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "iwsazmaivp1" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "sr55mo0kxpm" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "5qqkxbk4oaw" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "22hyby5hgj2" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "04twvi0xbwr" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "d0hr0hvephg" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "31pzmt2c5ht" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "sjmvpqrgx2h" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "z2llgl5s44z" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "e45t5a2tsod" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "f3o3j4jqsun" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "1lwzr50vw32" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "trun2hxucjo" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "nqt3gof14t2" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "xh10fc0t3ox" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "q0bpmidzad2" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "e31lsurq4t3" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ec2ky31g0ao" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "u25m15izeir" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ntrrcxg4qdx" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "oypqvetlkle" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "3kuhqe5yics" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "53uhpuxmbem" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "hxraa3okyrw" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "2cxzlkf33ol" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "htywhdto4pi" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "u2ojvqextzl" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "mhx5pcfey0f" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "clvfzxm2smc" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "gk5m2vebzxb" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "rpsja5vhayv" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "cw30l4z3syb" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "24suafxijqn" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "wakspzpghhu" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "kexpel5zk50" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "c05kqbln35y" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "zsd2khrvm53" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "jd32lp5uqme" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "skqeu55ibqm" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "xi3shh1gquj" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "p4p5nh3jvxo" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "3ghq41qff2d" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "kfka1xajdsu" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "xnphitbmj3g" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "U0AJ2PZXQ929MED" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "8B8PTEQ2HYVM0A0" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ISLZM13KP1CXBE6" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "5QNKNFPZ7N76RL1" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "VH1MW9SDL88GBDF" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "0J31OH9B65OC0J6" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "NYYI12UFKJ8MRNQ" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ANYZ38J3KPXZCB8" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "TE3RNDBNXE5OSGF" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "9B3IVC600UXTLL7" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ZXNEZV8GSWE0W4Y" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "X8A3NM5FV07ID5D" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "WQL725PNQCDOATI" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "LOX3WJXDBRYK5Q9" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "JNVZ8K7UY1SUJ2Y" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "6PICFMYRWXE6NCG" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "5YRQOVRGLP4QGM1" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "KE0R86LF9WVNJL3" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "EFRSPT9VYC686D1" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "6YBMLA51LYVLH20" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "QBLSYE347RY7AW7" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "NSYM3YK6KULTI7L" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "61PPNFO0F8MMM6B" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "EC9IYD09IIAT4CG" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "PFT3NRVOYOU8NDN" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "PA81FXNGA00HN74" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "WZJ2DCODC97Y5UV" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "Q3FBNUI7ALXSN9V" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "QXUMMW112O81MVN" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "X5IWB6P8SYXXNLQ" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "L7B18JPPFLPA1JG" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "317EDAI6YBXG5WN" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "RF68Y5HK8AJ807I" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "H8AFB8RHPWITRI0" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "7H4BN5LEYGNRIJT" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "2E638NAZDOZ799Y" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ZV7E4UP1JC0HGHG" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "D4LBGNQOGM8IBCV" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "68PUYEE7W59FQH6" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "7ZRPBW4VSTBK46Y" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "HDR7Q0I0SLTG48C" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "7EAINC9SB651GFC" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "FVXEVDZ5ALFPPOO" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "WeatherBuddy" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "BD90SV4IWCQXADW" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ESESC0KBHVT0XHB" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "R08PP1K0VYZ3R0Y" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "48ZT6QZA0DS3ES4" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "4PRN7ET01AEWRE2" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "4ENAQ1DBP22RBGR" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "ACEBLWL8HB91XS4" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "RW76KQLWMPJB5Y6" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "27XUCRA6K9Z4CUE" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "O769YZSB9OJ8JJV" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "YKQJ66XEHSUCOX0" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "UTS8U5SF1PLV5MM" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "RGQHD1711Q4LK8Q" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "YTWRQ5ZGK0HIKBC" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "CF1QX5TY2KQVUOZ" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "8ZXRPTX13KB97XQ" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "00OJCKNRYX2FJDK" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "E7O72DCVGD4I5J2" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "UNHPP6A7P6HYAMQ" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "OY8FOM8B6LJ7KRM" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "J9SZMJ01D6BOJVL" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "g4link" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "IGKZBMXNHK.exe" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "MCUNKANWNS.exe" HKU\S-1-5-21-4042677840-2483703146-3127757777-1001\...\StartupApproved\Run: => "TBHYQOQJGY.exe" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{DEDBDB31-7DD8-4CF5-88B3-E6732A42EB2E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{7F48CDAB-B96D-4354-B07C-400990F1A642}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{AB626E92-B8F7-49CB-B46B-7272F93E74C3}] => (Allow) C:\Program Files (x86)\CODEClosers\CODEClosers\CCPatcher.exe FirewallRules: [UDP Query User{6AD5E6BA-E7FE-43AD-9230-A87FFDE8AB45}C:\koggames\herowarz\binaries\win32\mcgame-final.exe] => (Block) C:\koggames\herowarz\binaries\win32\mcgame-final.exe FirewallRules: [TCP Query User{5D2259DF-C0D1-4FE6-B7AF-C0DE8A7427CB}C:\koggames\herowarz\binaries\win32\mcgame-final.exe] => (Block) C:\koggames\herowarz\binaries\win32\mcgame-final.exe FirewallRules: [{D6E6F1C1-87D1-4C40-8F6A-01A98ADD4946}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{E8526332-C41F-4711-BAB8-74B278F965F6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6288B79A-62EE-47FC-ADA9-9FE42ECB0D54}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{CE3631FE-9AF2-4214-9780-0BA40853A5FD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{EAF23C61-B124-4B31-B5B0-811EAFDEF1EB}] => (Allow) C:\Users\Angie\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{AE804BF2-6390-406E-9A6D-C7A63DD91705}] => (Allow) C:\Users\Angie\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FDEF2FCF-3453-419F-94A9-EBD8137F46F5}] => (Allow) C:\Users\Angie\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{23F61674-A219-4874-97C2-16ABE74DB787}] => (Allow) C:\Users\Angie\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{362EF816-BCB7-4923-BD75-A7C28975C866}] => (Allow) C:\Users\Angie\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{7539570E-3970-4D36-B8C1-445D97DE29C1}] => (Allow) C:\Users\Angie\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{324C0CC1-F482-423F-9A9B-41D057758DB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe FirewallRules: [{3E4855A3-9FD2-42A5-A96B-08C80BEFACF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Duelyst\Duelyst.exe FirewallRules: [UDP Query User{13D1B273-94AF-4BBB-AB05-D8C7F2A1043C}C:\users\jayhooks\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jayhooks\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{2FE2D7CC-B2C7-47AB-B7F7-DDE2A3F2EE5C}C:\users\jayhooks\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\jayhooks\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{0B144A69-04FD-4A5C-8EF0-46F4A3A8FB16}C:\koggames\herowarz\binaries\win32\mcgame-final.exe] => (Allow) C:\koggames\herowarz\binaries\win32\mcgame-final.exe FirewallRules: [TCP Query User{97D2CAE3-079E-4E22-BDF5-8CA9A65D90D0}C:\koggames\herowarz\binaries\win32\mcgame-final.exe] => (Allow) C:\koggames\herowarz\binaries\win32\mcgame-final.exe FirewallRules: [UDP Query User{94AF27DC-36B4-474B-99FE-C21835B14C17}C:\neople\dfo\dfo.exe] => (Allow) C:\neople\dfo\dfo.exe FirewallRules: [TCP Query User{2593E706-BD61-4FA2-A6FD-2A39479426B8}C:\neople\dfo\dfo.exe] => (Allow) C:\neople\dfo\dfo.exe FirewallRules: [{2B10FA11-2DB5-45FC-B032-46A9367AF5CF}] => (Allow) C:\AeriaGames\DragomonHunter-US\Game.bin FirewallRules: [{540E7077-DC56-4E75-9A89-AB6C80E625AB}] => (Allow) C:\AeriaGames\DragomonHunter-US\Game.bin FirewallRules: [UDP Query User{F405C173-A8E2-4696-AE05-6B90F65A733F}C:\users\jayhooks\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jayhooks\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{A104B052-8724-4B52-824C-B33F1B919F74}C:\users\jayhooks\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\jayhooks\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{5B7D940A-BB91-48C4-B988-641DEB38089E}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe FirewallRules: [TCP Query User{B7F6003D-A16C-43FC-A3EB-C050C857CC61}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe FirewallRules: [UDP Query User{B072C883-E531-41C9-8509-8CF0250912A9}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe FirewallRules: [TCP Query User{D21914D4-AD0E-4093-AEBB-AB6A4679CFDF}C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\javaw.exe FirewallRules: [UDP Query User{9C23DFAE-7BA9-4701-A126-CA7CA5608930}C:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\java.exe FirewallRules: [TCP Query User{782DB879-272D-430E-9D63-82C1C4CDC391}C:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_101\bin\java.exe FirewallRules: [UDP Query User{06C16334-C0FC-42B5-9DC4-009DCE3FF520}C:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\java.exe FirewallRules: [TCP Query User{CE111D5C-1CB2-431A-8C80-793AA6757A50}C:\program files (x86)\java\jre1.8.0_101\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_101\bin\java.exe FirewallRules: [{9131CCAB-78FB-4091-8CDF-F3AD1901BB63}] => (Allow) C:\Program Files (x86)\VoidElsword\data\x2.exe FirewallRules: [{0A629710-829E-4973-9C44-D0BBFC91751E}] => (Allow) C:\Program Files (x86)\VoidElsword\data\x2.exe FirewallRules: [{7EE2272D-4346-4BD9-9839-5B52AA9D33AF}] => (Allow) C:\Program Files (x86)\VoidElsword\data\x2.exe FirewallRules: [{68103917-2DCE-4203-9ADF-61C491EF08F6}] => (Allow) C:\Program Files (x86)\VoidElsword\data\x2.exe FirewallRules: [{452C310C-D5FD-4300-8785-94F85C52E852}] => (Allow) C:\Program Files (x86)\VoidElsword\voidels.exe FirewallRules: [{EE40523E-551D-4177-9E7F-EE5DCDCBCD72}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [UDP Query User{72D60AFE-103F-48B5-8E31-C30A8A56A7E1}C:\program files (x86)\stories the path of destinies\stories\binaries\win64\stories.exe] => (Allow) C:\program files (x86)\stories the path of destinies\stories\binaries\win64\stories.exe FirewallRules: [TCP Query User{70E5E26C-D525-4899-9306-D7E36E732E34}C:\program files (x86)\stories the path of destinies\stories\binaries\win64\stories.exe] => (Allow) C:\program files (x86)\stories the path of destinies\stories\binaries\win64\stories.exe FirewallRules: [{5FA92454-31F7-43EA-BE19-B835B2E7A732}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{22A68AC4-3E56-4DEA-A181-8D326C41E99A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{1F605D92-9E7C-4282-AFDE-B2650D365ADB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{BA99D6CC-EF6C-4FC6-B93C-B8C0BD87A0AC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E492A929-3DA0-4766-963F-B2603E84806E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{8FFC1C5B-C2D9-4EA2-BF5B-8FFC4BBCFBB3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{EFA65F53-E7A1-4067-ABC8-636903C1853B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{D994AF66-9A10-448B-BD29-2D7D31ADCEEE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{41979A98-F249-4657-BD86-FC0AA67D0350}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{D51C41C8-3D50-41AF-A0A1-E0C1E62BC082}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{FF7C17C0-6376-4CD9-AB23-BFED210D2B6F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{26DC6F90-3B9C-4855-A334-278C0F42492A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{746E320A-2AA3-4E59-9FD7-91B9C5A501AD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{1291BC6D-AE65-4595-A315-78D477971D4C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{9F57346B-5ACF-4E8C-A169-1CE002BFD9AD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{2FF237EA-82BE-44C5-B060-41AACEE8C2AA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{F2E22BD9-FC85-4FA9-B0F6-DB93AB789F94}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{BBD053CC-369C-43A1-B10F-8A43E29E9E77}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{BCC74540-2EE1-4DA4-B16F-A28A090A5EEC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{85F988B6-E534-4E89-95D7-083E91F7F58A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{EF8496A8-6CB3-4E43-9A23-D86E5760C838}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{3B42C2BC-4325-4D66-8C19-B7B322F3FD4D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4E3A180F-BB2C-4747-BB2A-09457E3EC9FA}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{58957AC5-8D55-4221-A8E2-918AE998BD38}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{00440262-3D99-4AAC-9D62-59D35B0AC8C7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{7EC0262A-00BB-4A0D-94CB-04DD8C269124}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{69A6E870-7892-40A9-8DAE-FC33B51CACC0}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{3AFB55EF-FB5E-4A5A-B74B-47EE964232E8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{09B72722-964C-4B06-A774-83D5F0C54911}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{3D2D69F1-C397-4488-A403-4A8D2E6E098E}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{12D0D2D6-BC69-4295-9DB0-F0E2E52E57FD}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{930980ED-C2A9-448B-9A83-8E43AEF0361D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{F87BAF63-0C3E-4565-B78F-5FD8630E1CAC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{DEF19F42-962C-4CB5-B4CF-A636BC718302}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{67503A82-28F6-47F1-AA5A-9B841BD28503}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{BCC26361-FB6E-44F3-9AC6-BED7EC584126}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4BDC409B-40A0-469C-92CC-FB5D77F15F7F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4AE14A76-0236-4BEE-97EE-9BCB3E0420F7}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{907AEF14-3056-4111-8EB5-5A09CB48B0FC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{B4E8305A-2865-4C67-8D4D-129DBBD41959}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4B1FD742-4098-48AA-88CB-CA162BC18C65}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{2D115FCD-A374-4207-A68A-A4DE03C3DB74}] => (Allow) C:\KOGGAMES\Elsword\data\x2.exe FirewallRules: [{5EB3E09A-3523-46D9-8F2A-D23012EDDB0E}] => (Allow) C:\KOGGAMES\Elsword\data\x2.exe FirewallRules: [{AEEC859E-5C68-476E-9066-1779E15DF13F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{83C63872-0742-4074-90B7-9B1CE73F2423}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{659AE61B-C949-4095-A683-7CEF6BC721E8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{EABD58CB-420E-4E9D-A703-3F251BD00482}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [UDP Query User{39E067B5-FE94-4968-84C7-D1D0C9BBFA5F}C:\users\jayhooks\desktop\dolphin-x64\dolphin.exe] => (Block) C:\users\jayhooks\desktop\dolphin-x64\dolphin.exe FirewallRules: [TCP Query User{D6567FFC-D4CB-45B1-8E98-789DD9E2B0BD}C:\users\jayhooks\desktop\dolphin-x64\dolphin.exe] => (Block) C:\users\jayhooks\desktop\dolphin-x64\dolphin.exe FirewallRules: [{1A44565E-E3A8-4547-9F92-31F24B7FA016}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{2DC1D522-8D82-4726-A775-14E4C53188DF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{3CED35BB-ECDC-4381-8911-A312E0E85A9A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{AAD67A53-27F0-41FC-99EB-46F797ECAF13}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{20A1B0AA-461F-423E-AB39-01B094B2368B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{40E6F376-F30D-48DB-B5EC-501389FDD6E8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{9A0FB80E-3890-4459-9C2A-8F3A498AD546}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{33144A6A-3FA3-45FE-A5CD-71E9BAF91841}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{7F8015E8-465F-45BD-AD3B-B72A70943823}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{97394A4A-1200-4F5E-AF3C-492971D81932}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{10F4705B-751B-4A59-9289-ED1D2982156B}] => (Allow) C:\Program Files (x86)\Trezaa\Trezaa.Service.exe FirewallRules: [{B802CCA6-0518-432A-B156-ECC5F1DA0503}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{2D6AAA00-CD0D-4A82-B183-66A670723D9A}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{D0B72BD5-06FD-4FC6-A831-0604CFBA28A6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{713DE676-A529-41E5-9E74-FCEC2080A09E}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\download\MiniThunderPlatform.exe FirewallRules: [{CFCE87D8-1D7A-42B1-8D1D-DD0830AC3D3E}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DTLService.exe FirewallRules: [{3E50BA3A-C9DF-45B6-A08B-6208E38E61C9}] => (Allow) C:\Program Files (x86)\OSTotoSoft\DriverTalent\DriverTalent.exe FirewallRules: [UDP Query User{CF05C4AD-3EB2-43AF-BD71-0D222F0E9CF8}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe FirewallRules: [TCP Query User{27171184-7FC6-4751-A480-A5057B9727BE}C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe] => (Allow) C:\program files (x86)\ostotosoft\drivertalent\drivertalent.exe FirewallRules: [{F83C2722-3729-44DD-8C40-A17581CF9656}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{326428D0-3BF5-41F3-A908-ABB7DCA69F42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe FirewallRules: [{FCD14872-DC4E-4DB5-AAAD-8EC8FBC0920A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Awesomenauts\AwesomenautsLauncher.exe FirewallRules: [TCP Query User{F1BE30FC-8D37-4DAE-B3C1-C32E0F517E0E}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [UDP Query User{0400194F-427C-41B1-8175-D4802B545AEA}C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\awesomenauts\awesomenauts.exe FirewallRules: [{CA377AB1-BA49-4198-959E-5FBA15E94C9C}] => (Allow) C:\Program Files (x86)\VoidElsword\VoidElsword\voidels.exe FirewallRules: [{5C43C4AD-1722-4871-B6E3-01C4A4D55D74}] => (Allow) C:\Program Files (x86)\VoidElsword\VoidElsword\data\x2.exe FirewallRules: [{C696522E-906A-4200-9D30-11A6F56DB9DF}] => (Allow) C:\Program Files (x86)\VoidElsword\VoidElsword\data\x2.exe FirewallRules: [{12F75231-27AD-4987-9B1C-FF0A9BECE2F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe FirewallRules: [{47522DC3-ECEA-48C0-A297-44968E7B2FE1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe FirewallRules: [{06603ED2-FA05-4652-81D6-3C63A53FCACF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{335D5CE0-4160-4E6D-83F2-EB1F698A3000}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{CA9E92E6-1F0C-4255-AE80-AAB916F106B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{9644EC8D-99F6-494A-AAD3-E133F98F0FE6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{5C1D2158-E7B3-400D-AB7A-E10A6244F968}] => (Allow) C:\Users\jayhooks\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{95A15A8C-B00E-4E31-A891-4DB376067C05}] => (Allow) C:\Users\jayhooks\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{695D7F97-DFDE-4786-82CD-5F1050838990}] => (Allow) C:\Users\jayhooks\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{096624B4-D9F6-4469-8E10-E75D58DDBE26}] => (Allow) C:\Users\jayhooks\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{183E410E-012A-4150-9B9A-CFF032820F7C}] => (Allow) C:\Users\jayhooks\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{DEFEDD30-1FA7-4C0A-BE70-B38F4EBCD9F9}] => (Allow) C:\Users\jayhooks\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{0A91BE43-AE12-49B8-82C9-747031B010D2}] => (Allow) C:\Users\jayhooks\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{5BA2117E-73C8-466F-ABF0-AC9B90C2487A}] => (Allow) C:\Users\jayhooks\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{664C255E-3A05-446F-AD11-CBFC1503EB7F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{73BBB5AF-A7F9-4DAC-973E-CC0F40A0F84F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{50E194AB-B31B-40F3-8B6C-EB9B048978F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe FirewallRules: [{C0283CAC-1339-482E-A133-CFDD83257B27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WildStar\Steam_WildStar.exe FirewallRules: [{E6ACA421-5530-4834-A694-9CA621B64249}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{E9A76372-CAF9-456F-8721-0F1A438E1851}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe FirewallRules: [{04A9AEE8-E59B-406C-A939-62BDC93CC141}] => (Allow) C:\WINDOWS\system32\rundll32.exe FirewallRules: [{6A54A8D2-9447-43EE-9B4F-EF62CC00245F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{40A8786A-FE68-45A6-84D3-4641BBB3CDFD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{2398A05C-647F-49E1-816D-9F838E2DE8DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{41804168-2366-4547-AC26-7E10A52A685B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{C3E41B38-C5C7-473B-AA86-1FFBBCE11E35}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{45165A6C-C106-457A-8C7C-8627DBC387A6}] => (Allow) C:\Windows\System32\rundll32.exe ==================== Restore Points ========================= 14-10-2017 11:46:19 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/28/2017 04:49:49 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected Error: (10/28/2017 03:34:17 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.14393.953, time stamp: 0x58ba5def Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x5825887f Exception code: 0xc0000005 Fault offset: 0x0000000000030bdd Faulting process id: 0x1f48 Faulting application start time: 0x01d35023b72ae414 Faulting application path: C:\Program Files\Internet Explorer\iexplore.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 42050590-3d77-47fd-bea3-b7b7d78641e0 Faulting package full name: Faulting package-relative application ID: Error: (10/26/2017 04:32:20 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819bf85 Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.953, time stamp: 0x58ba5c3d Exception code: 0xc000027b Fault offset: 0x00000000006d611b Faulting process id: 0x1290 Faulting application start time: 0x01d34e8e4394a9e5 Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll Report Id: 70012743-5d87-4916-9456-4c5f9e0e7d15 Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.1066_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (10/26/2017 03:08:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2UR7JKP) Description: Activation of app Microsoft.Getstarted_5.0.13.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/25/2017 10:33:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2UR7JKP) Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/25/2017 10:25:57 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2UR7JKP) Description: Activation of app Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/25/2017 12:19:34 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2UR7JKP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/25/2017 12:19:33 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2UR7JKP) Description: Activation of app 9E2F88E3.Twitter_wgeqdkkx372wm!x554f661dyd360y462cy8743yf8a99b7d41dbx failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/25/2017 12:19:32 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2UR7JKP) Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/25/2017 12:00:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-2UR7JKP) Description: Activation of app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (10/28/2017 07:36:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The SCP DSx Service service terminated unexpectedly. It has done this 1 time(s). Error: (10/28/2017 07:35:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (10/28/2017 07:33:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Defender Service service failed to start due to the following error: The requested resource is in use. Error: (10/28/2017 07:32:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Management Service service failed to start due to the following error: The system cannot find the file specified. Error: (10/28/2017 07:32:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: The requested resource is in use. Error: (10/28/2017 07:30:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The WinDefend service failed to start due to the following error: The requested resource is in use. Error: (10/28/2017 07:30:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The !SASCORE service failed to start due to the following error: The requested resource is in use. Error: (10/28/2017 07:29:52 PM) (Source: DCOM) (EventID: 10005) (User: DESKTOP-2UR7JKP) Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/28/2017 07:29:52 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-2UR7JKP) Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout. Error: (10/28/2017 07:29:50 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY) Description: DCOM got error "1084" attempting to start the service dps with arguments "Unavailable" in order to run the server: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} ==================== Memory info =========================== Processor: Intel(R) Pentium(R) 3558U @ 1.70GHz Percentage of memory in use: 60% Total physical RAM: 4000.18 MB Available physical RAM: 1572.61 MB Total Virtual: 5856.18 MB Available Virtual: 3282.63 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:455.7 GB) (Free:20.38 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: B008D38D) Partition: GPT. ==================== End of Addition.txt ============================