Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3-07-2019 Ran by steve_000 (03-07-2019 11:16:44) Running from C:\Users\steve_000\Downloads Windows 10 Home Version 1903 18362.207 (X64) (2019-07-03 04:48:02) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1655510144-2644727653-3085749880-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1655510144-2644727653-3085749880-503 - Limited - Disabled) Guest (S-1-5-21-1655510144-2644727653-3085749880-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1655510144-2644727653-3085749880-1003 - Limited - Enabled) steve_000 (S-1-5-21-1655510144-2644727653-3085749880-1001 - Administrator - Enabled) => C:\Users\steve_000 WDAGUtilityAccount (S-1-5-21-1655510144-2644727653-3085749880-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Norton Security Online (Enabled - Up to date) {A2708B76-6835-6565-CB96-694212954A75} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Norton Security Online (Enabled) {9A4B0A53-225A-643D-E0C9-C077EC460D0E} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\uTorrent) (Version: 3.5.5.45271 - BitTorrent Inc.) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.207 - Adobe) Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.) Bandicam (HKLM-x32\...\Bandicam) (Version: 4.4.2.1550 - Bandicam.com) Bandicam MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandicam.com) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Bonjour Print Services (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.) Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform) Fallout 4 GOTY (HKLM\...\Fallout 4 GOTY_is1) (Version: 1.10.82.0 - ) Fraps (HKLM-x32\...\Fraps) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.100 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard) HP Support Solutions Framework (HKLM-x32\...\{A772EA32-AE5B-4474-BFC0-4C69C04AFF6A}) (Version: 12.0.26.54 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP) Microsoft OneDrive (HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\OneDriveSetup.exe) (Version: 19.086.0502.0006 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Norton Security Online (HKLM-x32\...\NGC) (Version: 22.17.3.50 - Symantec Corporation) OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) osrss (HKLM-x32\...\{1BA1133B-1C7A-41A0-8CBF-9B993E63D296}) (Version: 1.0.0 - Microsoft Corporation) Hidden Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.5.13.1023 - Razer Inc.) Razer Mamba (HKLM-x32\...\{060B61F0-50BD-4043-AB77-B3EF5769569A}) (Version: 2.04.00 - Razer USA Ltd.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.21.21.1 - Razer Inc.) Razer Synapse (HKLM-x32\...\Razer Synapse) (Version: 3.4.0630.062510 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Skype version 8.48 (HKLM-x32\...\Skype_is1) (Version: 8.48 - Skype Technologies S.A.) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation) Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{2E8B8BDD-03DF-4C1C-8C99-E6A4BCBF43CE}) (Version: 2.51.0.0 - Microsoft Corporation) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.7.1 - VideoLAN) Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22807 - Microsoft Corporation) Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - ) WinRAR 5.71 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) Packages: ========= Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.620.1.0_x86__kgqvnymyfvs32 [2018-04-17] (king.com) HP All-in-One Printer Remote -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_58.1.78.0_x86__v10z8vjag6ke6 [2015-09-29] (Hewlett-Packard Company) HP Explore -> C:\Program Files\WindowsApps\AD2F1837.HPWelcome_0.1.50.0_x64__v10z8vjag6ke6 [2018-04-17] (Hewlett-Packard Company) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11029.20108.0_x64__8wekyb3d8bbwe [2019-07-02] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1705.4.0_x86__8wekyb3d8bbwe [2019-06-26] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-07-02] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.2.11280.0_x86__8wekyb3d8bbwe [2019-07-02] (Microsoft Studios) [MS Ad] MSN Food & Drink -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Health & Fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.6.169.0_x86__8wekyb3d8bbwe [2015-10-10] (Microsoft Corporation) [MS Ad] MSN News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.6.169.0_x86__8wekyb3d8bbwe [2015-10-08] (Microsoft Corporation) [MS Ad] MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.6.169.0_x86__8wekyb3d8bbwe [2015-10-10] (Microsoft Corporation) [MS Ad] MSN Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.25.20211.0_x64__8wekyb3d8bbwe [2019-07-02] (Microsoft Corporation) [MS Ad] Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_5.7.1.1000_x86__wgeqdkkx372wm [2018-04-18] (Twitter Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1655510144-2644727653-3085749880-1001_Classes\CLSID\{D9AC5E73-BB10-467b-B884-AA1E475C51F5}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ShellIconOverlayIdentifiers-x32: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG) ContextMenuHandlers6: [BUContextMenu] -> {F7CAA2A1-67A2-44BB-B20F-202FD8EB1DAB} => C:\Program Files\Norton Security\Engine\22.17.3.50\buShell.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [Symantec.Norton.Antivirus.IEContextMenu] -> {FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} => C:\Program Files\Norton Security\Engine\22.17.3.50\NavShExt.dll [2019-06-20] (Symantec Corporation -> Symantec Corporation) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\steve_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™ (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1" --app-id=cnciopoikihiagdjbjpnocolokfelagl ShortcutWithArgument: C:\Users\steve_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl ==================== Loaded Modules (Whitelisted) ============== 2014-07-04 21:33 - 2014-07-04 21:33 - 000127488 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-07-04 21:33 - 2014-07-04 21:33 - 000344064 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 06:25 - 2013-08-22 06:25 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\steve_000\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\star-wars-the-force-awakens-millennium-falcon-imax1.jpg DNS Servers: 192.168.43.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFilename3 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation) HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation) HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation) HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "Razer Synapse" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "HP Officejet Pro 8620 (NET)" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "iCloudServices" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "iCloudDrive" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "ApplePhotoStreams" HKU\S-1-5-21-1655510144-2644727653-3085749880-1001\...\StartupApproved\Run: => "Synapse3" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [UDP Query User{5D49A81E-F926-4FDE-B8AC-A248913A123F}C:\users\steve_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\steve_000\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{9256A332-DF04-4888-9F17-74826B5895EE}C:\users\steve_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\steve_000\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{3385782F-7DD2-43C7-8920-C98B7D64E8B9}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{C7694D74-35E8-4928-B163-98C8A8A1417C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [UDP Query User{309A2684-2AC8-4911-BA9C-FEBBD96FD1CB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [TCP Query User{744D943E-7F1E-44E8-9831-9F2C6F50C78B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2170085B-0EA0-44BA-A463-0384A39EB7A5}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{A56570BA-9E3E-4EA8-BACC-69848C184E31}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{6ACA6F0A-3C14-4355-A87E-14BD3A9615A4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{D2CB0F61-442C-4C9B-B445-C31F17B8EDDC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment) FirewallRules: [{34ECC3A5-611F-4B80-BE97-E024F7BE8195}] => (Allow) LPort=5556 FirewallRules: [{331AA085-D1F2-46C4-8106-168F36E4A44A}] => (Allow) LPort=5558 FirewallRules: [{89195C4E-E673-4D58-8B18-5B92E44A6449}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{2FED7164-F284-41D9-933D-60F600D1824A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{BC7C7E68-C216-43D6-8218-A8D689C71EC7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{F080748F-D389-4B18-A4D4-AA7368B6AFC6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.) FirewallRules: [TCP Query User{F6BEBEF2-213F-4B32-8A33-1C959BF6D000}C:\users\steve_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\steve_000\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{9A96ACD2-9F83-442E-BC80-81924B362CBB}C:\users\steve_000\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\steve_000\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{8C875A74-2A3B-48BB-B9F7-F3614A65A8D3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{5425A094-D645-46AE-A749-CDF34C321E73}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{74DE685F-6E29-43E2-AABD-6E9D874EB317}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) ==================== Restore Points ========================= 03-07-2019 05:05:38 Windows Update ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (07/03/2019 11:03:28 AM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (07/03/2019 11:01:18 AM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (07/03/2019 09:48:32 AM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (07/03/2019 07:42:26 AM) (Source: ATIeRecord) (EventID: 16396) (User: ) Description: ATI EEU PnP start/stop failed Error: (07/03/2019 07:24:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Local Hostname Eon.local already in use; will try Eon-2.local instead Error: (07/03/2019 07:24:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Eon.local. Addr 192.168.43.248 Error: (07/03/2019 07:24:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Received from 192.168.43.248:5353 16 Eon.local. AAAA 2600:100F:B116:8F5C:F0CE:4EE1:C501:06EB Error: (07/03/2019 07:24:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Eon.local. AAAA FE80:0000:0000:0000:F0CE:4EE1:C501:06EB System errors: ============= Error: (07/03/2019 11:07:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The HP Support Solutions Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (07/03/2019 11:07:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the HP Support Solutions Framework Service service to connect. Error: (07/03/2019 11:06:52 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY) Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout. Error: (07/03/2019 11:04:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Razer Game Manager service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (07/03/2019 11:04:21 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The Razer Synapse Service service depends on the Razer Central Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion. Error: (07/03/2019 11:04:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Razer Central Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (07/03/2019 11:04:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (45000 milliseconds) while waiting for the Razer Game Manager service to connect. Error: (07/03/2019 11:04:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (45000 milliseconds) while waiting for the Razer Central Service service to connect. ==================== Memory info =========================== BIOS: Insyde F.33 06/03/2014 Motherboard: Hewlett-Packard 1984 Processor: AMD A10-5750M APU with Radeon(tm) HD Graphics Percentage of memory in use: 50% Total physical RAM: 7366.26 MB Available physical RAM: 3610.94 MB Total Virtual: 9222.26 MB Available Virtual: 5268.9 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:695.92 GB) (Free:111.27 GB) NTFS \\?\Volume{66a3b7c3-696c-4022-88c9-ab61faa39a54}\ (Recovery) (Fixed) (Total:0.29 GB) (Free:0.27 GB) NTFS \\?\Volume{fd47cb65-7b36-4a1f-a34f-a5c569c493f6}\ () (Fixed) (Total:1.76 GB) (Free:1.17 GB) NTFS \\?\Volume{70bb171d-8d6e-4d34-a202-45d10a6fd919}\ () (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS \\?\Volume{341b6a69-a5c7-4625-ab99-73a574b1c688}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Protective MBR) (Size: 698.6 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================