ADDITIONAL Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01 Ran by Joe (2015-08-06 11:08:05) Running from C:\Users\Joe\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3837459171-1846615129-2385062822-500 - Administrator - Disabled) ASPNET (S-1-5-21-3837459171-1846615129-2385062822-1002 - Limited - Enabled) Guest (S-1-5-21-3837459171-1846615129-2385062822-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3837459171-1846615129-2385062822-1004 - Limited - Enabled) Joe (S-1-5-21-3837459171-1846615129-2385062822-1000 - Administrator - Enabled) => C:\Users\Joe ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated) Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.159 - Adobe Systems, Inc.) Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology) Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology) ASRock App Charger v1.0.5 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.) ASRock eXtreme Tuner v0.1.257 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version: - ) ASRock InstantBoot v1.29 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: - ) ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.) BeamNG.drive (HKLM-x32\...\Steam App 284160) (Version: - BeamNG) BeamNG.drive (HKU\S-1-5-21-3837459171-1846615129-2385062822-1000\...\BeamNG.drive) (Version: 0.3.4.0 - beamng.com) Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 14.8.5.1 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version: - ) Command & Conquer™ The Ultimate Collection Additional Content (HKLM-x32\...\{1A882F29-BC18-4AC2-A71E-0FC30FA32568}) (Version: 1.0.0.0 - Electronic Arts) Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Content Manager Assistant for PlayStation® (HKLM-x32\...\{E6EB4571-5ADB-4557-8F95-0E0EF5D0F833}) (Version: 3.30.7824.86 - Sony Computer Entertainment Inc.) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Cryostasis (Remove Only) (HKLM-x32\...\{97A8C4B4-2B50-42D1-AFE6-5E8433185436}_is1) (Version: 1.01 - 1C Company) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit) Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation) EPSON Manuals (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.32.0.0 - SEIKO EPSON CORPORATION) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-412 413 415 Series Printer Uninstall (HKLM\...\EPSON XP-412 413 415 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION) EVGA PrecisionX 16 (HKLM-x32\...\{DE94ADEE-7417-4180-822F-297F9EB9FA57}) (Version: 5.2.9 - EVGA Corporation) Fraps (HKLM-x32\...\Fraps) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.130 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North) herdProtect Anti-Malware Scanner (HKLM-x32\...\herdProtectScan) (Version: 1.0 - Reason Company Software Inc.) iExplorer 3.4.0.1 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version: - Macroplant LLC) Insurgency (HKLM-x32\...\Steam App 222880) (Version: - New World Interactive) Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel® Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation) Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation) Intel® Smart Connect Technology 2.0 x64 (HKLM\...\{D1B033E8-A077-4B0D-9831-5798E19E861E}) (Version: 2.0.1083.0 - Intel) Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.0.4.25 - IObit) Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217060FF}) (Version: 7.0.600 - Oracle) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) JFK Reloaded 1.1 (HKLM-x32\...\JFK Reloaded) (Version: 1.1 - JFK Reloaded) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.222 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.222 - LogMeIn, Inc.) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Men of War: Vietnam (HKLM-x32\...\Steam App 63940) (Version: - 1C Company) Mercenaries 2: World in Flames (HKLM-x32\...\{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}) (Version: 2.0.1.0 - Electronic Arts) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 40.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 40.0 (x86 en-GB)) (Version: 40.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.0.5694 - Mozilla) MyEpson Portal (HKLM-x32\...\MyEpson Portal) (Version: - SEIKO EPSON Corporation) MyEpson Portal (x32 Version: 1.1.1.0 - SEIKO EPSON CORPORATION) Hidden NAZI_ZOMBIE_ELFENLIED ZM RELEASE (HKLM-x32\...\{D286E209-F5E2-419A-90CD-90C29CC09224}) (Version: 1.2 - APEX) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team) NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Graphics Driver 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.0 (HKLM-x32\...\{28B88897-774A-4005-BBFF-663B1F8EAA5A}) (Version: 4.10.9764 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.) paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.0.89.0 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26599 - Razer Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6875 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games) ROTR Beta 1.85 (HKU\S-1-5-21-3837459171-1846615129-2385062822-1000\...\ROTR Beta 1.85) (Version: - ) ROTR Map Pack V2.0 (HKU\S-1-5-21-3837459171-1846615129-2385062822-1000\...\ROTR Map Pack V2.0) (Version: - ) S.T.A.L.K.E.R.: Lost Alpha version 1.3003 (HKLM-x32\...\S.T.A.L.K.E.R.: Lost Alpha_is1) (Version: 1.3003 - dezowave) Sharepod 4.0.1.2 (HKLM-x32\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version: - Macroplant LLC) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden ShockWave 1.1 (HKU\S-1-5-21-3837459171-1846615129-2385062822-1000\...\ShockWave 1.1) (Version: - ) Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) Software Updater (HKLM-x32\...\{E1BAD1BA-C0E8-4018-9281-E7D2C6B07474}) (Version: 4.3.6 - SEIKO EPSON CORPORATION) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-3837459171-1846615129-2385062822-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version: - Redlynx Ltd) Unity Web Player (HKU\S-1-5-21-3837459171-1846615129-2385062822-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft) WhoCrashed 5.03 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH) Wroom (HKLM-x32\...\{10ACE46A-A5FE-4A3B-A2B6-57CF50386962}) (Version: 1.17 - Jonas Johansson & David Rothelius) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3837459171-1846615129-2385062822-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) ==================== Restore Points ========================= 22-06-2015 18:35:21 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 22-06-2015 18:42:18 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 22-06-2015 18:43:19 Installed DirectX 23-06-2015 16:45:22 Removed Microsoft Silverlight 23-06-2015 22:47:36 Windows Update 27-06-2015 18:22:49 Driver Booster : Adobe AIR 27-06-2015 19:41:35 Installed DirectX 02-07-2015 16:56:36 Installed Microsoft XNA Framework Redistributable 4.0 06-07-2015 21:05:38 Removed GameSpy Comrade. 06-07-2015 21:08:58 Removed GameSpy Comrade. 19-07-2015 20:24:25 Removed COMODO Firewall 20-07-2015 13:06:50 Installed Awesomium Redistributable. 27-07-2015 15:09:31 Scheduled Checkpoint 30-07-2015 16:42:19 Installed DirectX 04-08-2015 17:32:39 Installed DirectX 05-08-2015 13:42:13 Driver Booster : Adobe AIR 05-08-2015 14:19:01 Windows Update 05-08-2015 14:35:02 Windows Update 05-08-2015 14:45:12 Removed Skype™ 7.6 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {32F329B5-2792-487E-9767-D246AC6739E7} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {3BE8DBC2-D060-49A5-A84B-6569B6859C8A} - System32\Tasks\Driver Booster Update => E:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe Task: {3C676F70-7C95-4065-AE1F-42F1CA4E0317} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated) Task: {5E55DE85-CA74-4590-8217-51DBD679D933} - System32\Tasks\Hybrid2 => C:\Trial\IR7\IR7.vbs [2015-03-27] () Task: {6B68029A-FAC2-4574-A360-58527FE7FA19} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2015-07-06] (Piriform Ltd) Task: {6D5E6AB3-DD82-4AA4-B5F9-845A519E0279} - System32\Tasks\Uninstaller_SkipUac_Joe => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-10-18] (IObit) Task: {8625CB7B-6E17-45C0-91B6-EF458DF903E4} - System32\Tasks\Hybrid4 => taskkill Task: {8C2BDE3D-7129-4937-9218-E014B614FE86} - System32\Tasks\Driver Booster Scan => E:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-04] (IObit) Task: {8EFC9F4D-F07C-482E-8494-296B451B7B4D} - System32\Tasks\EPSON XP-412 413 415 Series Update {FE39138C-DBA1-41F2-B9E5-FF4EFAA8EA99} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {8F59D12C-2D84-49BC-9A5D-89F1B91262EC} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {0E08FE94-39D6-4C25-87BD-6A17D20573C8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {9090D408-9A00-4024-9EB1-AFCD19F3F7BE} - System32\Tasks\{395D5DA6-80DB-43BB-AF1E-BE7C3995B5D1} => Firefox.exe http://ui.skype.com/ui/0/6.21.0.104/en/abandoninstall?page=tsProgressBar Task: {94F33489-3DF9-47A5-B280-558B17A3A92C} - System32\Tasks\EPSON XP-412 413 415 Series Update {0E08FE94-39D6-4C25-87BD-6A17D20573C8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {AEBA028D-AFB2-4011-BD5E-8161282820D2} - System32\Tasks\Driver Booster SkipUAC (Joe) => E:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit) Task: {B41EA365-CD6B-4DE8-9380-15D14E082FC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-20] (Google Inc.) Task: {BD76DCC4-27CA-4DDE-B087-34AB134BDCE5} - System32\Tasks\EPSON XP-412 413 415 Series Invitation {FE39138C-DBA1-41F2-B9E5-FF4EFAA8EA99} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {C92A4506-932E-4F92-9227-AA922FEAB8DB} - System32\Tasks\{361CBB2B-BE6E-40DF-8768-9615D75D13C9} => Firefox.exe http://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?page=tsMain Task: {DC683105-7245-4446-8A85-0527E1BFDAC8} - System32\Tasks\EVGAPrecision => E:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe Task: {E16D4056-E4D0-4A97-9B51-779E526DB44D} - System32\Tasks\herdProtectScan => C:\Program Files\Reason\herdProtect\Scanner\herdProtectScan.exe [2014-08-12] (Reason Software Company Inc.) Task: {E38F7D20-D8F5-4746-B0A1-06EE8CA1C1DB} - System32\Tasks\IR7 => cmd.exe /c cscript.exe /b C:\Windows\System32\slmgr.vbs /rearm && net stop sppsvc && net start sppsvc Task: {E3F06706-D016-4D5D-979A-95DA19FEC66F} - System32\Tasks\Hybrid3 => taskkill Task: {E7C08368-F8EF-4654-BCE5-6DDD9B136E72} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {ECFB9B80-A6C4-41DD-875B-BC66B5C17355} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation) Task: {FC07DE93-BF10-4958-A848-82ECB384AEE4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-20] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {0E08FE94-39D6-4C25-87BD-6A17D20573C8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Invitation {FE39138C-DBA1-41F2-B9E5-FF4EFAA8EA99}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {0E08FE94-39D6-4C25-87BD-6A17D20573C8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{0E08FE94-39D6-4C25-87BD-6A17D20573C8} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\EPSON XP-412 413 415 Series Update {FE39138C-DBA1-41F2-B9E5-FF4EFAA8EA99}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLEE.EXE:/EXE:{FE39138C-DBA1-41F2-B9E5-FF4EFAA8EA99} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe ==================== Loaded Modules (Whitelisted) ============== 2015-06-20 01:03 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll 2015-06-20 01:03 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll 2014-07-12 14:12 - 2015-07-23 02:31 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-06-07 14:46 - 2014-08-21 16:27 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2015-04-09 12:20 - 2015-07-24 05:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-05-20 03:29 - 2015-05-20 03:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2013-03-12 18:10 - 2015-07-03 17:12 - 00778240 _____ () D:\Program Files (x86)\Steam\SDL2.dll 2014-12-03 23:11 - 2015-07-03 17:12 - 04962816 _____ () D:\Program Files (x86)\Steam\v8.dll 2014-12-03 23:11 - 2015-07-03 22:58 - 01556992 _____ () D:\Program Files (x86)\Steam\icui18n.dll 2014-12-03 23:11 - 2015-07-03 22:58 - 01187840 _____ () D:\Program Files (x86)\Steam\icuuc.dll 2014-05-22 15:10 - 2015-07-31 19:17 - 02413248 _____ () D:\Program Files (x86)\Steam\video.dll 2014-08-28 23:10 - 2014-12-01 22:31 - 02396672 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-28 23:10 - 2014-12-01 22:31 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-28 23:10 - 2014-12-01 22:31 - 00479744 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-28 23:10 - 2014-12-01 22:31 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-28 23:10 - 2014-12-01 22:31 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll 2009-02-18 05:15 - 2015-07-31 19:17 - 00704192 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-07-06 22:32 - 2015-07-27 02:13 - 00171008 _____ () D:\Program Files (x86)\Steam\bin\openvr_api.dll 2009-02-18 05:15 - 2015-07-03 22:58 - 39553928 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll 2014-06-07 13:06 - 2012-02-21 12:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\E_GCINST.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\E_ID4BLEE.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvdispco6435330.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvdispgenco6435330.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvhdagenco6420103.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\nvhdap64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\OpenAL32.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\rdpendp_winip.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\wrap_oal.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\certcli.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerInstaller.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerInstaller.exe:BDU AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\OpenAL32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\rdpendp_winip.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID AlternateDataStreams: C:\Windows\SysWOW64\wrap_oal.dll:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\asstor64.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\avchv.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\nvhda64v.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\terminpt.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbGD.sys:$CmdTcID AlternateDataStreams: C:\Windows\system32\Drivers\usbscan.sys:$CmdTcID AlternateDataStreams: C:\Users\Joe\Desktop\10734128_1578628735699015_3953990741245622532_n.jpg:$CmdZnID AlternateDataStreams: C:\Users\Joe\Desktop\11716034_801135196670040_943994531_n.jpg:$CmdZnID AlternateDataStreams: C:\Users\Joe\Desktop\FRST64.exe:BDU AlternateDataStreams: C:\Users\Joe\Desktop\traffic_offences.pdf:$CmdZnID AlternateDataStreams: C:\Users\Joe\Desktop\UGX Map Manager 1.4.3.exe:BDU ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3837459171-1846615129-2385062822-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: EpsonScanSvc => 2 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: Intel® ME Service => 2 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: ISCTAgent => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: MyEpson Portal Service => 2 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: Razer Game Scanner Service => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Content Manager Assistant for PlayStation®.lnk => C:\Windows\pss\Content Manager Assistant for PlayStation®.lnk.CommonStartup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CCleaner Monitoring => "E:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: EADM => "E:\Program Files (x86)\Origin\Origin.exe" -AutoStart MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: Lightshot => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe MSCONFIG\startupreg: LogMeIn Hamachi Ui => "E:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start MSCONFIG\startupreg: QuickTime Task => "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{BDB2DA72-F6D3-4B51-A7BE-D78097BBC70A}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{2FB65148-3E3D-4C46-8AB6-F25A594675A1}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{3825A95D-FA45-4BE4-A62F-49B5C446C7A2}D:\program files (x86)\steam\steamapps\common\call of duty world at war\codwaw.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\call of duty world at war\codwaw.exe FirewallRules: [uDP Query User{D25DB51B-B2C0-4C69-94D4-3EB0F1D712A9}D:\program files (x86)\steam\steamapps\common\call of duty world at war\codwaw.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\call of duty world at war\codwaw.exe FirewallRules: [TCP Query User{4A56FEA5-C0DB-4A7E-8CA9-33EEAECFE172}D:\program files (x86)\steam\steamapps\gillhajr01\garrysmod\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\gillhajr01\garrysmod\hl2.exe FirewallRules: [uDP Query User{FE77112A-476B-4BAF-B5AC-F62C9893A61E}D:\program files (x86)\steam\steamapps\gillhajr01\garrysmod\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\gillhajr01\garrysmod\hl2.exe FirewallRules: [TCP Query User{52DE8169-F7D2-4C4E-81BF-BC6FAB2F2BD9}D:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe FirewallRules: [uDP Query User{9A4C0C6A-07AC-4CA9-A75A-0191C17B99A7}D:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe FirewallRules: [{990E3A7B-5442-4EAF-829E-1E55E4E339BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe FirewallRules: [{0FEC90E6-EC01-4AED-A18C-71635618B77D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Launcher.exe FirewallRules: [TCP Query User{B9D6D3AA-5D77-45B9-A1CE-66165F35E5C6}E:\program files (x86)\scary\slendytubbies\slendytubbies v2 beta 64bit\slendytubbies v2 beta 64bit.exe] => (Allow) E:\program files (x86)\scary\slendytubbies\slendytubbies v2 beta 64bit\slendytubbies v2 beta 64bit.exe FirewallRules: [uDP Query User{76ECC6C5-A2BF-407F-9906-9E0A03271F0E}E:\program files (x86)\scary\slendytubbies\slendytubbies v2 beta 64bit\slendytubbies v2 beta 64bit.exe] => (Allow) E:\program files (x86)\scary\slendytubbies\slendytubbies v2 beta 64bit\slendytubbies v2 beta 64bit.exe FirewallRules: [{6D339973-DFA7-4184-ACD3-9D4015B4A0FA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MX vs ATV Reflex\MXReflex.exe FirewallRules: [{5C7DB3AC-1139-4993-90FC-8A8F1D49DB1F}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MX vs ATV Reflex\MXReflex.exe FirewallRules: [{E5E0AC69-F888-4DE0-BDD5-B506CB5AD722}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MX vs ATV Reflex\MXSettings.exe FirewallRules: [{0B3AB453-52D9-4014-AB79-DF7B3204F647}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\MX vs ATV Reflex\MXSettings.exe FirewallRules: [{3C8E726E-E134-4BAB-BD27-D0666807615C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe FirewallRules: [{F6FAA948-A8E7-428D-A835-5DD9BC9BA42C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Half-Life 2\hl2.exe FirewallRules: [{4C841190-2991-4AF8-BC3F-64BC2D8A5840}] => (Allow) E:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe FirewallRules: [{49805620-1CE0-408F-9570-F8B2A60343E4}] => (Allow) E:\Program Files (x86)\Origin Games\Command and Conquer The Ultimate Collection Additional Content\Launcher.exe FirewallRules: [{455267BB-E860-4ED0-8922-6B385CAE6CC6}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B649FA5F-8214-4541-AE46-6ECCA335064A}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{E2E687B6-ED02-42E2-A309-C60F84E1AEFF}D:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe FirewallRules: [uDP Query User{47D33F1A-E270-4382-BA5B-0EF444E8C174}D:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\call of duty world at war\codwawmp.exe FirewallRules: [{17C22E54-DD45-4CAC-84E7-2078C488F805}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe FirewallRules: [{BDC21C82-21DB-46FC-86BA-082DB7768237}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\aceofspades\aos.exe FirewallRules: [{5ABD6BD2-0491-4983-8F76-FE2EDE000355}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe FirewallRules: [{F0925543-9879-4970-9E81-F0D988A01DBB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\BeamNG.drive\BeamNG.drive.exe FirewallRules: [{E36352D1-8590-4C24-9034-E63CED333EBA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{7C1D5370-0192-4588-A5F8-9E9CC4C5F8F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{EA5BF2AA-AB03-4218-9A79-765BBDCF79AE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{F65320FB-C369-44CE-BC94-54AEDB5FC1B3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{6583ABCE-0F13-47EB-B19C-903D0161ED9A}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe FirewallRules: [uDP Query User{175220E0-A274-4411-A58A-C44B4B35A9CE}D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe FirewallRules: [{8AA33A55-2EBE-41DC-BBC9-476D53D51988}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{881497B0-E919-4520-8081-73D3C3DF67EE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{12166473-3E2B-4B55-B1A3-3042305BF434}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{20F1101A-2063-46EE-AC7F-B3D91357B32C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3683F00B-31EC-4447-899E-A5EFA0310B69}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{E0BFC9BE-4967-49EC-8D5F-BE0468AED2BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{4723A826-DA66-4EE3-9ABD-00E3A26D60F6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe FirewallRules: [{0DC159D7-25AF-4699-930A-C66BF6A8980E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\duke3d.exe FirewallRules: [{793BF419-B3FA-46EE-92CE-BCF81B7472B0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe FirewallRules: [{932C6F50-341D-4924-B136-DEFD46CBBC86}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\build.exe FirewallRules: [{E8613D74-D739-466B-805A-71998418EE65}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\terraria\Terraria.exe FirewallRules: [{0A503C07-03B1-4924-A560-EA13A9FDE511}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\terraria\Terraria.exe FirewallRules: [{D8450E37-0FC3-41B6-86CF-FEB099DA1A75}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Amnesia.exe FirewallRules: [{E8081895-0D08-42E8-8421-24602B684BF9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\amnesia the dark descent\Amnesia.exe FirewallRules: [{D4D25F3B-ADF6-48DD-9ACD-7CE7341A9A3C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{18D0BD28-E315-430D-AE1A-5BDE2B255F62}] => (Allow) LPort=2869 FirewallRules: [{999D04BC-F1D2-43F1-B631-47AEA09AB9C1}] => (Allow) LPort=1900 FirewallRules: [{AC66984A-87A9-468E-8C62-CE4A55E71E13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{EAA7FF96-947F-4CB7-8616-C02A25F5BEA4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{91859857-27FE-4EE8-8587-CA8935DF9B1E}D:\program files (x86)\steam\steamapps\common\beamng.drive\bin32\beamng.drive.x86.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\beamng.drive\bin32\beamng.drive.x86.exe FirewallRules: [uDP Query User{E0D8F78C-61CA-4915-B09E-42E11712BF8B}D:\program files (x86)\steam\steamapps\common\beamng.drive\bin32\beamng.drive.x86.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\beamng.drive\bin32\beamng.drive.x86.exe FirewallRules: [{7D08CB5E-1308-4195-9115-9660BCB97492}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{FC514B8C-067D-49E7-B148-BE4C644E793D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{0578C52C-0A01-49F4-817A-4A3F9D08A46B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{BC81C5F6-8222-4AE9-81B4-716A09E18598}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{A8DF5A36-B6BB-4652-913C-55BA16220240}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [uDP Query User{EF0DD080-8D37-4C1A-B5E0-AF961177A9CD}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{095686B0-A1BE-4CAE-9993-BFF6F0670067}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [uDP Query User{68ABF441-2AD3-4DC7-8A02-78783AE3AFED}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [TCP Query User{231EF34C-95D4-4B44-895C-0615A99EA2AF}E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [uDP Query User{98AAA026-3343-4747-A452-8C784699BA63}E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) E:\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{F4BB775C-6F48-4FBA-9D14-65B6BD773043}C:\users\joe\desktop\minecrap\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\joe\desktop\minecrap\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [uDP Query User{877396D3-23BE-424C-B015-B414A7147BE6}C:\users\joe\desktop\minecrap\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\joe\desktop\minecrap\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{A3278E3D-F287-4201-900D-C551F127CC34}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe FirewallRules: [{BEF549AA-05BC-44AE-B103-352D231D4894}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\the binding of isaac\Isaac.exe FirewallRules: [{596BFA4D-6950-4DF8-9C6A-A348481590CD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe FirewallRules: [{5B445E59-13DF-4652-BEAA-2AB6BCA55DCA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Duke Nukem 3D\bin\dosbox\dosbox.exe FirewallRules: [TCP Query User{602BCA89-7109-443D-8DCE-2078A27D91BF}D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe FirewallRules: [uDP Query User{F7DE17DC-7AA5-425C-AAFB-56F79C627382}D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\beamng.drive\bin64\beamng.drive.x64.exe FirewallRules: [{689949C5-0ED0-48CB-B343-D6E799F5625E}] => (Allow) E:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe FirewallRules: [{16ABF072-014D-4990-9D9A-8A296685ACB0}] => (Allow) E:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe FirewallRules: [{5B8AE7A4-1EFA-4130-A8ED-449F31586920}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{50D0E744-79F3-40E6-B95D-5FFFCAA5BFE2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe FirewallRules: [{CEB9ACA2-5246-4EE9-B5DC-433145EC391B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B6492879-93AA-4653-831B-10BECABB4D0E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{489507AE-C8E0-4C59-AD75-A4DE2AE160B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{987D906A-0C2D-477F-BDB5-69CE7E579A03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{4C905DB4-ED09-4D4E-AFDC-231A63CEF0E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{649593B1-54D5-4F9C-A102-C272544BF481}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{496F0CDE-1DBD-4654-9F9B-40942907B9EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{96A1F0CF-F66D-4A44-8631-5B63FFA15ED0}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Men of War - Vietnam\Vietnam.exe FirewallRules: [{2906DED6-525B-43BE-BB36-3C9C0FB13E8C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Men of War - Vietnam\Vietnam.exe FirewallRules: [{79FF6EA8-0A58-4403-87A4-022DACF89E69}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Men of War - Vietnam\Vietnam Editor.exe FirewallRules: [{CB88D150-7C1D-4D84-A2EF-976E6EF11904}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Men of War - Vietnam\Vietnam Editor.exe FirewallRules: [{10C14163-A78F-4202-AAA6-E10829C1F5CF}] => (Allow) C:\Users\Joe\Desktop\UGX Map Manager 1.4.3.exe FirewallRules: [{CA834E8A-E39F-41A6-AFA3-E2FF5DFA7B87}] => (Allow) C:\Users\Joe\Desktop\UGX Map Manager 1.4.3.exe FirewallRules: [{C2C07092-6716-43C0-96CA-43E11EFF24CB}] => (Allow) C:\Users\Joe\Desktop\UGX Map Manager 1.4.3.exe FirewallRules: [{EC4CDBCA-E8AE-4CA3-BF13-4ABF064609F0}] => (Allow) C:\Users\Joe\Desktop\UGX Map Manager 1.4.3.exe FirewallRules: [{95ACCF2B-73B8-4134-8551-5E4363985F22}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\TrialsPC\datapack\trialsFMX.exe FirewallRules: [{CE1419BE-7391-4FC7-9C32-135321A62F07}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\TrialsPC\datapack\trialsFMX.exe FirewallRules: [{6EDBDAC2-A228-498C-BC3F-03691502A429}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4C6610E9-D628-4589-9DAA-49BF60187828}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Faulty Device Manager Devices ============= Name: USB Root Hub Description: USB Root Hub Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard USB Host Controller) Service: asmthub3 Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31) Resolution: Update the driver ==================== Event log errors: ========================= Application errors: ================== Error: (08/06/2015 10:57:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/06/2015 08:21:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 04:06:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46 Faulting module name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46 Exception code: 0xc0000005 Fault offset: 0x0031c302 Faulting process id: 0x1d84 Faulting application start time: 0xCoDWaW.exe0 Faulting application path: CoDWaW.exe1 Faulting module path: CoDWaW.exe2 Report Id: CoDWaW.exe3 Error: (08/05/2015 03:46:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46 Faulting module name: CoDWaW.exe, version: 1.7.0.0, time stamp: 0x4aea1f46 Exception code: 0xc0000005 Fault offset: 0x0031c26e Faulting process id: 0x148c Faulting application start time: 0xCoDWaW.exe0 Faulting application path: CoDWaW.exe1 Faulting module path: CoDWaW.exe2 Report Id: CoDWaW.exe3 Error: (08/05/2015 02:31:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 02:29:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 02:08:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 01:46:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 01:18:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 12:49:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (08/05/2015 02:31:31 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2952664). Error: (08/05/2015 02:28:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x800f0902: Security Update for Windows 7 for x64-based Systems (KB3067903). Error: (08/05/2015 02:28:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x800f0902: Update for Windows 7 for x64-based Systems (KB3065987). Error: (08/05/2015 02:05:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s). Error: (08/05/2015 02:05:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (08/05/2015 02:05:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/05/2015 02:05:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s). Error: (08/05/2015 02:05:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (08/05/2015 02:05:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (08/05/2015 02:05:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Software Protection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Microsoft Office: ========================= Error: (08/06/2015 10:57:53 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/06/2015 08:21:32 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 04:06:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: CoDWaW.exe1.7.0.04aea1f46CoDWaW.exe1.7.0.04aea1f46c00000050031c3021d8401d0cf8d8526c951D:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exeD:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exe80572561-3b83-11e5-8c76-bc5ff459c8d1 Error: (08/05/2015 03:46:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: CoDWaW.exe1.7.0.04aea1f46CoDWaW.exe1.7.0.04aea1f46c00000050031c26e148c01d0cf8b9d8e4b68D:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exeD:\Program Files (x86)\Steam\steamapps\common\Call of Duty World at War\CoDWaW.exeb2000b99-3b80-11e5-8c76-bc5ff459c8d1 Error: (08/05/2015 02:31:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 02:29:10 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 02:08:24 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 01:46:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 01:18:50 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (08/05/2015 12:49:46 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Intel® Core i7-3770K CPU @ 3.50GHz Percentage of memory in use: 42% Total physical RAM: 8086.02 MB Available physical RAM: 4688.56 MB Total Virtual: 16170.24 MB Available Virtual: 12102.53 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.25 GB) (Free:96.41 GB) NTFS Drive d: (New Volume) (Fixed) (Total:270.45 GB) (Free:15.7 GB) NTFS Drive e: () (Fixed) (Total:195.21 GB) (Free:109.54 GB) NTFS Drive g: (New Volume) (Fixed) (Total:111.79 GB) (Free:43.1 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 238.5 GB) (Disk ID: 75208A99) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1BDDD34B) Partition 1: (Not Active) - (Size=195.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=270.4 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: E68231B6) Partition 1: (Not Active) - (Size=111.8 GB) - (Type=07 NTFS) ==================== End of log ============================