Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.09.2018 Ran by tedyfubyrxh (14-09-2018 01:37:52) Running from C:\Users\tedyfubyrxh\Desktop Windows 7 Ultimate Service Pack 1 (X64) (2018-08-28 18:24:10) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2897663181-2204725220-1932948919-500 - Administrator - Disabled) => C:\Users\Administrator Guest (S-1-5-21-2897663181-2204725220-1932948919-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2897663181-2204725220-1932948919-1002 - Limited - Enabled) tedyfubyrxh (S-1-5-21-2897663181-2204725220-1932948919-1000 - Administrator - Enabled) => C:\Users\tedyfubyrxh ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} FW: ZoneAlarm Free Firewall Firewall (Enabled) {3EB84D8C-4821-F4B8-2DD8-2831FAA29B21} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 18.05 (x64) (HKLM\...\7-Zip) (Version: 18.05 - Igor Pavlov) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.6.2349 - AVAST Software) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 6.34.223.5 - Broadcom Corporation) Check Point SBA (HKLM\...\{85A0CE49-6563-4208-86CC-B4297B836283}) (Version: 86.4.4023 - Check Point Software Technologies Ltd.) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.41.50 - Conexant) Discord (HKU\S-1-5-21-2897663181-2204725220-1932948919-1000\...\Discord) (Version: 0.0.301 - Discord Inc.) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 399.07 - NVIDIA Corporation) Hidden Intel Processor Diagnostic Tool 64bit (HKLM\...\{32756C77-14FD-46F9-9480-84D77BA4E60D}) (Version: 4.1.0.29 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4889 - Intel Corporation) Intel(R) Processor Identification Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 1.0.0.0 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation) Microsoft .NET Framework 4.6.2 (HKLM\...\{63DF5C4B-E3BF-3346-A033-C57B22F44C9E}) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation) Mozilla Firefox 62.0 (x64 tr) (HKLM\...\Mozilla Firefox 62.0 (x64 tr)) (Version: 62.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.2 - Mozilla) Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.5.8 - Notepad++ Team) NVIDIA Grafik Sürücüsü 399.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.07 - NVIDIA Corporation) NVIDIA PhysX Sistem Yazılımı 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) Oracle VM VirtualBox 5.2.18 (HKLM\...\{F96A4E32-02CB-40E9-91C1-EE679237E107}) (Version: 5.2.18 - Oracle Corporation) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.119.615.2018 - Realtek) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) UltraISO Premium V9.71 (HKLM-x32\...\UltraISO_is1) (Version: - ) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.6.0 - Azureus Software, Inc.) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{F92064F6-BDE8-46FC-A19F-4E12D311BE3A}) (Version: 1.0.30 - Microsoft Corporation) ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.001.0534 - Check Point Software) Hidden ZoneAlarm Firewall (HKLM-x32\...\{3996FDED-7C40-4388-B927-09843E337DE6}) (Version: 15.3.064.17729 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.3.064.17729 - Check Point) ZoneAlarm Security (HKLM-x32\...\{64BE104E-B4D6-478A-92A9-5F16195C29E7}) (Version: 15.3.064.17729 - Check Point Software Technologies Ltd.) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2897663181-2204725220-1932948919-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2018-07-23] () ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software) ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.) ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-01-12] (Intel Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-08-21] (NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-08-29] (AVAST Software) ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2015-10-08] (EZB Systems, Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0692F7E6-2A97-453B-A680-E48335E98C5D} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\Driver Booster\App\DriverBooster\Scheduler.exe [2017-03-28] (IObit) Task: {0BC882DD-8835-42E2-B090-1BEA6BA53151} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-08-29] (AVAST Software) Task: {45F29ECD-B4CA-4039-A293-0A58DE0544F8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-08-21] (NVIDIA Corporation) Task: {4F896CB1-6C88-4EA5-AD66-2567E70B7348} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-08-21] (NVIDIA Corporation) Task: {7F68C0F2-E43C-43C6-A27C-7C184E491A16} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-08-21] (NVIDIA Corporation) Task: {AB808C98-95EF-430B-A6F5-6A132F9C5F85} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-08-29] (AVAST Software) Task: {BD920393-3D24-4511-B404-76B7BCAECA16} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-08-21] (NVIDIA Corporation) Task: {C2D33950-B28E-4846-A9E8-9D45E277655D} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-08-21] (NVIDIA Corporation) Task: {E087A746-38BD-41DC-BB7E-F0E671C53A1A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-08-21] (NVIDIA Corporation) Task: {EA8B0A80-368A-4DBE-9863-C44485A74E5D} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-08-21] (NVIDIA Corporation) Task: {F973CAAC-D42D-46F1-BE28-1D8F0395C3E1} - System32\Tasks\Driver Booster SkipUAC (tedyfubyrxh) => C:\Program Files (x86)\Driver Booster\App\DriverBooster\DriverBooster.exe [2017-05-03] (IObit) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2018-08-29 01:52 - 2018-08-22 19:11 - 000028944 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2018-07-23 03:14 - 2018-07-23 03:14 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll 2018-05-30 19:13 - 2018-05-30 19:13 - 000045936 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe 2018-08-29 02:04 - 2018-08-29 02:04 - 000703192 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll 2018-08-29 01:43 - 2018-01-12 17:45 - 000384040 _____ () C:\Windows\system32\igfxTray.exe 2018-03-20 08:49 - 2018-03-20 08:49 - 000035064 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe 2018-09-14 01:01 - 2016-03-11 14:53 - 000380928 _____ () C:\Users\tedyfubyrxh\Desktop\gmer.exe 2018-08-29 02:04 - 2018-08-29 02:04 - 000575704 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll 2018-09-13 22:08 - 2018-09-13 22:08 - 005693584 _____ () C:\Program Files\AVAST Software\Avast\defs\18091304\algo.dll 2018-08-29 02:06 - 2018-08-29 02:06 - 000896216 _____ () C:\Program Files\AVAST Software\Avast\anen.dll 2018-08-29 02:04 - 2018-08-29 02:04 - 000541400 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll 2018-08-29 02:03 - 2018-08-29 02:03 - 000151768 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll 2018-08-29 02:04 - 2018-08-29 02:04 - 000986840 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll 2018-08-29 01:52 - 2018-08-22 19:11 - 000028496 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2018-03-22 19:42 - 2018-03-22 19:42 - 000063224 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\FileOperationsWrapperLib.dll 2018-03-22 19:42 - 2018-03-22 19:42 - 000059128 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\FileOperationsLib.dll 2018-03-22 19:42 - 2018-03-22 19:42 - 000153336 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\TPCommonCLI.dll 2015-07-20 11:26 - 2015-07-20 11:26 - 001058320 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CloudServices.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\41611283.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\70AAEF20.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\76910162.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\86321849.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\41611283.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\70AAEF20.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\76910162.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\86321849.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2018-08-29 02:03 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2897663181-2204725220-1932948919-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\tedyfubyrxh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{ACB935D0-B0EF-4948-A722-1A12A4351ABB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{A523BC87-A094-4352-99F4-E34FD304AD27}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{AAA28C7C-F974-4747-97B8-CB5D492F5DDD}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{A7DB25DE-CECE-4170-8414-1DF716F2B5AA}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{F9974C37-97E8-4851-835D-55B5C0D5C861}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{E0918CDB-5DE3-4F5E-A10A-9D687D121B99}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{B35A5678-EA33-4BC6-BBE7-AE64BB5EA638}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{13F037B4-EF0C-4556-BC85-79D8D044297C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe FirewallRules: [{BCAD6831-F22B-4D79-BCAD-E53A5BC68F7E}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\DriverBooster.exe FirewallRules: [{64EF3AFD-538F-4A4D-9D41-876BA384170D}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\DriverBooster.exe FirewallRules: [{C6E413A3-FB5B-4F99-8DBD-219DAD8B8A97}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\DBDownloader.exe FirewallRules: [{4EFB31E7-6BB3-4AB6-B506-1627E1659EBF}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\DBDownloader.exe FirewallRules: [{07B11E3C-2122-42FA-87EE-3BEF9EAEACF7}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\AutoUpdate.exe FirewallRules: [{D8630FAF-01C1-466F-9771-98EEE71E9F7B}] => (Allow) C:\Program Files (x86)\Driver Booster\App\DriverBooster\AutoUpdate.exe FirewallRules: [{25F47DC7-E202-4785-A20A-16A3D4536199}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{399E5638-BD70-431F-8E4D-5548804195A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{4B120180-70CD-4539-9FF5-52F4B061B4FB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DD1FB082-8BE1-431D-A04A-54773DB73C05}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{77503E87-C58B-43B6-A1DE-BB2B1F45C1D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{4FC6FCD7-F0FE-4392-A9FC-B53F094E44CB}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe FirewallRules: [{EDCD90CB-AFBB-4025-9147-C597A4584270}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A9F8AE98-54D2-4E23-BDBF-1F0255651975}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{346FFE24-F028-4FE8-9C1A-E17EA3014639}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{69EBD1A7-B872-49B5-BCCD-A086CCD3CF30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\game\bin\win64\dota2.exe FirewallRules: [{CD8AE4E2-5F65-41E8-AB22-89109C190407}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe FirewallRules: [{B9F84D3E-9B9C-4061-A03C-C5B6DA6C27D9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\witcher.exe FirewallRules: [{D3E6ACF0-7A89-464C-A053-0C85E59E355F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe FirewallRules: [{1E3D6D96-3DDE-45D3-AA55-D8E91884704E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\System\djinni!.exe FirewallRules: [{B75FCA93-C52A-44EF-9FE8-730F9FAA7274}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe FirewallRules: [{ACF6C5E1-4AA8-4587-8B51-ABA941B9B27A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Witcher Enhanced Edition\Digital Comic\DigitalComic.exe FirewallRules: [{017D0C6D-A3C8-4132-8DD8-696395CAE37C}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{CD9E3091-4DD2-49FA-9A91-09B85000C1F4}] => (Allow) C:\Program Files\Vuze\Azureus.exe ==================== Restore Points ========================= 09-09-2018 18:20:27 Installed Windows 7 USB/DVD Download Tool 14-09-2018 00:22:36 OTL Restore Point - 14.09.2018 00:22:27 ==================== Faulty Device Manager Devices ============= Name: BCM43142A0 Description: BCM43142A0 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Basit İletişim Denetleyicisi Description: PCI Basit İletişim Denetleyicisi Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI Aygıtı Description: PCI Aygıtı Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Realtek PCIe GbE Family Controller Description: Realtek PCIe GbE Family Controller Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: RTL8167 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft Sanal WiFi Miniport Bağdaştırıcısı Description: Microsoft Sanal WiFi Miniport Bağdaştırıcısı Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: VirtualBox Host-Only Ethernet Adapter Description: VirtualBox Host-Only Ethernet Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Oracle Corporation Service: VBoxNetAdp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/14/2018 01:37:57 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hatalı uygulama adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Hatalı modül adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Özel durum kodu: 0x40000015 Hata uzaklığı 0x0015ea23 Hatalı işlem kimliği: 0x68c Uygulama başlangıç zamanı: 0x01d44bb25e350015 Hatalı uygulama yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Hatalı modül yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapor kimliği: a8e84c42-b7a5-11e8-bd8b-d2a707cf0870 Error: (09/14/2018 01:37:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hatalı uygulama adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Hatalı modül adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Özel durum kodu: 0x40000015 Hata uzaklığı 0x0015ea23 Hatalı işlem kimliği: 0x12b0 Uygulama başlangıç zamanı: 0x01d44bb252ce48e8 Hatalı uygulama yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Hatalı modül yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapor kimliği: 9b3cf3c5-b7a5-11e8-bd8b-d2a707cf0870 Error: (09/14/2018 01:37:15 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hatalı uygulama adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Hatalı modül adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Özel durum kodu: 0x40000015 Hata uzaklığı 0x0015ea23 Hatalı işlem kimliği: 0x1a58 Uygulama başlangıç zamanı: 0x01d44bb244f35438 Hatalı uygulama yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Hatalı modül yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapor kimliği: 8fd6b1ca-b7a5-11e8-bd8b-d2a707cf0870 Error: (09/14/2018 01:36:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hatalı uygulama adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Hatalı modül adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Özel durum kodu: 0x40000015 Hata uzaklığı 0x0015ea23 Hatalı işlem kimliği: 0x1170 Uygulama başlangıç zamanı: 0x01d44bb23a936285 Hatalı uygulama yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Hatalı modül yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapor kimliği: 81fa0f64-b7a5-11e8-bd8b-d2a707cf0870 Error: (09/14/2018 01:36:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hatalı uygulama adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Hatalı modül adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Özel durum kodu: 0x40000015 Hata uzaklığı 0x0015ea23 Hatalı işlem kimliği: 0xcd4 Uygulama başlangıç zamanı: 0x01d44bb22cd7dd2b Hatalı uygulama yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Hatalı modül yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapor kimliği: 779c8eb9-b7a5-11e8-bd8b-d2a707cf0870 Error: (09/14/2018 01:36:11 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hatalı uygulama adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Hatalı modül adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Özel durum kodu: 0x40000015 Hata uzaklığı 0x0015ea23 Hatalı işlem kimliği: 0x528 Uygulama başlangıç zamanı: 0x01d44bb22278fceb Hatalı uygulama yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Hatalı modül yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapor kimliği: 69e13070-b7a5-11e8-bd8b-d2a707cf0870 Error: (09/14/2018 01:35:54 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hatalı uygulama adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Hatalı modül adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Özel durum kodu: 0x40000015 Hata uzaklığı 0x0015ea23 Hatalı işlem kimliği: 0x240 Uygulama başlangıç zamanı: 0x01d44bb2190df61e Hatalı uygulama yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Hatalı modül yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapor kimliği: 5f84e84a-b7a5-11e8-bd8b-d2a707cf0870 Error: (09/14/2018 01:35:17 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Hatalı uygulama adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Hatalı modül adı: EFRService.exe, sürüm: 8.60.4.8004, zaman damgası: 0x5b0e6e74 Özel durum kodu: 0x40000015 Hata uzaklığı 0x0015ea23 Hatalı işlem kimliği: 0xdf0 Uygulama başlangıç zamanı: 0x01d44bb2008f27ec Hatalı uygulama yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Hatalı modül yolu: C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe Rapor kimliği: 493907e6-b7a5-11e8-bd8b-d2a707cf0870 System errors: ============= Error: (09/14/2018 01:37:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Check Point Endpoint EFR hizmeti beklenmedik şekilde sona erdi. Bu durum 62 defa oluştu. 500 milisaniye içinde şu düzeltme eylemi uygulanacak: Restart the service. Error: (09/14/2018 01:37:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Check Point Endpoint EFR hizmeti beklenmedik şekilde sona erdi. Bu durum 61 defa oluştu. 500 milisaniye içinde şu düzeltme eylemi uygulanacak: Restart the service. Error: (09/14/2018 01:37:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Check Point Endpoint EFR hizmeti beklenmedik şekilde sona erdi. Bu durum 60 defa oluştu. 500 milisaniye içinde şu düzeltme eylemi uygulanacak: Restart the service. Error: (09/14/2018 01:36:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Check Point Endpoint EFR hizmeti beklenmedik şekilde sona erdi. Bu durum 59 defa oluştu. 500 milisaniye içinde şu düzeltme eylemi uygulanacak: Restart the service. Error: (09/14/2018 01:36:35 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Check Point Endpoint EFR hizmeti beklenmedik şekilde sona erdi. Bu durum 58 defa oluştu. 500 milisaniye içinde şu düzeltme eylemi uygulanacak: Restart the service. Error: (09/14/2018 01:36:12 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Check Point Endpoint EFR hizmeti beklenmedik şekilde sona erdi. Bu durum 57 defa oluştu. 500 milisaniye içinde şu düzeltme eylemi uygulanacak: Restart the service. Error: (09/14/2018 01:35:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Check Point Endpoint EFR hizmeti beklenmedik şekilde sona erdi. Bu durum 56 defa oluştu. 500 milisaniye içinde şu düzeltme eylemi uygulanacak: Restart the service. Error: (09/14/2018 01:35:39 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Check Point Endpoint EFR hizmeti beklenmedik şekilde sona erdi. Bu durum 55 defa oluştu. 500 milisaniye içinde şu düzeltme eylemi uygulanacak: Restart the service. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-4200H CPU @ 2.80GHz Percentage of memory in use: 41% Total physical RAM: 8075.02 MB Available physical RAM: 4707.59 MB Total Virtual: 16148.19 MB Available Virtual: 11994.28 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:214.36 GB) (Free:97.97 GB) NTFS Drive d: (yedek) (Fixed) (Total:205.13 GB) (Free:8.01 GB) NTFS \\?\Volume{b24b0744-aaee-11e8-ac68-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.49 GB) (Free:0.46 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 735C3100) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=214.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=205.1 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================