Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-05-2017 Ran by I am (19-05-2017 11:36:26) Running from C:\Users\I am\Desktop Windows 10 Home Version 1703 (X64) (2017-05-13 18:18:08) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-465181129-2301691221-1871877518-500 - Administrator - Disabled) ASPNET (S-1-5-21-465181129-2301691221-1871877518-1002 - Limited - Enabled) DefaultAccount (S-1-5-21-465181129-2301691221-1871877518-503 - Limited - Disabled) Guest (S-1-5-21-465181129-2301691221-1871877518-501 - Limited - Disabled) I am (S-1-5-21-465181129-2301691221-1871877518-1001 - Administrator - Enabled) => C:\Users\I am ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated) Adobe Flash Player 25 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated) AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.24 - ASUSTeK Computer Inc.) AIDA64 Extreme v5.60 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 5.60 - FinalWire Ltd.) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology) ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.) ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.) ASUSRAMCACHE (HKLM-x32\...\ASUSRAMCACHE) (Version: 1.07.16 - FNet Co., Ltd.) Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts) Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) BT Desktop Help (HKLM-x32\...\BT Desktop Help) (Version: - ) Call of Duty: Modern Warfare 2 (HKLM\...\Steam App 10180) (Version: - Infinity Ward) Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version: - Infinity Ward) Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward) Common Desktop Agent (Version: 1.62.0 - OEM) Hidden CPUID PRO GAMING CPU-Z 1.72.1 (HKLM\...\CPUID PRO GAMING CPU-Z_is1) (Version: 1.72.1 - CPUID, Inc.) Crysis®3 (HKLM-x32\...\{4198AE83-A3C6-4C41-85C8-EC63E990696E}) (Version: 1.0.0.0 - Electronic Arts) DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 6.1.0.0485 - Disc Soft Ltd) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited) ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB) FireStorm version V1.0.45.000 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.45.000 - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.) Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel) Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation) Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.551.2 - McAfee, Inc.) Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts) Media Streamer (HKLM-x32\...\{B457E718-00CA-45C8-9F75-45D66F8DAFF6}) (Version: 3.00.13 - ASUSTeK Computer Inc.) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Home and Student 2016 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 16.0.7967.2161 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-465181129-2301691221-1871877518-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation) NVIDIA GeForce Experience 2.9.1.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.35 - NVIDIA Corporation) NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2161 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.) Raiden IV: OverKill (HKLM\...\Steam App 323460) (Version: - Moss Co., Ltd.) Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 2.1.3 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games) ROG Game First III (HKLM-x32\...\{0C6E32E1-31D9-49F1-B67F-2941994002D5}) (Version: 1.00.31 - ASUSTeK Computer Inc.) Samsung CLX-4190 Series (HKLM-x32\...\Samsung CLX-4190 Series) (Version: 1.20 (21/05/2015) - Samsung Electronics Co., Ltd.) Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.92 (14/03/2014) - Samsung Electronics Co., Ltd.) Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.77.00(12/02/2015) - Samsung Electronics Co., Ltd.) Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.18.0 - Samsung Electronics Co., Ltd.) Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 1.10.19 (12/03/2014) - Samsung Electronics Co., Ltd.) Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.0.16 - Samsung Electronics Co., Ltd.) Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Samsung Scan Process Machine (x32 Version: 1.02.07.02 - Samsung Electronics Co., Ltd.) Hidden SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.9.1.35 - NVIDIA Corporation) Hidden SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd) Sound Blaster Z-Series (HKLM-x32\...\{A15CAB30-128B-4CB3-8C9F-091A69028167}) (Version: 1.00.28 - Creative Technology Limited) Sound Blaster Z-Series Extras (HKLM-x32\...\{9D9DB4BA-E352-4AC8-AD2B-B10104F5AB80}) (Version: 1.0 - Creative Technology Limited) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) View User's Guide (HKLM-x32\...\View User Guide) (Version: 3.60.45.0 - ) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {069D5F4E-FF37-471D-88B5-AFEA5500BF53} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.) Task: {1FE21F3F-B72B-4D51-BA1B-D7EBC176F3D3} - System32\Tasks\{0B224D43-A97E-4F8D-9D2E-544B2E947BA4} => pcalua.exe -a D:\Setup.EXE -d D:\ Task: {35BFEC8E-567C-46A7-A77A-8F5C32FD90A5} - System32\Tasks\ASUS\Ez Update => C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe [2015-02-06] () Task: {3DD518E2-9B3A-456F-8DF7-7A930FF7FF25} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2015-06-04] (TODO: ) Task: {41DA8983-5512-4D8B-9C5B-C637DA6A29D2} - System32\Tasks\ASUS\ASUS Media Streamer DMR => C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe [2015-05-12] () Task: {42968FEE-A792-4CAE-95D8-048396BB216C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-15] (Google Inc.) Task: {4D4497AA-0399-46BA-A6A6-6617364E9230} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2015-06-30] (ASUSTeK Computer Inc.) Task: {613D8058-EF6F-414F-BC40-F8BEEB72FCF5} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation) Task: {90A809BA-5E92-49B0-AC3E-DA6C5E447DAE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {9FD378DA-F7FB-4065-AA78-1B75DC7E9157} - System32\Tasks\{71CD92AA-5F4B-4C9B-A99F-B388D595AA97} => pcalua.exe -a "C:\Program Files\FileViewPro\unins000.exe" Task: {A86EA4F2-2FC0-4538-AEED-C0320D2CEA5A} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_25_0_0_171_pepper.exe [2017-05-10] (Adobe Systems Incorporated) Task: {AF496587-0E1F-40F0-B42B-05D1EF3591A8} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.) Task: {B23CD5F2-7775-4A5A-9857-F2092C2B0BFC} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] () Task: {D09644BB-186A-4FBB-8BAD-CFCF88813648} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\windows\system32\MRT.exe [2017-05-10] (Microsoft Corporation) Task: {D4295155-BEC9-40E6-8297-DC39CD8A7820} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe Task: {DBCEF153-3F46-4B2B-82CF-B79F576D0763} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2015-06-30] () Task: {EAB0D03C-C18C-42CB-BF2F-AA458B72E512} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2017-05-10] (Microsoft Corporation) Task: {FDBE3F2D-DCF3-475C-AF72-47141EE16503} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-05-13 18:53 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-05-11 11:35 - 2015-04-24 12:46 - 00022528 _____ () C:\WINDOWS\System32\ssy4clm.dll 2015-12-15 15:20 - 2009-11-04 14:18 - 00189440 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\lxebdrpp.dll 2015-12-15 20:14 - 2015-05-08 07:26 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe 2016-09-24 23:20 - 2016-09-24 23:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-12-16 20:06 - 2017-03-25 16:16 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2015-12-15 20:16 - 2014-09-26 14:40 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe 2015-12-15 20:16 - 2015-02-06 15:53 - 01462584 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzUpdt.exe 2015-12-15 20:21 - 2015-05-12 22:49 - 00304952 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe 2017-03-18 21:58 - 2017-03-18 21:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll 2015-12-15 20:16 - 2015-06-30 23:23 - 01275672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe 2016-03-14 18:48 - 2017-05-13 09:11 - 08931008 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll 2017-03-18 21:59 - 2017-03-19 03:31 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-05-10 09:28 - 2017-05-10 09:28 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-05-10 09:28 - 2017-05-10 09:28 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-05-10 09:28 - 2017-05-10 09:29 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-05-10 09:28 - 2017-05-10 09:28 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll 2015-12-11 16:57 - 2014-05-22 09:24 - 00096568 _____ () C:\WINDOWS\SYSTEM32\audioLibVc.dll 2015-12-15 16:36 - 2013-01-23 14:29 - 00772712 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebmon.exe 2015-12-15 16:36 - 2013-01-23 14:29 - 00150264 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\ezprint.exe 2014-09-08 13:39 - 2014-09-08 13:39 - 00464608 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe 2014-09-08 13:38 - 2014-09-08 13:38 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll 2015-12-15 20:21 - 2015-06-01 20:20 - 01189688 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ShareEdit.exe 2015-12-15 20:21 - 2015-06-01 20:20 - 02536760 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe 2015-12-15 20:21 - 2015-06-03 20:46 - 00086840 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\ASUSWSAgent.exe 2015-12-15 20:16 - 2014-08-01 16:37 - 01056768 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe 2015-12-15 20:16 - 2014-08-28 11:37 - 00033424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe 2015-12-15 20:15 - 2015-06-30 15:54 - 01263384 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe 2017-03-22 15:20 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll 2017-05-15 22:03 - 2017-05-09 10:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll 2017-05-15 22:03 - 2017-05-09 10:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll 2015-12-15 20:14 - 2017-05-19 10:27 - 00038696 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll 2015-12-15 20:14 - 2015-05-08 07:26 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll 2017-01-15 16:00 - 2017-05-17 19:20 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2013-11-07 18:58 - 2013-11-07 18:58 - 00244736 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-activex-wrapper\build\Release\NodeActiveXWrapper.node 2013-11-07 18:58 - 2013-11-07 18:58 - 00271360 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-osbridge\build\Release\MotiveOSBridgeNodeModule.node 2013-11-07 18:57 - 2013-11-07 18:57 - 00237056 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\motive-xmpps\build\Release\MotiveXMPPSNode.node 2013-04-24 08:55 - 2013-04-24 08:55 - 01581056 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\libxmljs\build\Release\xmljs.node 2013-04-18 17:55 - 2013-04-18 17:55 - 00068608 _____ () C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\node_modules\dnode\node_modules\weak\build\Release\weakref.node 2015-12-15 20:16 - 2014-10-09 10:31 - 00237568 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EzULIB.dll 2015-12-15 20:16 - 2014-02-24 18:49 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\ImageHelper.dll 2015-12-15 20:15 - 2015-06-03 17:17 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll 2015-12-15 20:15 - 2015-06-03 17:17 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll 2015-12-15 20:15 - 2015-02-09 18:53 - 00872960 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll 2015-12-15 20:16 - 2015-07-03 00:20 - 04662272 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll 2015-12-15 20:16 - 2015-06-04 01:48 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll 2015-12-15 20:16 - 2015-05-21 23:57 - 01141248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\EZ Update\EasyUpdt.dll 2015-12-15 20:16 - 2015-06-26 14:50 - 00906240 _____ () C:\Program Files (x86)\ASUS\AI Suite III\LED Control\LEDControl.dll 2015-12-15 20:16 - 2015-06-23 11:17 - 01338368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll 2015-12-15 20:15 - 2015-06-28 17:37 - 00829440 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll 2015-12-15 20:15 - 2014-09-08 07:26 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll 2015-12-15 20:15 - 2014-09-26 14:40 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll 2015-12-15 20:14 - 2015-05-08 07:26 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll 2015-12-15 20:16 - 2015-06-25 00:16 - 00236544 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll 2015-12-15 20:16 - 2015-06-04 01:48 - 00712192 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll 2015-12-15 20:16 - 2015-06-30 23:22 - 00863744 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll 2015-12-15 20:16 - 2015-06-04 01:48 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll 2015-12-15 20:16 - 2015-07-01 17:33 - 00815104 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll 2015-12-15 20:16 - 2015-06-04 01:48 - 00507392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\AsKeyboardFocusHooker.dll 2016-02-18 00:41 - 2016-01-23 03:55 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-12-15 16:36 - 2010-04-01 13:23 - 00389120 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebscw.dll 2015-12-15 16:36 - 2009-05-27 08:16 - 00192512 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebdatr.dll 2015-12-15 16:36 - 2010-04-01 13:24 - 01159168 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebDRS.dll 2015-12-15 16:36 - 2009-03-10 01:43 - 00155648 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebcaps.dll 2015-12-15 16:36 - 2010-04-05 06:55 - 00159890 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\customui.dll 2015-12-15 16:36 - 2010-04-05 06:54 - 00123033 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Eputil.DLL 2015-12-15 16:36 - 2010-04-05 06:54 - 00143502 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Imagutil.DLL 2015-12-15 16:36 - 2010-04-05 06:55 - 00061604 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epfunct.DLL 2015-12-15 16:36 - 2010-04-05 06:56 - 00716954 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\Epwizard.DLL 2015-12-15 16:36 - 2010-04-05 06:56 - 02203803 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPWizRes.dll 2015-12-15 16:36 - 2010-04-05 06:56 - 00045221 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\epstring.dll 2015-12-15 16:36 - 2010-04-05 06:56 - 00094359 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\EPOEMDll.dll 2015-12-15 16:36 - 2009-04-07 15:25 - 00409600 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\iptk.dll 2015-12-15 16:36 - 2009-03-02 10:25 - 00151552 _____ () C:\Program Files (x86)\Lexmark Pro200-S500 Series\lxebptp.dll 2015-12-15 20:21 - 2015-05-12 22:49 - 00253952 _____ () C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\pngio.dll 2017-02-20 09:10 - 2017-02-20 09:10 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2015-12-15 20:16 - 2013-11-20 11:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll 2015-12-15 20:16 - 2013-07-02 11:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll 2015-12-15 20:16 - 2015-06-29 13:35 - 00383488 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\SystemCleaner.dll 2015-07-11 00:37 - 2015-07-11 00:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2017-04-24 14:54 - 00000863 _____ C:\WINDOWS\system32\Drivers\etc\hosts 0.0.0.1 mssplus.mcafee.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-465181129-2301691221-1871877518-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: lfsvc => 3 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{A6E5677F-C8D9-482E-829C-386314600CB4}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe FirewallRules: [{52830E4D-ECF2-4E8B-A3A6-59EEEE54BCF7}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe FirewallRules: [{BD1D0082-96D9-46E9-B4FB-D876D0159B46}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe FirewallRules: [{A2601310-5170-4463-8B82-08B7363F0F00}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe FirewallRules: [{FB552919-B8C2-4D66-ACD8-3A9A0E021DE6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe FirewallRules: [{40B219C9-9B58-4739-83F2-8C170EBC4722}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe FirewallRules: [{F9479B09-2DA7-4EB4-948E-4250DDE73C52}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe FirewallRules: [{C6B05E3F-D6E8-4862-87AC-49356034770D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{E90CDBC5-19BD-4AF6-B0AA-6EE69B5FAFF8}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe FirewallRules: [{179ECA99-5B1E-4B3A-B1CB-1AF7E6D511B8}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe FirewallRules: [{06AD1A3C-EA12-4E16-867A-CFF073F07879}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe FirewallRules: [{3A12DA09-0A9D-43A7-A511-E1EBB6714CCE}] => (Allow) C:\Windows\twain_32\Samsung\CLX4190\SCNSearch\USDAgent.exe FirewallRules: [{54556DAF-A60E-4E59-AD14-143F312F3181}] => (Allow) C:\Windows\twain_32\Samsung\CLX4190\SCNSearch\USDAgent.exe FirewallRules: [{660F41BB-902E-4C0F-AB8F-3A48B1B16697}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{93CF57E8-8893-41CF-8E80-B0F12AB8E3D9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DCC179D9-4319-4812-AE78-D85E046850DE}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{4574B65C-53EE-4135-AEF7-75459290358A}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{D1EA443F-D764-4135-BC7B-B685D4F50F29}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{A37B3346-1421-48B5-BE24-3B939871F357}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{5A1D90D8-6488-474C-A0AA-8EB4F2603F00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raiden IV OverKill\game.exe FirewallRules: [{FDFC9EA5-5C54-46C6-9394-6B9C39AF03AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Raiden IV OverKill\game.exe FirewallRules: [{E7AB2F3E-9852-4D78-8F5A-8319DD1780E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe FirewallRules: [{3FCBF01C-6B5B-4569-A939-126D84BC251D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4sp.exe FirewallRules: [{B0559F79-C7C9-471D-9C3F-E107A3E45AF8}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{308DF9E3-780E-44E1-A122-E37B21166903}] => (Allow) C:\WINDOWS\system32\ftp.exe FirewallRules: [{D722C5E5-32F2-4A1D-AF45-11AA40094CC6}] => (Allow) C:\WINDOWS\system32\LXEBcoms.exe FirewallRules: [{ADA0F511-C251-4042-A09E-77DC40CA8DB9}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe FirewallRules: [{2C0FDDA6-4371-44C5-9CA9-15812493CD2B}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\BTHelpBrowser.exe FirewallRules: [{465BE654-DAA7-4F6A-9FC4-0B9853AD52BF}] => (Allow) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe FirewallRules: [{1FE89A76-B80B-4198-89D2-F87190CD101D}] => (Allow) C:\Program Files\BT Broadband Desktop Help\btbb\BTHelpNotifier.exe FirewallRules: [{C05CA338-6D29-4651-A9D9-0CBF1AB3437E}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\node.exe FirewallRules: [{2310F602-1571-4A2A-A3D6-B1E64FFA5DD8}] => (Allow) C:\Program Files (x86)\BT Broadband Desktop Help\btbb\MA\8.4.0.53.bt.10\ma\bin\node.exe FirewallRules: [{3E560386-CAE3-443E-A0D6-C58BBBEA58B2}] => (Allow) C:\windows\system32\lxebcoms.exe FirewallRules: [{9AE10C5B-C383-496E-98D2-4280818F8D3D}] => (Allow) C:\Windows\System32\lxebcoms.exe FirewallRules: [{C2D64146-0ED7-4A56-BBD6-418099901C04}] => (Allow) C:\Windows\System32\lxebcoms.exe FirewallRules: [{9094DC80-8C15-4263-B0E2-082FB3F8E7D1}] => (Allow) C:\windows\system32\LXEBcoms.exe FirewallRules: [{D00F2924-D488-4419-9E2D-76A414F7865F}] => (Allow) C:\windows\system32\LXEBcoms.exe FirewallRules: [{694E79FC-2070-4150-93C4-9A6AB685DD4F}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{9A9467E8-CFA4-4478-A99C-5E1F4A8C8D16}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{BB22529C-08C8-40E2-A705-47B210A94F6C}] => (Allow) C:\windows\SysWOW64\ftp.exe FirewallRules: [{C75C202D-C096-4C25-8B52-F964B4A7EB7C}] => (Allow) C:\windows\SysWOW64\ftp.exe FirewallRules: [{7ACDDE30-87DC-46B3-8FEA-736A03ED9EA3}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{78D93382-008D-4867-879C-79844E60051B}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe FirewallRules: [{354753D6-708E-4C50-AF01-CB9EC863729D}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMR\AODMR.exe FirewallRules: [{1274B418-0DDF-4827-85BB-AB072D808F57}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe FirewallRules: [{E8F42E07-B8AE-47C3-BF42-88A65F696848}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AODMS.exe FirewallRules: [{11EB78BD-8C7C-48CD-9C5D-159957D27607}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe FirewallRules: [{F43782AE-E9EE-43C5-A071-47C53C36EC02}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\DLNA\DMS\AORelayDMS.exe FirewallRules: [{2A83218B-70ED-4582-B431-BB0AAE59D0D8}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe FirewallRules: [{475C0AFE-FDB4-472A-93A7-47642BDD5D62}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\ASUS Media Streamer\AMSRelayHelpAgent.exe FirewallRules: [{CF3225AC-032A-4AF4-A2B8-1A74D4F44A3F}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe FirewallRules: [{1F07AE35-7F36-4955-9F8E-D0343CF87C21}] => (Allow) C:\Program Files (x86)\ASUS\HomeCloud\Media Streamer\MediaStreamer.exe FirewallRules: [{D30B1280-5D22-433A-82BE-4F27DA0C27E4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{18D26EDA-1DF5-4048-AA1E-A5BB6A4AD593}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8951B72A-EEBC-4DE7-B5F5-D7110446A902}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A250BB7B-3625-4D42-A429-82BF046FEE45}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{30C544B1-C146-4236-ACDE-D905B36B6DF9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{BC8C92E9-4445-4017-A0EA-49D2A2B4C35A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe FirewallRules: [{38D24427-7BC7-4293-812E-E6D45944CB88}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe FirewallRules: [{7F0E090D-B8A7-4D47-A020-709F5A85ECCB}] => (Allow) C:\Program Files (x86)\ASUS\ROG Game First III\gameFirst3.exe FirewallRules: [{460D1890-23C7-461E-9CE8-2D79E075C1F1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{42EA20C1-99FE-4A47-A103-C4301C78C28A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{918FC010-5826-4901-8BA7-90E1952C203E}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{8C25577B-23FE-429E-B185-423DC98764DB}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{654ED0D2-5557-4422-B898-0ED0D79A6005}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe FirewallRules: [{2CC93236-0A84-4F8C-8697-E8B2A37EAC13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe FirewallRules: [{B4D939EE-5EF2-4DF6-8B5C-31A615EC7044}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [{F60A0649-787F-4F9E-86F6-0F9684236EA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5mp.exe FirewallRules: [{E0C6B92B-8967-4855-B89D-5A5249AF527D}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{D0EBFFA2-AA05-4252-9F1D-B945ABE6C50D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{88974A9B-4951-4304-B477-AFCC51425A5F}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{C2444971-5A7C-44E9-977F-C3905631DC14}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{24EEADA0-B30D-42B5-87A1-82250132E392}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe FirewallRules: [{1F92A5F7-3AC5-4A12-9027-D26976922472}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [{C9E93BFF-2460-4CEA-BEBD-7080785774A3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe FirewallRules: [TCP Query User{7C52CC85-C31D-4697-B269-C2F47C1DC620}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{93A06861-AC96-4A33-9BE4-91FBBF96165E}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{8CF6ED5A-0910-4CAE-AEF7-CDD0CB67C658}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{C03F0547-984E-44AD-853A-A84EEF2B3C56}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe FirewallRules: [{6B7B49CD-8E8A-40D1-8F32-1D1EAEE0AC74}] => (Allow) C:\Program Files (x86)\Origin Games\Crysis 3\Bin32\Crysis3.exe FirewallRules: [{8D046B9D-449D-4563-A317-7A6FABC1035D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{12AA9C10-4465-4D9C-8DAB-7CC26AFD6743}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{804885C7-175B-482F-AEF4-A397AC0FF002}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{F787F48E-EDE3-4DD7-86FA-35936290C987}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{7C73140F-DF19-4C39-8D61-71C31DE06509}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{B119F957-1141-4851-AD4A-62C2AA66568F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{0663E39A-DD18-41F6-88E2-FFB01EADD37D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{28F61605-ABD5-4366-8627-65D26ED59450}] => (Allow) C:\windows\system32\LXEBcoms.exe FirewallRules: [{8DD7A7CC-624B-4C1E-834D-5DF0F2D21376}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{025826C7-D239-4C37-9DC4-D0FD291E9C6F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{86B1D895-C4F8-4A26-B139-16330B0A13EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C4BFE80C-5E2B-4FE1-9B27-6640395A2797}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{C42BD8ED-C697-4062-A265-B7D0FCA33A22}] => (Allow) C:\windows\system32\ftp.exe FirewallRules: [{9E9BA7C1-6BD3-4C71-81EA-7ED2D41A1534}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{174CC54A-44AA-47E8-9982-F31151F4067D}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe FirewallRules: [{9E4AE960-F095-4222-8CFA-ACAF1AD77A17}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe ==================== Restore Points ========================= 14-05-2017 01:04:03 Windows Update 15-05-2017 21:12:31 Restore Operation ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/18/2017 10:29:39 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/18/2017 05:33:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamService.exe, version: 4.1.2036.1280, time stamp: 0x56a0882b Faulting module name: ntdll.dll, version: 10.0.15063.0, time stamp: 0xb79b6ddb Exception code: 0xc0000374 Fault offset: 0x00000000000f775f Faulting process id: 0xe74 Faulting application start time: 0x01d2cff46cadae2e Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 318486c6-aed7-4a3b-aa3a-a5e87cc7d373 Faulting package full name: Faulting package-relative application ID: Error: (05/17/2017 04:29:28 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/17/2017 03:33:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WINWORD.EXE version 16.0.7967.2161 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 289c Start Time: 01d2cf1a76e07d3e Termination Time: 75 Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE Report Id: f335121c-c861-4b5b-a384-24d1461cdf2a Faulting package full name: Faulting package-relative application ID: Error: (05/17/2017 03:32:51 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WINWORD.EXE version 16.0.7967.2161 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 1e20 Start Time: 01d2cf1a3fa744f5 Termination Time: 0 Application Path: C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE Report Id: 30f9c882-2b7b-4b24-a533-e6fa454c8d27 Faulting package full name: Faulting package-relative application ID: Error: (05/15/2017 09:58:55 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3152) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU00009.log. Error: (05/15/2017 09:37:48 PM) (Source: System Restore) (EventID: 8210) (User: ) Description: An unspecified error occurred during System Restore: (Windows Update). Additional information: 0x80070005. Error: (05/15/2017 09:08:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamService.exe, version: 4.1.2036.1280, time stamp: 0x56a0882b Faulting module name: ntdll.dll, version: 10.0.15063.0, time stamp: 0xb79b6ddb Exception code: 0xc0000374 Fault offset: 0x00000000000f775f Faulting process id: 0xfdc Faulting application start time: 0x01d2cdb7085ab7c5 Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 6e59c587-3015-4377-8ac5-07a0904125c2 Faulting package full name: Faulting package-relative application ID: Error: (05/15/2017 08:57:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NvStreamService.exe, version: 4.1.2036.1280, time stamp: 0x56a0882b Faulting module name: ntdll.dll, version: 10.0.15063.0, time stamp: 0xb79b6ddb Exception code: 0xc0000374 Fault offset: 0x00000000000f775f Faulting process id: 0xdb0 Faulting application start time: 0x01d2cdb579212a43 Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: 91cccc9f-a601-4f84-8817-6eb569946f26 Faulting package full name: Faulting package-relative application ID: Error: (05/15/2017 08:49:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: PushNoticeMonitor.exe, version: 1.0.1.2, time stamp: 0x00000000 Faulting module name: KERNELBASE.dll, version: 10.0.15063.296, time stamp: 0x28e9cf15 Exception code: 0x0eedfade Fault offset: 0x000eb802 Faulting process id: 0x1bf8 Faulting application start time: 0x01d2cdb455e96f96 Faulting application path: C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll Report Id: 2e5b2d53-af2d-4de8-9305-93e29a004f6f Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (05/19/2017 10:30:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/19/2017 10:27:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The lxebCATSCustConnectService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (05/19/2017 10:27:10 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the lxebCATSCustConnectService service to connect. Error: (05/19/2017 10:27:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The CldFlt service failed to start due to the following error: The request is not supported. Error: (05/19/2017 10:26:24 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC} did not register with DCOM within the required timeout. Error: (05/19/2017 01:15:10 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC} did not register with DCOM within the required timeout. Error: (05/19/2017 12:04:45 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/18/2017 08:41:50 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC} did not register with DCOM within the required timeout. Error: (05/18/2017 08:33:15 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-B72NMJ6) Description: The server {C3D84F57-9904-4F7D-8D79-1D72DAD51ADC} did not register with DCOM within the required timeout. Error: (05/18/2017 05:33:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Origin Web Helper Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. CodeIntegrity: =================================== Date: 2017-05-18 15:33:09.858 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:32:01.066 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:28:34.723 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:28:02.191 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:26:51.428 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:26:05.574 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:24:19.971 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:23:45.195 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:23:44.174 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2017-05-18 15:23:43.921 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz Percentage of memory in use: 18% Total physical RAM: 16324.56 MB Available physical RAM: 13278.92 MB Total Virtual: 19268.56 MB Available Virtual: 15232.28 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:930.2 GB) (Free:667.28 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 623637DF) Partition: GPT. ==================== End of Addition.txt ============================