Hi. My computer seems to be acting weird. My Avast web browser addon will not keep it's settings. It is disabled every time I open Firefox. I have been getting weird popup hijacks like "Your Firefox needs updated immediately" and so forth. I immediately shut the browser down when this happens, but my concern is why the addon will not stay set to enabled. I have adjusted the settings in the addon itself and saved them, but it doesn't work. I have done thorough scans with Malwarebytes and Avast, scanning every whole file, everything checked for maximum discovery. They both come back and tell me "Congratulations, your machine is clean". I kinda doubt that. Now, I am the only user on my machine. I do not even have the guest account activated. I do have my machine tweaked to run minimal processes because I game a lot and my machine needs an upgrade, so I hope you get the picture. I also have the behavior shield turned off in Avast because it uses so much CPU power and memory that it is quite noticeable doing anything. I also have Plex installed, but I rarely use it and have all the processes turned off. But it still seems like I see it in the resource manager sometimes. I'm not quite sure if I trust it, so I would like your opinion. I do not share files, but I do used unauthorized channels. So, I would like for someone to go over my logs and let me know what you think, please. Thank you so much.
FRST64:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2017
Ran by Dee (administrator) on WIN7 (17-09-2017 13:21:36)
Running from C:\Users\Dee\Desktop
Loaded Profiles: Dee (Available Profiles: Dee)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-08-31] (AVAST Software)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642304 2013-04-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1314432 2016-06-09] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [235624 2014-07-30] (CANON INC.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [AmazonGSDownloaderTray] => C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe [332288 2017-06-22] (Amazon.com)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2375802078-1423229213-3210898512-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [1281024 2017-08-16] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{E779C27C-A8C0-4D12-A111-751886C4E058}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2375802078-1423229213-3210898512-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://itch.io/
HKU\S-1-5-21-2375802078-1423229213-3210898512-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/711-111092-2357-0/4?satitle={searchTerms}&mfe=Desktops
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2375802078-1423229213-3210898512-1000 -> DefaultScope {7D34B20D-9D01-4042-8EFE-3CC62D83E56C} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2375802078-1423229213-3210898512-1000 -> {7D34B20D-9D01-4042-8EFE-3CC62D83E56C} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2375802078-1423229213-3210898512-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-31] (AVAST Software)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (CANON INC.)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-07-27] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-31] (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-27] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
Toolbar: HKU\S-1-5-21-2375802078-1423229213-3210898512-1000 -> Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (CANON INC.)
FireFox:
========
FF DefaultProfile: 3cj8zbeg.default-1492307314896-1504766088387
FF ProfilePath: C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\3cj8zbeg.default-1492307314896-1504766088387 [2017-09-17]
FF Extension: (Avast Online Security) - C:\Users\Dee\AppData\Roaming\Mozilla\Firefox\Profiles\3cj8zbeg.default-1492307314896-1504766088387\Extensions\[email protected] [2017-09-07]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-09] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll [2017-04-18] (MediaMall Technologies, Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2375802078-1423229213-3210898512-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Dee\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2017-03-08] (Unity Technologies ApS)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Amazon Download Agent; C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [543744 2017-06-22] (Amazon.com) [File not signed]
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-04-29] (Advanced Micro Devices, Inc.) [File not signed]
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-08-31] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-08-31] (AVAST Software)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [532544 2017-09-15] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8242752 2017-09-06] (GOG.com)
S4 HPAuto; C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe [681528 2010-08-05] (Hewlett-Packard)
S4 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [8227600 2017-05-05] (MediaMall Technologies, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-09-05] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-09-05] (Electronic Arts)
S3 PlexUpdateService; C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [1995240 2017-06-28] (Plex, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 HP Health Check Service; "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe" [X]
S4 hpqwmiex; "C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-08-31] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-31] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-08-31] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-08-31] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-08-31] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-08-31] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-08-31] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-08-31] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-08-31] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-08-31] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-08-31] (AVAST Software)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2015-10-29] (MediaMall Technologies, Inc.)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-18] (Oracle Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-17 13:21 - 2017-09-17 13:21 - 000014150 _____ C:\Users\Dee\Desktop\FRST.txt
2017-09-17 13:18 - 2017-09-17 13:18 - 002399744 _____ (Farbar) C:\Users\Dee\Desktop\FRST64.exe
2017-09-15 17:38 - 2017-09-15 17:38 - 000000000 ____D C:\Users\Dee\Desktop\ClassicGames
2017-09-15 17:27 - 2017-09-15 17:38 - 000000000 ____D C:\Users\Dee\Desktop\FinishedGames
2017-09-15 08:46 - 2017-09-15 08:46 - 000000000 ____D C:\Users\Dee\AppData\Roaming\ScummVM
2017-09-15 08:17 - 2017-09-15 08:17 - 000001746 _____ C:\Users\Public\Desktop\Beneath a Steel Sky.lnk
2017-09-15 08:16 - 2017-09-15 08:16 - 000001409 _____ C:\Users\Public\Desktop\The 11th Hour.lnk
2017-09-15 08:10 - 2017-09-15 08:10 - 000000000 ____D C:\Users\Public\Documents\The Witcher
2017-09-15 08:10 - 2017-09-15 08:10 - 000000000 ____D C:\Users\Dee\Documents\The Witcher
2017-09-15 07:53 - 2017-09-15 07:53 - 000001793 _____ C:\Users\Public\Desktop\Deadlight - Director's Cut.lnk
2017-09-15 07:44 - 2017-09-15 07:44 - 000001364 _____ C:\Users\Public\Desktop\Armikrog.lnk
2017-09-15 07:44 - 2017-09-15 07:44 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\PencilTestStudios
2017-09-15 07:37 - 2017-09-15 17:30 - 000000000 ____D C:\Users\Dee\Documents\Remedy
2017-09-15 07:37 - 2017-09-15 07:37 - 000001667 _____ C:\Users\Public\Desktop\Alan Wake's American Nightmare.lnk
2017-09-13 10:36 - 2017-09-13 10:36 - 000000222 _____ C:\Users\Dee\Desktop\The Moment of Silence.url
2017-09-11 11:55 - 2017-09-11 11:56 - 000000000 ____D C:\Users\Dee\Desktop\GamesForCards
2017-09-10 22:51 - 2017-09-10 22:51 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\Dymchick1
2017-09-09 12:44 - 2017-09-09 20:43 - 000000000 ____D C:\Users\Dee\Desktop\DanaHurricaneIrma
2017-09-07 20:11 - 2017-09-17 13:21 - 000000000 ____D C:\FRST
2017-09-07 02:34 - 2017-09-07 02:34 - 000000000 ____D C:\Users\Dee\Desktop\Old Firefox Data
2017-09-07 02:10 - 2017-09-07 02:10 - 001058032 _____ (Amazon Services LLC) C:\Users\Dee\Downloads\Sherlock_Holmes_vs_Jack_the_Ripper_Downloader.exe
2017-09-07 02:10 - 2017-09-07 02:10 - 000000000 ____D C:\Program Files (x86)\Amazon
2017-09-07 02:09 - 2017-09-07 02:09 - 003435696 _____ (Amazon ) C:\Users\Dee\Downloads\AmazonGSDownloaderSetup.exe
2017-09-07 00:30 - 2017-09-07 02:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon
2017-09-06 18:45 - 2017-09-06 18:45 - 000000000 _____ C:\Users\Dee\.node_repl_history
2017-09-02 06:59 - 2017-09-02 06:59 - 001175598 _____ C:\Users\Dee\Documents\Pharm-GD_MA.pdf
2017-09-02 06:59 - 2017-09-02 06:59 - 000251532 _____ C:\Users\Dee\Documents\PT_minutes.pdf
2017-08-31 14:24 - 2017-08-31 14:24 - 000012409 _____ C:\Users\Dee\Documents\VRRENEWAL.pdf
2017-08-31 13:59 - 2017-08-31 13:59 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-08-28 19:58 - 2017-08-28 19:58 - 000000000 ____D C:\Users\Dee\AppData\Local\Kholat
2017-08-23 20:08 - 2017-08-23 20:31 - 000000000 ____D C:\Users\Dee\AppData\Local\Roblox
2017-08-23 20:07 - 2017-09-08 21:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2017-08-23 20:07 - 2017-08-29 15:22 - 000000252 _____ C:\Users\Dee\AppData\LocalLow\rbxcsettings.rbx
2017-08-23 20:07 - 2017-08-23 20:07 - 000000000 ____D C:\ProgramData\Roblox
2017-08-23 20:07 - 2017-08-23 20:07 - 000000000 ____D C:\Program Files (x86)\Roblox
2017-08-23 20:03 - 2017-09-15 17:36 - 000000000 ____D C:\Users\Dee\Desktop\EthanGames
2017-08-23 12:19 - 2017-08-29 19:07 - 000000000 ____D C:\Users\Dee\Desktop\Fred
2017-08-21 20:31 - 2017-08-21 20:31 - 000000222 _____ C:\Users\Dee\Desktop\Harvester.url
2017-08-20 20:08 - 2017-08-20 20:08 - 000000222 _____ C:\Users\Dee\Desktop\House of Caravan.url
2017-08-19 19:49 - 2017-08-19 19:49 - 000000000 ____D C:\Users\Dee\Documents\Nikopol
2017-08-19 19:36 - 2017-08-19 19:36 - 000000221 _____ C:\Users\Dee\Desktop\Nikopol Secrets of the Immortals.url
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-17 13:21 - 2017-04-06 18:52 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\Mozilla
2017-09-17 13:08 - 2009-07-14 00:45 - 000015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-17 13:08 - 2009-07-14 00:45 - 000015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-17 00:19 - 2017-04-06 21:57 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-16 19:34 - 2010-12-10 14:58 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-15 17:42 - 2017-04-07 23:14 - 000000000 ____D C:\Users\Dee\Desktop\PuterTools
2017-09-15 17:33 - 2017-04-07 03:06 - 000000000 ____D C:\Users\Dee\Desktop\AGS-DownloadGames
2017-09-15 11:30 - 2017-04-23 18:52 - 000000000 ____D C:\Users\Dee\Desktop\GamingTools
2017-09-15 08:17 - 2017-04-27 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-09-15 08:17 - 2009-07-14 01:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-15 07:32 - 2017-04-27 17:54 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2017-09-09 17:34 - 2017-04-06 21:59 - 000000000 ____D C:\Users\Dee\AppData\Local\Steam
2017-09-07 20:05 - 2017-08-04 00:46 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-09-07 19:53 - 2017-05-02 11:22 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-07 19:52 - 2017-08-04 00:45 - 000109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-09-07 18:29 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-06 18:45 - 2017-04-06 18:07 - 000000000 ____D C:\Users\Dee
2017-09-05 15:27 - 2017-04-14 00:08 - 000007620 _____ C:\Users\Dee\AppData\Local\Resmon.ResmonCfg
2017-09-05 13:51 - 2017-04-21 11:34 - 000000000 ____D C:\ProgramData\Origin
2017-09-05 13:50 - 2017-04-21 11:37 - 000000000 ____D C:\Users\Dee\AppData\Roaming\Origin
2017-09-05 13:49 - 2017-04-21 11:35 - 000000000 ____D C:\Program Files (x86)\Origin
2017-09-03 13:16 - 2017-04-08 23:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-02 12:49 - 2017-07-01 12:52 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-01 20:15 - 2017-06-22 10:24 - 000000000 ____D C:\Users\Dee\Documents\My Games
2017-08-31 18:39 - 2017-04-23 19:26 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-31 14:00 - 2017-04-06 18:55 - 000000000 ____D C:\Program Files\Common Files\AV
2017-08-31 13:59 - 2017-06-30 07:43 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-08-31 13:59 - 2017-06-30 07:43 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-08-31 13:59 - 2017-06-30 07:43 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-08-31 13:59 - 2017-06-30 07:43 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-08-31 13:59 - 2017-04-06 18:55 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-08-29 17:14 - 2017-04-06 22:53 - 000000000 ____D C:\Users\Dee\AppData\Local\ElevatedDiagnostics
2017-08-29 15:22 - 2017-04-25 12:48 - 000000000 ____D C:\Users\Dee\AppData\Local\CrashDumps
2017-08-24 19:53 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\Registration
2017-08-24 17:05 - 2009-07-13 23:20 - 000000000 __RHD C:\Users\Public\Libraries
2017-08-24 16:58 - 2017-05-15 13:46 - 000000000 ____D C:\Users\Dee\AppData\LocalLow\Phoenix Online Studios
2017-08-23 12:16 - 2009-07-14 01:32 - 000000000 ____D C:\Windows\system32\FxsTmp
==================== Files in the root of some directories =======
2017-07-12 19:06 - 2017-08-03 22:30 - 000000446 _____ () C:\Users\Dee\AppData\Roaming\CSharpAnalytics-MeasurementSession
2017-07-01 18:20 - 2017-07-01 18:20 - 000003584 _____ () C:\Users\Dee\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-04-14 00:08 - 2017-09-05 15:27 - 000007620 _____ () C:\Users\Dee\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-10 12:44
==================== End of FRST.txt ============================
ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-09-2017
Ran by Dee (17-09-2017 13:22:15)
Running from C:\Users\Dee\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-06 22:07:33)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2375802078-1423229213-3210898512-500 - Administrator - Disabled)
Dee (S-1-5-21-2375802078-1423229213-3210898512-1000 - Administrator - Enabled) => C:\Users\Dee
Guest (S-1-5-21-2375802078-1423229213-3210898512-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2375802078-1423229213-3210898512-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
1954 Alcatraz (HKLM-x32\...\1207661333_is1) (Version: 2.1.0.4 - GOG.com)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
A Story About My Uncle (HKLM\...\Steam App 278360) (Version: - Gone North Games)
Absent (HKLM\...\Steam App 398450) (Version: - FNGames)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Agatha Christie - The ABC Murders (HKLM\...\Steam App 374900) (Version: - Artefacts Studios)
Alan Wake's American Nightmare (HKLM-x32\...\1207659038_is1) (Version: 2.0.0.25 - GOG.com)
Alpha Polaris : A Horror Adventure Game (HKLM\...\Steam App 405780) (Version: - Turmoil Games)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.2.0.0 - Amazon)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Anna - Extended Edition (HKLM\...\Steam App 217690) (Version: - Dreampainters)
Approaching Blocks (HKLM\...\Steam App 467390) (Version: - Dymchick1)
Armikrog (HKLM-x32\...\1433157800_is1) (Version: 2.4.0.6 - GOG.com)
Art Explosion Greeting Card Factory Express (HKLM-x32\...\{AE15D0F7-8C2E-4419-97B4-995ED16FBB4E}) (Version: 1.04.3600 - Nova Development)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Belladonna (HKLM\...\Steam App 351340) (Version: - Neckbolt)
Beneath a Steel Sky (HKLM-x32\...\1207658695_is1) (Version: 2.1.0.11 - GOG.com)
Black Mirror (HKLM\...\Steam App 292930) (Version: - Future Games)
Black Sails (HKLM\...\Steam App 373240) (Version: - Deck13)
Blackbay Asylum (HKLM\...\Steam App 313140) (Version: - TAD Productions AB)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.3.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.6.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.15.23 - Canon Inc.)
Canon MX490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX490_series) (Version: 1.02 - Canon Inc.)
Canon MX490 series On-screen Manual (HKLM-x32\...\Canon MX490 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon MX490 series User Registration (HKLM-x32\...\Canon MX490 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.1 - Canon Inc.)
CAYNE (HKLM\...\Steam App 532840) (Version: - THE BROTHERHOOD)
Clicker Heroes (HKLM\...\Steam App 363970) (Version: - Playsaurus)
Cognition: An Erica Reed Thriller (HKLM\...\Steam App 242780) (Version: - Phoenix Online Studios)
Cult (HKLM-x32\...\ST5UNST #1) (Version: - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3210 - CyberLink Corp.)
Dark Fall 2: Lights Out (HKLM\...\Steam App 260710) (Version: - Darkling Room)
Dark Fall: Lost Souls (HKLM\...\Steam App 46750) (Version: - Darkling Room)
Darkness Within 2: The Dark Lineage Director's Cut Edition (HKLM\...\Steam App 298950) (Version: - Zoetrope Interactive)
Darkness Within: In Pursuit of Loath Nolder (HKLM\...\Steam App 298930) (Version: - Zoetrope Interactive)
Dead Secret (HKLM\...\Steam App 402260) (Version: - Robot Invader)
Deadlight - Director's Cut (HKLM-x32\...\1230412827_is1) (Version: 2.0.0.2 - GOG.com)
Decay - The Mare (HKLM\...\Steam App 323720) (Version: - Shining Gate Software)
Depression Quest (HKLM\...\Steam App 270170) (Version: - The Quinnspiracy)
Detective Butler: Maiden Voyage Murder (HKLM\...\Steam App 612620) (Version: - Goldbar Games)
DISTRAINT (HKLM\...\Steam App 395170) (Version: - Jesse Makkonen)
Disturbed (HKLM\...\Steam App 529780) (Version: - Brad Moore)
Donald Dowell version 1.0 (HKLM-x32\...\{BFC05D0B-3340-4F29-855C-36829A3E8016}_is1) (Version: 1.0 - Ape Marina)
Downfall (HKLM\...\Steam App 364390) (Version: - Harvester Games)
Dracula: Origin (HKLM\...\Steam App 11050) (Version: - Frogwares)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.2.4412 - Hewlett-Packard)
Emily is Away (HKLM\...\Steam App 417860) (Version: - Kyle Seeley)
Experience 112 (HKLM\...\Steam App 324770) (Version: - Lexis Numerique)
Face Noir (HKLM\...\Steam App 244690) (Version: - Mad Orange)
Fallout Shelter (HKLM\...\Steam App 588430) (Version: - Bethesda Game Studios)
Fran Bow (HKLM-x32\...\1438948561_is1) (Version: 2.5.0.6 - GOG.com)
Game of Thrones - A Telltale Games Series (HKLM\...\Steam App 330840) (Version: - Telltale Games)
GD Hardware Scan (HKU\S-1-5-21-2375802078-1423229213-3210898512-1000\...\GD Hardware Scan) (Version: 00.00.00.01 - Social Web Tech LTD)
Goat Simulator (HKLM\...\Steam App 265930) (Version: - Coffee Stain Studios)
Goetia (HKLM\...\Steam App 421740) (Version: - Sushee)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Grim Fandango Remastered (HKLM-x32\...\1207667183_is1) (Version: 2.1.0.5 - GOG.com)
Harvester (HKLM\...\Steam App 287020) (Version: - DigiFX Interactive)
Hector: Ep 1 (HKLM\...\Steam App 94600) (Version: - Straandlooper)
Hector: Ep 2 (HKLM\...\Steam App 94610) (Version: - Straandlooper)
Hector: Ep 3 (HKLM\...\Steam App 94620) (Version: - Straandlooper)
House of Caravan (HKLM\...\Steam App 353550) (Version: - Rosebud Games)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.2.4521 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.2.4517 - Hewlett-Packard)
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.2.4513 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.2.4522 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
HydraVision (HKLM-x32\...\{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}) (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
I Have No Mouth, and I Must Scream (HKLM-x32\...\1207659593_is1) (Version: 2.1.0.8 - GOG.com)
itch (HKU\S-1-5-21-2375802078-1423229213-3210898512-1000\...\itch) (Version: 23.4.2 - Itch Corp)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Jotun (HKLM\...\Steam App 323580) (Version: - Thunder Lotus Games)
Kathy Rain (HKLM-x32\...\1460710709_is1) (Version: 2.2.0.4 - GOG.com)
Kentucky Route Zero (HKLM\...\Steam App 231200) (Version: - Cardboard Computer)
KHOLAT (HKLM\...\Steam App 343710) (Version: - IMGN.PRO)
Kraven Manor (HKLM\...\Steam App 296630) (Version: - Demon Wagon Studios)
Last Half of Darkness - Society of the Serpent Moon (HKLM\...\Steam App 384910) (Version: - WRF Studios)
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Masochisia (HKLM\...\Steam App 396310) (Version: - Oldblood)
Medal of Honor: Pacific Assault™ (HKLM-x32\...\{56CFA833-F44F-4199-8C58-7F8B38F2BC7B}) (Version: 1.2.1.281 - Electronic Arts)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Minecraft - Story Mode (HKLM-x32\...\1444400283_is1) (Version: 2.5.0.6 - GOG.com)
Minecraft: Story Mode - A Telltale Games Series (HKLM\...\Steam App 376870) (Version: - Telltale Games)
Mistfal (HKLM\...\Steam App 417920) (Version: - Sergei Minin)
Moebius: Empire Rising (HKLM\...\Steam App 264520) (Version: - Phoenix Online Studios)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MURDERED: SOUL SUSPECT™ (HKLM\...\Steam App 233290) (Version: - Airtight Games)
Neighbours from [bleep] (HKLM\...\Steam App 260750) (Version: - JoWooD Vienna)
Nikopol: Secrets of the Immortals (HKLM\...\Steam App 11370) (Version: - White Birds Productions)
Node.js (HKLM-x32\...\{9ACC4D78-9B86-4B9E-85F9-263E426534F9}) (Version: 6.10.2 - Node.js Foundation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.3 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Outlast (HKLM\...\Steam App 238320) (Version: - Red Barrels)
Overclocked - A History of Violence (HKLM-x32\...\1438770870_is1) (Version: 2.0.0.2 - GOG.com)
Pain Train (HKLM\...\Steam App 576560) (Version: - Virtual Top)
PlayOn (HKLM-x32\...\{7D147000-343B-4202-88BD-7715A4EE93A7}) (Version: 4.3.9 - MediaMall Technologies, Inc.) Hidden
PlayOn (HKLM-x32\...\{9eaa2820-362d-46bd-a7ab-a9244ccd41db}) (Version: 4.3.9.18619 - MediaMall Technologies, Inc.)
PlayOn Dependencies (HKLM-x32\...\{0E100B2E-D56C-4BFB-9FD6-894FDEDC10E6}) (Version: 1.0.0.0 - MediaMall Technologies, Inc.) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Plex Media Server (HKLM-x32\...\{763A44F9-11ED-4C90-B79F-01077108135B}) (Version: 1.7.4035 - Plex, Inc.) Hidden
Plex Media Server (HKLM-x32\...\{d30c30f4-3b8f-4a97-83a8-ade21eb5089e}) (Version: 1.7.5.4035 - Plex, Inc.)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4329 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3129 - CyberLink Corp.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Rebel Galaxy (HKLM-x32\...\1435582019_is1) (Version: 2.6.0.11 - GOG.com)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.3219 - CyberLink Corp.) Hidden
Rhiannon: Curse of the Four Branches (HKLM\...\Steam App 298140) (Version: - Arberth Studios)
Roblox Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Sam & Max 101: Culture Shock (HKLM\...\Steam App 8200) (Version: - Telltale Games)
Serena (HKLM\...\Steam App 272060) (Version: - Senscape)
Sherlock Holmes: The Awakened - Remastered (HKLM\...\Steam App 11140) (Version: - Frogwares)
Silence of the Sleep (HKLM\...\Steam App 321870) (Version: - Jesse Makkonen)
Sinking Island (HKLM\...\Steam App 333430) (Version: - White Birds Productions)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
STASIS (HKLM-x32\...\1439548178_is1) (Version: 2.2.0.7 - GOG.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stopping Plex (HKLM-x32\...\{64DC32A4-FE15-4054-AC6C-421DE509BF51}) (Version: 1.7.4035 - Plex, Inc.) Hidden
Stories Untold Demo (HKLM\...\Steam App 609750) (Version: - No Code)
Subject 13 (HKLM\...\Steam App 322970) (Version: - Paul Cuisset)
Syberia II (HKLM-x32\...\{BF1534B0-BE09-457E-A4CF-0EFC803125F2}) (Version: 1.0.0.16 - Microids)
Tales from the Borderlands (HKLM\...\Steam App 330830) (Version: - Telltale Games)
The 11th Hour (HKLM-x32\...\1207659000_is1) (Version: 2.0.0.14 - GOG.com)
The 39 Steps (HKLM\...\Steam App 234940) (Version: - The Story Mechanics)
The 7th Guest (HKLM-x32\...\1207658999_is1) (Version: 2.1.0.21 - GOG.com)
The Blackwell Legacy (HKLM\...\Steam App 80330) (Version: - Wadjet Eye Games)
The Cat Lady (HKLM-x32\...\1207659201_is1) (Version: 2.2.0.9 - GOG.com)
The Charnel House Trilogy (HKLM\...\Steam App 288930) (Version: - Owl Cave)
The Guest (HKLM-x32\...\1491580335_is1) (Version: gog-2a - GOG.com)
The Last Crown: Midnight Horror (HKLM\...\Steam App 291770) (Version: - Darkling Room)
The Last NightMary - A Lenda do Cabeça de Cuia (HKLM\...\Steam App 407300) (Version: - Submersivo Game Studio)
The Lost Crown (HKLM\...\Steam App 291710) (Version: - Darkling Room)
The Moment of Silence (HKLM\...\Steam App 339840) (Version: - House of Tales)
The Monster Inside (HKLM\...\Steam App 665490) (Version: - Random Seed Games)
The Moon Sliver (HKLM\...\Steam App 329830) (Version: - David Szymanski)
The Mystery of the Druids (HKLM\...\Steam App 343000) (Version: - House of Tales)
The Secret of Monkey Island: Special Edition (HKLM\...\Steam App 32360) (Version: - LucasArts)
The Walking Dead (HKLM\...\Steam App 207610) (Version: - Telltale Games)
The Walking Dead: Michonne (HKLM\...\Steam App 429570) (Version: - Telltale Games)
The Walking Dead: Season Two (HKLM\...\Steam App 261030) (Version: - Telltale Games)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\1207658924_is1) (Version: 2.1.0.15 - GOG.com)
Unity Web Player (HKU\S-1-5-21-2375802078-1423229213-3210898512-1000\...\UnityWebPlayer) (Version: 5.3.8f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Whispering Willows (HKLM\...\Steam App 288060) (Version: - Night Light Interactive)
Yesterday (HKLM\...\Steam App 205840) (Version: - Pendulo Studios)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-31] (AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-31] (AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-31] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-31] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00C74FE8-76D7-490E-92F8-A49C3BC033E4} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3BEE14AA-47D8-48DF-AA3D-7C153FF74802} - System32\Tasks\Hewlett-Packard\HP Support Assistant\First Boot => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe
Task: {621397ED-AC25-49F9-9011-CBB619F3DC87} - System32\Tasks\DST => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe
Task: {70118D9B-4AE2-4E3A-8848-B9FE334F15FF} - System32\Tasks\Accessories => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe
Task: {77106C3E-04FB-4B78-8585-8C17EC554FC8} - System32\Tasks\FileTransfer => C:\Program Files (x86)\Hewlett-Packard\Setup Manager\toaster.exe
Task: {BC96C8ED-01C9-49F3-8041-4885DA0A98F2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_151_pepper.exe [2017-08-16] (Adobe Systems Incorporated)
Task: {E16E7827-6C37-479E-BF4E-F8B313A53ED2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E88C909D-80D2-4ACE-85CB-6C0E67F98F20} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-31] (AVAST Software)
Task: {FCC91F7B-FC44-4593-862C-B777AA72884B} - System32\Tasks\{8B40E966-23AE-4ED5-9914-5DCAB684E751} => E:\SETUP.EXE
Task: {FF4CA858-DA07-4983-90B3-FCA89D9DB2BD} - System32\Tasks\{85FAD8F7-EAA8-4F80-9AB9-356A756246F1} => C:\Windows\system32\pcalua.exe -a E:\SETUP.EXE -d E:\
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-04-29 23:25 - 2013-04-29 23:25 - 000103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-04-29 23:08 - 2013-04-29 23:08 - 000369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-06-18 15:49 - 2013-06-18 15:49 - 000016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2017-08-31 13:59 - 2017-08-31 13:59 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-08-31 13:59 - 2017-08-31 13:59 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-31 13:59 - 2017-08-31 13:59 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-31 13:59 - 2017-08-31 13:59 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-31 13:59 - 2017-08-31 13:59 - 000149568 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-09-06 17:03 - 2017-09-06 17:03 - 005897648 _____ () C:\Program Files\AVAST Software\Avast\defs\17090604\algo.dll
2017-08-31 13:59 - 2017-08-31 13:59 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-09-09 07:43 - 2017-09-09 07:43 - 005901864 _____ () C:\Program Files\AVAST Software\Avast\defs\17090900\algo.dll
2017-09-14 16:41 - 2017-09-14 16:41 - 005902888 _____ () C:\Program Files\AVAST Software\Avast\defs\17091402\algo.dll
2017-09-16 16:15 - 2017-09-16 16:15 - 005902376 _____ () C:\Program Files\AVAST Software\Avast\defs\17091600\algo.dll
2017-09-17 13:03 - 2017-09-17 13:03 - 005902376 _____ () C:\Program Files\AVAST Software\Avast\defs\17091700\algo.dll
2017-06-30 07:43 - 2017-06-30 07:43 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-31 13:59 - 2017-08-31 13:59 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-08 17:05 - 2017-09-08 17:05 - 005901864 _____ () C:\Program Files\AVAST Software\Avast\defs\17090804\algo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\72214963.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\72214963.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2375802078-1423229213-3210898512-1000\...\oracle.com -> hxxps://www.oracle.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2017-05-03 13:11 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2375802078-1423229213-3210898512-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{DE9FA7C8-BBF2-4B79-A61A-F8881E74DBAD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
FirewallRules: [{E514BBC0-A6EB-411E-899F-9AB5A959A8FC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe
FirewallRules: [{CF310347-3225-4B98-AFC4-C6F366395624}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe
FirewallRules: [{CD935964-91CF-4F49-ABD0-212835AD5A27}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe
FirewallRules: [{28EB226E-56C5-43AB-B7A5-F0A62CC9377E}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\TSMAgent.exe
FirewallRules: [{2D0268D1-BE8A-4BAA-88C3-19F49CDAD483}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe
FirewallRules: [{8A3054E4-6BF8-4F03-B7EC-CD58294307B5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe
FirewallRules: [{ADB57881-E15A-4A78-8CB3-9FB151AD5A96}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe
FirewallRules: [{327AE824-E83E-45F6-AE49-D23FBBFF3084}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe
FirewallRules: [{20E499B1-31C5-40BE-9775-B84795079318}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe
FirewallRules: [{1F90BC9C-4360-47F4-A01C-5D25B2190F0E}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{3933C326-8852-41C1-ADBD-64DE7562957D}] => (Allow) C:\Program Files (x86)\Roxio\RoxioNow Player\RNowShell.exe
FirewallRules: [{27F494A5-6828-49A2-A931-4D28335CD897}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8D0FA2A6-5EFD-486B-B962-9B4A32A3F0E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E03B65EF-6AF0-496E-AD7D-BAE9493B9C10}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CCE6B9FD-5E51-4BA5-AAEA-02A1A6D7F18B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{08E55493-67BF-4F81-90A1-58D9DBAE59A7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CF22FF02-AF0C-42ED-BE89-2335361169A7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8B12E706-4247-49CD-8244-9504B7A19B7F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Midnight Horror\Launcher.exe
FirewallRules: [{DCA519A4-7516-4AE0-9B8C-9E3981C0825A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Midnight Horror\Launcher.exe
FirewallRules: [{75BCAFCF-EECF-4BE6-BF8B-3D3ECE701689}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Fall Lost Souls\DarkFallLostSouls.exe
FirewallRules: [{F7D7C22A-3810-48CA-86C7-EA6BDBC51AA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Fall Lost Souls\DarkFallLostSouls.exe
FirewallRules: [{CD42D740-C98E-435D-9C68-3DB0465DF4B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Masochisia\MASOCHISIA-x86.exe
FirewallRules: [{A4355EE1-4B0C-45F1-BBE5-2755576B891B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Masochisia\MASOCHISIA-x86.exe
FirewallRules: [{F529408C-5FB2-4DDA-8892-48A30FA20E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serena\Dagon64.exe
FirewallRules: [{B7528F65-DE46-4AEA-A303-47FAA0261159}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Serena\Dagon64.exe
FirewallRules: [{9FF23F02-8663-48C7-B350-58CEE27F780A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Charnel House Trilogy\CHT.exe
FirewallRules: [{080D1BDA-D4B1-4832-A16E-524FBD296BAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Charnel House Trilogy\CHT.exe
FirewallRules: [{FC8852B0-19B9-4F88-A153-D7F4297EF021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Charnel House Trilogy\winsetup.exe
FirewallRules: [{314C17AC-1E9C-402B-A585-BE4F8665246B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Charnel House Trilogy\winsetup.exe
FirewallRules: [{E649DAE4-3874-4790-95EE-9D0167F0C24E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alpha Polaris\AlphaPolaris.exe
FirewallRules: [{3FE4AA9C-2301-4633-BC05-8A50772F8DB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Alpha Polaris\AlphaPolaris.exe
FirewallRules: [{544D0807-3483-447E-9D59-8DFDA71A200A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkness Within\DarknessWithin.exe
FirewallRules: [{B6C41CBD-2C74-4B42-8EF4-B4C0126F156F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkness Within\DarknessWithin.exe
FirewallRules: [{749802A3-1E33-4448-9E19-A2BBB3B234BA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rhiannon Curse of the Four Branches\RhiannonMeridian4.exe
FirewallRules: [{2870F272-92F1-44D6-9BD4-E86771797D33}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rhiannon Curse of the Four Branches\RhiannonMeridian4.exe
FirewallRules: [{F133492B-F3DE-4590-A87E-AD986F18415C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Fall 2 Lights Out\DarkFall2.exe
FirewallRules: [{5F3BFFC1-9542-450F-BF06-F7BE67707B1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Fall 2 Lights Out\DarkFall2.exe
FirewallRules: [{283E8695-0C6B-48F0-985D-0A4349FDB6BE}] => (Allow) C:\Program Files (x86)\Origin Games\Syberia II\Syberia2.exe
FirewallRules: [{930CC7B4-A7A5-49F7-BE91-2A1D2C9F3F5B}] => (Allow) C:\Program Files (x86)\Origin Games\Syberia II\Syberia2.exe
FirewallRules: [{2611C26F-6807-4C28-9B2F-6CDBDE1A6590}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{BFDF4CD0-89AD-4CE2-BE9C-F2A7D3152708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{B109EC80-9461-48FE-AF9F-68E07F7AFCFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{9DFD9A0B-9CBF-41EC-B260-88C04E3B5F2C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout Shelter\FalloutShelter.exe
FirewallRules: [{D0B8E561-C07A-49D1-A042-4B3C8F1647AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last NightMary - A Lenda do Cabeça de Cuia\TheLastNightMary.exe
FirewallRules: [{E165AF29-B9FF-4810-BBC7-606A7C87AF29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Last NightMary - A Lenda do Cabeça de Cuia\TheLastNightMary.exe
FirewallRules: [{D9B768BA-4B72-4D09-A35D-84A2392C220E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dracula Origin\game.exe
FirewallRules: [{E417CB67-1619-4560-812C-77135B02BB1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dracula Origin\game.exe
FirewallRules: [{EBDEB520-FC98-4886-A394-6534364E995B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Experience112\eXperience112.exe
FirewallRules: [{A84661A2-BF8E-4884-BFCC-5ECA07AB298F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Experience112\eXperience112.exe
FirewallRules: [{4D2BBA4A-2009-4DD5-8A0E-C2422203CABF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Absent\Absent.exe
FirewallRules: [{5A5100F4-F310-4EF9-9480-5DEFF8704102}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Absent\Absent.exe
FirewallRules: [{C6E698C6-4E8F-4809-BD24-F8CA4EDDBC3E}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
FirewallRules: [{13453F1D-316E-49EC-B64F-5A88C55B796F}] => (Allow) C:\Program Files (x86)\MediaMall\MediaMallServerLauncher.exe
FirewallRules: [{DCD4251F-AD4F-4A0A-9B68-31DC23781F7B}] => (Allow) C:\Program Files (x86)\MediaMall\SettingsManager.exe
FirewallRules: [{A4F6FD6C-891A-442E-B88C-403B8112AA37}] => (Allow) C:\Program Files (x86)\MediaMall\PlayOn.exe
FirewallRules: [{EFDD497A-F166-42BA-86E2-38ADBBA4014C}] => (Allow) C:\Program Files (x86)\MediaMall\PlayMark.exe
FirewallRules: [{7766008F-7405-4F32-8FF5-42680C5F0645}] => (Allow) C:\Program Files (x86)\MediaMall\Surfer.exe
FirewallRules: [{3D0CAEBF-EA8A-4642-B642-753EDBD65932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkness Within 2\DarkLineage.exe
FirewallRules: [{21E95C89-745D-405E-B964-04F9E4E4231B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darkness Within 2\DarkLineage.exe
FirewallRules: [{5EC0FB28-2FB2-4D38-A418-3A092EBF2547}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subject 13\Subject13.exe
FirewallRules: [{E98A552C-0989-4A7A-B04C-29A201E6007F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Subject 13\Subject13.exe
FirewallRules: [{215E864E-786A-43C7-8693-C108AB034CF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cognition\Launcher\Cognition Launcher.exe
FirewallRules: [{6597003D-EF7A-41F6-8D3A-BFEDDB8CFA7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cognition\Launcher\Cognition Launcher.exe
FirewallRules: [{68D21EE3-7E75-4A3F-8F39-D34AD1FCBDC2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{33E8F346-274C-406E-90CB-E4C92C778235}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Agatha Christie The ABC Murders\The ABC Murders.exe
FirewallRules: [{47D606AB-BFAA-422C-BE67-B9A962408B99}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{ACDA4C80-87EA-4879-B6E7-06B8DC500923}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KentuckyRouteZero\KentuckyRouteZero.exe
FirewallRules: [{EB052552-3F58-4361-8F27-0C03B5E9139F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The39Steps\39steps.exe
FirewallRules: [{AAE273D7-1D1E-4F09-B28E-137993ACE4F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The39Steps\39steps.exe
FirewallRules: [{F6F59D59-7347-4884-8B73-0C46B41CFC07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Face Noir\Face Noir.exe
FirewallRules: [{0D5E8442-4693-49F6-BE42-619085DB80B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Face Noir\Face Noir.exe
FirewallRules: [{DB7BAD5C-2A64-482A-B4B7-9A1CD4623ECB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackwell Legacy\blackwell1.exe
FirewallRules: [{2AF9368B-40B1-46BF-A01C-4A064215FFB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blackwell Legacy\blackwell1.exe
FirewallRules: [{ACE59ABB-5F0E-42CF-BC1B-3A8D955604D8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Lost Crown\TheLostCrown.exe
FirewallRules: [{B2BE9263-B052-4A26-8E5D-1F014D2C5940}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Lost Crown\TheLostCrown.exe
FirewallRules: [{FD9BFD82-F4DD-45B4-A2A7-0904131B855E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Mirror\agds.exe
FirewallRules: [{EFF42A2C-A352-40CF-85A4-9AE09F68FFB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Mirror\agds.exe
FirewallRules: [{7C5FD22F-1BF7-4065-956C-F2F2411B5F40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anna\Anna.exe
FirewallRules: [{ABA0A5F0-B799-4D43-9643-17ADB83346A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Anna\Anna.exe
FirewallRules: [{0657F848-7366-4A0A-98AE-208049D0E765}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Half of Darkness - Society of the Serpent Moon\StartMenu.exe
FirewallRules: [{C2DDFDE8-C6EA-41CE-8F69-A0ACE7FE6C37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Last Half of Darkness - Society of the Serpent Moon\StartMenu.exe
FirewallRules: [{676B51F7-8025-4BE1-9B24-973AB981CBBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\goetia\Goetia.exe
FirewallRules: [{A2063539-D042-4DDA-BB55-71D50C7E47B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\goetia\Goetia.exe
FirewallRules: [{52AA189F-373B-4E87-A73F-65AFA33A847A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{E9606E9B-BEF6-4384-910C-726CD979A6C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{C1FE4C01-E6A0-4548-9707-86C8FC9E9611}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sinking Island\Sinking Island.exe
FirewallRules: [{A008CA2B-9BA8-48E6-99FB-7E3167B38263}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sinking Island\Sinking Island.exe
FirewallRules: [{13165925-36A1-4B0F-A2C7-64ABE61F799F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{1166C54E-CC3A-4EFE-941A-D9319E2674FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{03A59262-098D-4C9F-A125-7C17B7BA7A40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mistfal\mistfal.exe
FirewallRules: [{83611395-DF86-46F6-9E7E-8118691084AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mistfal\mistfal.exe
FirewallRules: [{E75C4B6E-A0EA-4AF4-8970-D4901E2E2CDB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{80697038-9698-4E7C-AF20-6A4980F75010}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{1BEDBEA6-08CF-46A1-AA69-B9A754FB56A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kraven Manor\Binaries\Win32\KravenManor.exe
FirewallRules: [{B690BB78-DF9A-4415-90E9-789BA4784CFB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kraven Manor\Binaries\Win32\KravenManor.exe
FirewallRules: [{33243D8F-B07A-4BA7-9AA2-AC2E1EDD05B4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{9936F4F8-48BA-44B4-956A-FA7E22C7C502}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Sails\bin\release\BlackSails.exe
FirewallRules: [{B005CBF9-9A84-4E75-A309-3CF3AE8F1E6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Secret\Dead Secret.exe
FirewallRules: [{E3488D19-08DD-4D8C-B067-A40F6DDCE621}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Secret\Dead Secret.exe
FirewallRules: [{09F3F026-B0B1-4F9D-8785-9D3FDD3180C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Secret\VR\Dead Secret_vive.exe
FirewallRules: [{D726B3B6-BC45-4E8D-9066-8218C6176A81}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dead Secret\VR\Dead Secret_vive.exe
FirewallRules: [{BC33BFE3-73F5-41BE-B342-9AA7D27C0760}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WhisperingWillows\WhisperingWillows.exe
FirewallRules: [{FDA55C5E-F10B-4874-B503-952CBD553076}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\WhisperingWillows\WhisperingWillows.exe
FirewallRules: [{0D82B447-3907-4459-99E6-7637A9853FA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Moon Sliver\The Moon Sliver.exe
FirewallRules: [{20C492BC-A004-4022-A9ED-34E8BE801612}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Moon Sliver\The Moon Sliver.exe
FirewallRules: [TCP Query User{C775FEC4-65D7-4DEA-B292-AEF23EAF42E3}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{FAC07C1C-16E6-45DC-97FF-D4BD27C7B80D}C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\outlast\binaries\win64\olgame.exe
FirewallRules: [{FE4C6F76-6A67-47E9-B3A7-D9F5921CB9E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Neighbours from [bleep]\bin\game.exe
FirewallRules: [{8E7FAE44-2736-4DA0-843A-4AE92C37AA63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Neighbours from [bleep]\bin\game.exe
FirewallRules: [{48FB0889-4B10-4494-802D-D7797A2740E5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{469D8C26-4507-4A43-BB88-1134CEF8B009}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{30EFA397-D088-4C0F-831C-25ABDB6F5E3E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{81E50BBF-22D5-4C39-AA1A-46786A9A7EAD}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{FA77A51A-3657-47E4-A01E-487C00C50272}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{4FC02020-F408-4B0C-A015-B0169566645B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{FA67D049-3F7E-44F2-A60D-E06F9C0D1B77}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{8FD61813-D319-4C03-8911-938EFCC67912}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{ABECFEF6-CABC-4E65-881A-88FC09B7FC54}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sherlock Holmes The Awakened - Remastered\game.exe
FirewallRules: [{DCFC83CF-C867-4FE9-8D66-2FDE6607B3C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sherlock Holmes The Awakened - Remastered\game.exe
FirewallRules: [{C69500A5-171F-46F0-A077-71C4687FB31B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downfall\Downfall.exe
FirewallRules: [{C505B1B2-F879-41D1-9BE5-4F11C9E55777}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downfall\Downfall.exe
FirewallRules: [{1B911651-B001-40F9-922B-83E6F93D0D37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downfall\downfall_2009\Downfall.exe
FirewallRules: [{74BF0353-AEB3-4599-8FB6-4401AC0F39D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downfall\downfall_2009\Downfall.exe
FirewallRules: [{D3D4F5B3-7094-4E33-B556-886B63BD1D19}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downfall\downfall_2009\winsetup.exe
FirewallRules: [{C7857CD8-4BB5-481C-909A-A78FC52772DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Downfall\downfall_2009\winsetup.exe
FirewallRules: [{F09CC8C1-BAC9-496B-8054-F40C77DF302C}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
FirewallRules: [{13730C61-7771-469D-A609-49FB9FCC7FCA}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
FirewallRules: [{FB2E28E0-92B6-4274-9E59-B2377F034536}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex DLNA Server.exe
FirewallRules: [{6E9D6B57-701D-4AC9-864E-88D56622BFAE}] => (Allow) C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe
FirewallRules: [{CA8322AF-01DE-4C8E-9903-FE8D7EDAB152}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{8739D746-E224-4DDA-ADD3-BE65E7584244}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Raven\launcher\TheRavenLauncher.exe
FirewallRules: [{12CB3202-CCD2-4B09-BDFF-AEDD1F6E3EB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silence of the Sleep\sots.exe
FirewallRules: [{0B8F93E9-386D-4BE8-8570-2711293FD921}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Silence of the Sleep\sots.exe
FirewallRules: [{CE2E9B90-CAA3-4271-9967-A1CFBE4C0720}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DISTRAINT\distraint.exe
FirewallRules: [{E078EECA-4EA2-44B2-AFA2-204943C43591}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DISTRAINT\distraint.exe
FirewallRules: [{76B7240D-F32B-4CAC-8256-FBDB886AE228}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E5C73F76-1D30-4539-84FB-5818C6722213}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{2E55AAB1-04CC-4CDD-8EFB-6D084DE43744}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa_setup.exe
FirewallRules: [{82C60CD6-FB02-4A2E-8EB6-0123BC381AA1}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{DB87C685-DCC1-4894-AFA2-9BBA462F4B10}] => (Allow) C:\Program Files (x86)\Origin Games\Medal of Honor Pacific Assault\mohpa.exe
FirewallRules: [{AAC61AAD-A461-4D94-886C-380E18585F27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jotun\Jotun.exe
FirewallRules: [{6D82FC0D-636A-43D4-A5E2-87F6EF94496E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jotun\Jotun.exe
FirewallRules: [{7D38CC25-1086-4F8A-9151-631CB3F058ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disturbed\Disturbed.exe
FirewallRules: [{CA8432EE-6A48-4A57-ACEF-AF331A2B36FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disturbed\Disturbed.exe
FirewallRules: [{4B1D6966-ACF4-4E42-A484-3A403ED46354}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe
FirewallRules: [{55AC18B9-6BEA-432D-B41E-A676851B806E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Minecraft Story Mode - A Telltale Game Series\MinecraftStoryMode.exe
FirewallRules: [{66F5071A-09C2-4AC0-9F73-173F4246C236}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{434A0541-FBC6-4BF3-800A-42DF9B1F44E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{6CFEF41E-88A8-40A0-8509-74045C731D22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{71EC8200-86BD-461F-80C7-4617D6DB7F9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{0669E061-D837-4DDE-877C-61CD7258FAD1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{9EFB78B3-F9BB-4261-B3F7-158391BA4B39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales from the Borderlands\Borderlands.exe
FirewallRules: [{E2E1563E-4599-448D-B352-4C2D0DFDF868}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{520D1216-40E6-4A7E-B621-2F66DF345FAD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{5C022D0E-D179-4C0D-82A5-FA1DE7D4C2D3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Michonne\WalkingDeadMichonne.exe
FirewallRules: [{C440722A-546A-42A2-84FD-74BCD9A4F4DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead Michonne\WalkingDeadMichonne.exe
FirewallRules: [{B47E7CC4-2515-4BB4-A9E4-DA447BC2C74C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Episode 1\Hector101.exe
FirewallRules: [{46AEBE6B-DF5D-4FD6-A37B-AD30C1DA5381}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Episode 1\Hector101.exe
FirewallRules: [{23B1ECF7-2F30-4C3B-BFB1-8B1273C5F484}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Ep 2\Hector102.exe
FirewallRules: [{4664E51D-8269-4718-A966-1ADAD77E33AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Ep 2\Hector102.exe
FirewallRules: [{2D17DBB0-1B19-46AD-8316-6585473E91B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Ep 3\Hector103.exe
FirewallRules: [{B2307518-6C7F-4A68-9DBE-86C6A5C48F5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hector Ep 3\Hector103.exe
FirewallRules: [{6517466D-4A1F-4A96-A5AC-9392A3102604}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe
FirewallRules: [{DB80938A-C910-4FA0-B8C4-17091A856B77}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe
FirewallRules: [TCP Query User{C8E4E0A0-D259-46ED-8E2C-9B779785041E}C:\program files (x86)\steam\steamapps\common\innervoices\purgatory_4_14\binaries\win64\purgatory_4_14-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\innervoices\purgatory_4_14\binaries\win64\purgatory_4_14-win64-shipping.exe
FirewallRules: [UDP Query User{0CB63FB8-097A-4C05-9F79-E94256B3C184}C:\program files (x86)\steam\steamapps\common\innervoices\purgatory_4_14\binaries\win64\purgatory_4_14-win64-shipping.exe] => (Block) C:\program files (x86)\steam\steamapps\common\innervoices\purgatory_4_14\binaries\win64\purgatory_4_14-win64-shipping.exe
FirewallRules: [{038EA33D-DC43-45D5-A490-DA2A1104760C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stories Untold Demo\Stories Untold Demo.exe
FirewallRules: [{6E51D7C5-612E-401F-9BBB-0D1020AE9BEE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stories Untold Demo\Stories Untold Demo.exe
FirewallRules: [{665651E6-AC6B-4FC0-964D-5585BB063947}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mystery of the Druids\edd.exe
FirewallRules: [{43411DC2-C046-41E0-9348-8004F41C26B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Mystery of the Druids\edd.exe
FirewallRules: [{E981E3E9-0101-43D1-8592-75CA984EFB26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Bay Asylum\Launcher.exe
FirewallRules: [{DEBA9911-4955-477C-87C1-64A642E716B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Bay Asylum\Launcher.exe
FirewallRules: [{81F73B27-9241-4785-BA2C-2C8AB47DC29E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CAYNE\cayne.exe
FirewallRules: [{67008CD6-BFE4-4C5D-B353-601E313ABD7E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CAYNE\cayne.exe
FirewallRules: [{28879CC3-AB59-4A3A-B3FB-C8E563CF32D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Belladonna\Belladonna.exe
FirewallRules: [{5FE773B8-7ABD-4CB2-B497-193ED4EF9840}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Belladonna\Belladonna.exe
FirewallRules: [{BF260499-96E4-4485-B340-50EE8EFE82C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheMonsterInside\The Monster Inside.exe
FirewallRules: [{B97DF6F7-0EE3-4D9A-81B8-4D8191C34693}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheMonsterInside\The Monster Inside.exe
FirewallRules: [{1A30C95E-35B7-4674-8858-11F8066330C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{5D52F373-7B02-49A5-8919-DCB579D64DF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
FirewallRules: [{19491740-844A-4654-A606-D24AC88C7B3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DepressionQuest\DepressionQuest.exe
FirewallRules: [{64C85AB2-CAB2-4CC6-A8D2-99A96E702D6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DepressionQuest\DepressionQuest.exe
FirewallRules: [{52B23175-19F8-4C6C-BE97-DE0243078DE5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Detective Butler Maiden Voyage Murder\DetectiveButler.exe
FirewallRules: [{B8D70F94-F2DE-4537-B698-902ABC294BC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Detective Butler Maiden Voyage Murder\DetectiveButler.exe
FirewallRules: [{D669A77E-1A01-4933-8A55-9C884CC4DE3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadly Premonition The Director's Cut\DPLauncher.exe
FirewallRules: [{E62DD5F1-7B17-41F0-BDC4-FD94303051A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deadly Premonition The Director's Cut\DPLauncher.exe
FirewallRules: [{D0D0A8D7-6773-427C-84D5-5B9A846E4476}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Decay - The Mare\Decay - The Mare.exe
FirewallRules: [{BF8545BF-95B8-44E4-B457-63D537D3C78D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Decay - The Mare\Decay - The Mare.exe
FirewallRules: [{81E2468A-79B9-4AC7-87C0-2D65A022989A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yesterday\Yesterday.exe
FirewallRules: [{BF62B33A-C48B-42A5-90DA-E5564DCBD701}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yesterday\Yesterday.exe
FirewallRules: [{A498F340-17D7-463D-95F8-3C208089385F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yesterday\PSConfig.exe
FirewallRules: [{65D7A0E7-A231-4EF1-B887-AF271891E1A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Yesterday\PSConfig.exe
FirewallRules: [{BF6CB7F0-0523-45D1-BAEC-35AAA464AC13}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nikopol\Nikopol.exe
FirewallRules: [{61409F34-E114-4436-B2F9-E561084AB141}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Nikopol\Nikopol.exe
FirewallRules: [{DAF5860A-0C43-4A61-88D7-E80DF309FF00}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sam and Max Episode 1\sammax101.exe
FirewallRules: [{07CF7354-CEC5-489B-A12E-3386D866C8E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sam and Max Episode 1\sammax101.exe
FirewallRules: [{1B7730F2-9355-4C26-B67A-CD72EA9B0EA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House of Caravan\hoc.exe
FirewallRules: [{4DEE12BF-54D8-4B47-B584-320D71039870}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\House of Caravan\hoc.exe
FirewallRules: [{F437C986-CB94-42F7-B4C9-3073A5F23626}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Harvester\dosbox_windows\dosbox.exe
FirewallRules: [{B997EB76-2509-4FF7-BD82-505F137927B6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Harvester\dosbox_windows\dosbox.exe
FirewallRules: [{2F11B5D1-F8B4-45B5-BF58-8FABBBD3A97C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Harvester\dosbox_windows\daum\dosbox.exe
FirewallRules: [{710E7175-A1C2-4442-B0F3-42F37A1FC11F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Harvester\dosbox_windows\daum\dosbox.exe
FirewallRules: [{BFBC9EE0-6DB4-4F75-B478-D25293222FA1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Moebius Empire Rising\Moebius.exe
FirewallRules: [{89258BF6-CE94-4FDA-9AAE-ACEDA6796D0C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Moebius Empire Rising\Moebius.exe
FirewallRules: [{96DF6262-EB90-45F4-9A45-73717AFCC3E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [{00CB6373-BFE8-4512-88F4-4D6E3BE37C63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\KHOLAT\Kholat.exe
FirewallRules: [TCP Query User{ADC15D11-859A-4D74-9C41-59760BD57382}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe
FirewallRules: [UDP Query User{51DD9F6B-924B-4363-A4A5-2E8EC3471182}C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\kholat\kholat\binaries\win64\kholat-win64-shipping.exe
FirewallRules: [{C0340A6B-AEAF-4C7C-B07F-3172BBC9C17A}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{D7DE8C65-856D-4F2C-8DEC-0A973FA798D4}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{A819E5D2-10B8-49E5-BC26-C52F946D37DE}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{F872C00C-2E75-4D9A-8D86-144087ACED6D}] => (Allow) C:\Program Files (x86)\GOG Galaxy\Games\1954 Alcatraz\Alcatraz.exe
FirewallRules: [{F3CD34DC-73F4-4377-8EB1-42F6CFDC5CEA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{DFD032C0-2199-4277-B371-358E353CB1D0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Murdered Soul Suspect\Binaries\Win64\Murdered.exe
FirewallRules: [{2A8E96FD-7F2C-42E0-991C-C82F66DB8E1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pain Train\paintrain.exe
FirewallRules: [{024753FE-968D-4F20-B6EC-BB72C5E0424B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pain Train\paintrain.exe
FirewallRules: [{A611878C-1F84-442E-A5FF-CC826122B5E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Approaching Blocks\ab.exe
FirewallRules: [{FE7B8AA7-D366-41F0-BF5F-2F6D19544708}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Approaching Blocks\ab.exe
FirewallRules: [{F1EE0637-F331-4608-970E-32AC984BB4DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Moment of Silence\mos.exe
FirewallRules: [{C9D0B04A-290C-41FF-8FF7-E9EEFE845DF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Moment of Silence\mos.exe
==================== Restore Points =========================
19-08-2017 19:47:51 Installed DirectX
19-08-2017 23:16:26 Installed DirectX
15-09-2017 07:51:55 Installed DirectX
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/16/2017 04:21:08 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/14/2017 03:28:22 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/13/2017 08:27:15 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/11/2017 11:23:57 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/10/2017 07:32:41 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/09/2017 07:48:39 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/08/2017 03:49:47 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/07/2017 06:41:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/03/2017 10:00:52 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (09/02/2017 03:29:51 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files (x86)\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
System errors:
=============
Error: (09/17/2017 01:06:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (09/15/2017 06:24:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (09/08/2017 10:00:59 AM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
Error: (09/07/2017 08:36:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/07/2017 08:36:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (09/07/2017 07:38:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (09/07/2017 07:38:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).
Error: (09/07/2017 07:38:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
Error: (09/07/2017 06:30:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
VBoxNetAdp
Error: (09/07/2017 06:30:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===================================
Date: 2017-05-03 13:10:46.254
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-03 13:10:46.223
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-07 21:01:41.891
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-07 21:01:41.891
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-07 20:07:30.552
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-07 20:07:30.552
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-07 19:26:35.549
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-07 19:26:35.534
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-07 18:48:19.814
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-04-07 18:48:19.814
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Phenom II X4 840T Processor
Percentage of memory in use: 18%
Total physical RAM: 5885.22 MB
Available physical RAM: 4791.38 MB
Total Virtual: 11768.63 MB
Available Virtual: 10179.39 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.16 GB) (Free:599.25 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:13.25 GB) (Free:1.62 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 68B067D0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Looking over this, I do not remember using ComboFix without uninstalling afterwards. I did some things in the past few months, here and there, trying to find the problem, but I can't. I'm sure you will first instruct me to remove it. Thanks again!
Dee