Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Sleipnir (22-03-2017 17:04:53)
Running from C:\Users\Sleipnir\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-01-05 17:24:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-792549663-3945398320-1686471432-500 - Administrator - Disabled)
Guest (S-1-5-21-792549663-3945398320-1686471432-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-792549663-3945398320-1686471432-1002 - Limited - Enabled)
Sleipnir (S-1-5-21-792549663-3945398320-1686471432-1000 - Administrator - Enabled) => C:\Users\Sleipnir
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-792549663-3945398320-1686471432-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version: - SkyBox Labs)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version: - Blue Byte)
Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version: - Blue Byte)
Anno 2070 (HKLM\...\Steam App 48240) (Version: - Blue Byte)
Apple Application Support (32 bits) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
Belkin N600 DB USB Wireless Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4CD8-8306-DA03872311B1}) (Version: 1.00.0184.3 - Belkin International, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bootstrapper (x32 Version: 1.2.2.0 - Minitab, Inc.) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c4100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.03086 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.3.03086 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-792549663-3945398320-1686471432-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Farming Simulator 15 (HKLM\...\Steam App 313160) (Version: - Giants Software)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.87.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.87.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hama Wireless LAN Adapter (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 13.06.0 - Hama)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{EB72DB50-C935-4C26-8349-69828F198902}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-792549663-3945398320-1686471432-1000\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minitab 17 (HKLM-x32\...\Minitab17) (Version: 17.2.1 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.2.0.0 - Minitab, Inc.)
Minitab17 (x32 Version: 17.2.1.0 - Minitab Inc) Hidden
Minitab17 (x32 Version: 17.2.1.0 - Minitab, Inc.) Hidden
Mozilla Firefox 52.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 en-US)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.2 (HKLM-x32\...\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation)
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Overlord (HKLM\...\Steam App 11450) (Version: - Triumph Studios)
Overlord II (HKLM\...\Steam App 12810) (Version: - Triumph Studios)
Overlord: Raising Hell (HKLM\...\Steam App 12710) (Version: - Triumph Studios)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.40.0 - Overwolf Ltd.)
PDF Blender (HKLM-x32\...\PDF Blender) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.3-r114633-release - Raptr, Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7179 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.44 - RStudio)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shelter 2 (HKLM-x32\...\Steam App 275100) (Version: - Might and Delight)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version: - Firaxis)
Sid Meier's Civilization: Beyond Earth (HKLM\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SoftwareManager (x32 Version: 1.2.0.0 - Minitab, Inc.) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonic Radar (HKLM\...\{0E2BE1E8-F087-45D6-8D29-5CB305643B78}) (Version: 1.0.001 - ASUSTeKcomputer.Inc)
Spotify (HKU\S-1-5-21-792549663-3945398320-1686471432-1000\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD PROJEKT RED)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tyto Ecology (HKLM\...\Steam App 453750) (Version: - Immersed Games)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 20.2 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-3) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildStar (HKLM\...\Steam App 376570) (Version: - Carbine Studios)
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
Worms Ultimate Mayhem (HKLM\...\Steam App 70600) (Version: - Team17 Digital Ltd)
YoloMouse (HKLM\...\{0BD95EA1-50C1-4841-869E-25B3AC863A26}) (Version: 0.8.1.0 - HaPpY)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BB2BED2-3677-49D4-B636-8BC12279C5F0} - System32\Tasks\HPCeeScheduleForSleipnir => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {1F4F2C6C-6E4B-492E-883E-FE0C04D608DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {1FB3BB11-ED12-445E-BDD6-794136054186} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-14] (Dropbox, Inc.)
Task: {266BD6B0-B47C-40F9-9139-977E3FE15714} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {2727A5D1-081D-4D6F-92EE-636FFCD2E5AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {28B68EB6-27AE-44B2-AA62-35A197A37815} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-03-16] (Overwolf LTD)
Task: {41CA534F-A020-46A7-A89D-4EEA4FD42604} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {511AB5FF-B0F2-44D0-BE08-741B0C8A869A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-02-08] (HP Inc.)
Task: {53EDFA65-6B1C-493E-85AB-017576380A0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {55A954F9-8271-4702-8268-C0AC788FF446} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {56072CFD-6968-42AF-81C4-EE421ACCF3B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {56422602-3983-428E-A248-6EFDF06066E2} - System32\Tasks\{7EE99B7C-0D41-4CB0-9DEC-0607B2DAC837} => pcalua.exe -a F:\Games\Launcher\vcredist_x64_2010.exe -d F:\Games\Launcher -c /q
Task: {62382F65-EA34-4409-9122-5D17B4B4E00E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {8657606A-0189-4447-BE84-59A57EE2C279} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {A7BBC26E-582B-48F8-A448-739098195638} - System32\Tasks\{14EC3E71-72B1-4E94-8107-9CBF2A9FFF94} => C:\Program Files (x86)\Steam\Steam.exe
Task: {A7FD006A-6DBB-4941-B1CF-298ECF296637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.)
Task: {ADE2B2BE-0C4F-40C4-9802-2CB64709FB04} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {B06E92D3-166E-4512-BEE3-D867D36E272D} - System32\Tasks\{F205B179-44EA-4FAB-982B-62AA49DC75DC} => C:\Program Files (x86)\Steam\Steam.exe
Task: {B419A08E-6F17-4B5F-AFE3-C3521EA3CF55} - System32\Tasks\{ACBD3A35-86DF-401A-B751-F21AC4060609} => Firefox.exe hxxp://ui.skype.com/ui/0/7.26.80.101/en/abandoninstall?page=tsProgressBar
Task: {BC62A303-6D64-44DC-8EDE-CFDBB99BF9E7} - System32\Tasks\{B7BDCF4E-B460-4285-A4E8-5095A2142FA9} => pcalua.exe -a C:\Users\Sleipnir\Downloads\PDFBlenderSetup1.1.2.exe -d C:\Users\Sleipnir\Downloads
Task: {C040E84C-21BE-431C-8657-C90AC1F1001A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-14] (Dropbox, Inc.)
Task: {C1C9C1B1-4041-41AF-8C7A-2749DA3F6A80} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2015-02-25] (Minitab)
Task: {DBD3F0CE-2D1F-4223-BE7B-08EE2CCD5D28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSleipnir.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-05 18:55 - 2013-05-07 08:45 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-11-13 19:27 - 2016-11-13 19:27 - 00222208 _____ () C:\Program Files\YoloMouse\YoloMouse.exe
2015-12-08 20:25 - 2015-12-08 20:25 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2016-03-25 01:03 - 2016-03-17 18:58 - 203469362 ___SH () C:\ProgramData\cdblc\cdblc.exe
2016-08-19 09:12 - 2016-08-19 09:12 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-10-06 18:37 - 2016-10-06 18:37 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-01-05 18:55 - 2017-03-22 16:57 - 00035472 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-01-05 18:55 - 2013-05-07 08:45 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-24 18:01 - 2015-03-24 18:01 - 00192512 _____ () C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll
2016-11-18 11:41 - 2016-11-18 11:41 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2017-03-12 20:15 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-01-14 02:07 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-01-14 02:07 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-01-14 02:07 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-01-14 02:07 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-01-14 02:07 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-01-14 02:07 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-12 20:15 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-12 20:15 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-12 20:15 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-01-14 02:07 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-05 18:07 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-12 20:15 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-12 20:15 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-01-14 02:07 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-05 18:07 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-05 18:07 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-01-14 02:07 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-01-14 02:07 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 23:17 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:52 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-23 23:52 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:52 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:52 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-21 20:34 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-12 20:15 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-12 20:15 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-12 20:15 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-12 20:15 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-12 20:15 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-05 18:07 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-12-23 18:51 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2016-11-13 19:26 - 2016-11-13 19:26 - 00154624 _____ () C:\Program Files\YoloMouse\Yolo32.dll
2017-01-11 22:19 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-12 15:34 - 2017-01-12 15:34 - 01082880 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-12 15:34 - 2017-01-12 15:34 - 03750400 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-12 15:34 - 2017-01-12 15:34 - 00914432 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-11 22:19 - 2017-01-04 14:28 - 02278912 _____ () C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 22:19 - 2017-01-04 14:28 - 00096768 _____ () C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-03-22 17:00 - 2017-03-22 17:00 - 00148992 _____ () \\?\C:\Users\Sleipnir\AppData\Local\Temp\38CB.tmp.node
2017-01-12 15:34 - 2017-01-12 15:34 - 02658304 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-12 15:54 - 2017-01-12 15:54 - 02130432 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-01-05 19:05 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [514]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-792549663-3945398320-1686471432-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hama Wireless LAN Utility.lnk => C:\Windows\pss\Hama Wireless LAN Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Discord => C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\Discord.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Sleipnir\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Sleipnir\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "F:\Steam\steam.exe" -silent
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0215F11E-14A2-43C0-A3D0-0E60165071EA}] => (Allow) C:\Program Files (x86)\Hama\Common\RaUI.exe
FirewallRules: [{CA95152C-0D33-446B-BCCD-65C7E1BE6063}] => (Allow) C:\Program Files (x86)\Hama\Common\RaUI.exe
FirewallRules: [{D0DC15BA-6ADB-4815-A3F9-1D2E1C89C3B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3F166727-3757-4E3F-9689-4094D4EA889A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63929A69-A648-4E72-9228-F3E74836E69E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9F274A5F-0BE4-40ED-9193-D90AAC59EA2D}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03F902C5-E70A-49DC-9BA0-0C87F370E375}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5589957A-07CB-44B4-A85D-79B12B1C344A}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2F8CCAC6-8331-4E4F-B1C6-4B30E72F9A9E}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC77F8C8-BC39-42C8-B010-92A5D7B45BAA}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{367603B6-4A82-471C-8F8E-1C1BDB78D92B}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B8D633AD-D4CA-40F0-BEB1-B509CF5BB72F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CFE7824C-8DB6-47B8-9DEA-7C61E2440D3B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{53A6013B-27AC-4003-8146-AD653B207A1A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6CC7718-4082-43F0-B23C-EDC46F493C11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{38A742C9-124C-4C0A-8C62-237A2DBD5385}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{51736B86-22DC-4E6A-8714-DE0B09C27B4B}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{E3806208-A822-4CE8-8394-6FAA3083046D}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{44A1C545-F4C5-45DD-B725-EE892C7A4AB7}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{041FA600-85BE-4D87-86C7-6E70784DB5C3}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{3F82CA1B-08BF-4F8B-82E7-8F1A153A792D}] => (Allow) F:\Steam\steamapps\common\Shelter2\Shelter2.exe
FirewallRules: [{244BE40C-98BF-4EC7-9EF0-8EC03D280DD6}] => (Allow) F:\Steam\steamapps\common\Shelter2\Shelter2.exe
FirewallRules: [{B2EED0E4-BDE6-47F4-BC6D-30D5962A43DC}] => (Allow) F:\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{6FA1111D-DC6F-48C2-AAE2-7B0B4513E699}] => (Allow) F:\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{BB7A8625-E432-4C90-926D-711813C1E1E9}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{98ABA5F8-9F5D-4D0D-A579-5ACD09BB1B37}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{A98AD9C0-BB45-48BF-A92A-8844A9410ECC}] => (Allow) F:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{446B7F80-1106-4ED0-942E-08F82C3A0A0D}] => (Allow) F:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{7D1C2DB8-A45A-40F3-8718-009B3810F855}] => (Allow) F:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{860A2C8A-FAEA-4E61-97B1-C850A4AF9999}] => (Allow) F:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A4948A45-8895-4E04-82C3-6A4FE9B315A4}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{E3554C21-3EE3-4295-B872-9DFB274FD7C9}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{A4A53B8D-8A20-4957-A051-0675F5C98241}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{951D7A7C-40E8-432D-9628-F0F75795B2E8}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{25EABC61-5224-4D7A-8DBC-F428A3A25E26}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{89EB0C64-8FB6-4606-B77B-D29ED31068FE}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{9FA89984-DB94-44C7-AB65-4A9345B4A30F}] => (Allow) F:\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{21308EAD-B42C-4992-A6D4-8054C9E94818}] => (Allow) F:\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{82B4A150-100C-4E8E-9DAC-AC87361FEA2F}] => (Allow) F:\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{5D8A1552-852D-4C72-8694-9E6F8C2C22D0}] => (Allow) F:\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [TCP Query User{C1B99BF4-9DC9-4A45-9FBA-AC873BEE3ACA}F:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) F:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{E59D17F4-2173-4E9D-938A-E3D634CC9D82}F:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) F:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{BDF0B271-3C9B-47EA-B956-1405CF3EB0F6}] => (Allow) F:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{5BD29EB3-A4E3-4C74-AA33-03078BA99AD2}] => (Allow) F:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{7F0DD522-A270-48DB-97B4-61ED50D4DF0D}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{E538C148-64FA-45E4-BDB4-DAE2D4689B0B}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{543FCAAA-F363-42B0-AB2A-C77D2F5B4AF8}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{71355FFA-AC3C-45F8-BFF8-78401B282148}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [TCP Query User{B39DBB93-E2E9-40E7-8DBB-0682478347E1}F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{BA77DA29-A11C-4357-9FE5-8B1DF32DFEF9}F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{E333BAFB-98FD-4D2C-895D-968BDCBA30DF}C:\users\sleipnir\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sleipnir\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9C9E6E4D-E8B5-42D0-B6BC-3E02951D628E}C:\users\sleipnir\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sleipnir\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39570EE7-CEA9-44DA-98E1-768B5E9FF084}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{897499EB-6F01-4D07-9C1C-60639F454414}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3887857C-8E72-40E6-8AE1-A782BD6372BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{AD231480-E5A1-4BD8-8DC8-1341D76F9B5F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{4B58A9C2-FCFA-44A7-BC73-F5DF5FAB100C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4C1F6137-A979-4C7B-8A15-95D455199246}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F7805985-B738-4FC8-94C8-A5556F9C418B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{3746EE5B-6B9C-4A28-A042-960508034850}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{5019D143-0477-4BA9-9022-B31F2BE11571}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DA3DBAFA-3495-494F-B297-536CBEE960C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{33705532-CB0C-4637-B2B5-43079D642849}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{CD95F743-3505-4757-A3DB-484B0203BD9A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{21C9A279-3B53-412F-BBA7-34046A3EAA86}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{9D2C3AF1-7E78-430F-AD68-C56CB145D9DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{0E90B5F6-4785-4970-8182-DF892A1F977D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{D2526148-7EB5-49CE-B8F8-F52EC154EDCF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{311B23CE-A8A5-4786-9084-7C764BADE69E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{4F7364C9-974A-4625-A569-366D1D377516}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{B56F6CD2-2FC1-4E4F-B4B1-1017DE889036}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{3ED51240-F80C-4EDB-A3DA-C09E3C373152}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{522B722C-04B2-495D-B31F-5DDB44A45D0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{DDC84001-676A-433A-8E92-BB0001C6296E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{DDAC5665-1BB5-43A4-A4FD-156EEA436AF7}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{D0DC7D0D-3E5E-4F72-8D54-24885B7D020A}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{C05F43E7-A7CD-499F-91CC-B5E36F84130B}F:\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) F:\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{AFA4B244-7A34-4AB6-BF0B-6BBC5E9F1EA0}F:\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) F:\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [{9B45EC58-59D7-4532-BF8B-DACFFB87ED8A}] => (Allow) F:\Steam\steamapps\common\WormsXHD\Launcher.exe
FirewallRules: [{A0B462B4-3BA4-44E0-A806-2943C4ECDA82}] => (Allow) F:\Steam\steamapps\common\WormsXHD\Launcher.exe
FirewallRules: [{C42D1EE0-9C97-4BA0-BABB-9E011166514E}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{8C63A2CF-6D4B-416A-8BA2-3615A9E973FC}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7B9963A6-727F-4D44-A542-00358D7DE9F6}] => (Allow) F:\Steam\steamapps\common\Tyto Ecology\TytoEcology.exe
FirewallRules: [{206C577C-7FD3-4F64-9D0B-169511960CAA}] => (Allow) F:\Steam\steamapps\common\Tyto Ecology\TytoEcology.exe
FirewallRules: [{586948E3-6423-4794-9710-05822AC4747D}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{CA3D189B-6016-41C5-8BF6-BD129590BBE2}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{9D1B7AD5-1D1A-4F07-BCF5-9ECCAC33B968}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{651FB22C-E767-46AC-8A44-C2204F0623EF}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [TCP Query User{927BF593-B1B0-40B6-BA71-F5118880A814}F:\steam\steamapps\common\tyto ecology\tytoecology\binaries\win64\tytoecology-win64-shipping.exe] => (Allow) F:\steam\steamapps\common\tyto ecology\tytoecology\binaries\win64\tytoecology-win64-shipping.exe
FirewallRules: [UDP Query User{B5880B3A-1C4D-442D-B21A-2D6DE1CCD385}F:\steam\steamapps\common\tyto ecology\tytoecology\binaries\win64\tytoecology-win64-shipping.exe] => (Allow) F:\steam\steamapps\common\tyto ecology\tytoecology\binaries\win64\tytoecology-win64-shipping.exe
FirewallRules: [{60904234-D0BA-4408-89B8-5F92B18798A8}] => (Allow) F:\Steam\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{49C6A698-F9B3-4182-9056-CE71AB4EB26D}] => (Allow) F:\Steam\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{1A9C61F3-BB1C-4253-8044-B69806BE2824}] => (Allow) F:\Steam\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{5EC3FEFF-7560-48F5-971B-E5CD9A48E644}] => (Allow) F:\Steam\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{9079DFB3-27B0-4EE4-9517-9F5DE03D22AA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{0F7C31D5-74BA-473A-BE4C-DFAACE9B60A3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3C0443F9-4BCB-4DE0-A064-51A9A3B9D69A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{D44960F5-0EAF-4246-9290-782C7E1453A3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{54128206-C2E5-4CCE-8291-2CC5B68008AE}] => (Allow) F:\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{68D7E272-2984-458A-8890-F4EAD3C41AAB}] => (Allow) F:\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{D1BD2A83-A52D-4B14-9009-80303A16FEF9}] => (Allow) F:\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{59ED2F7F-D921-4BAA-982C-F4BF23FD23D6}] => (Allow) F:\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{9428789E-AF43-4D38-80EA-8A91C2084605}] => (Allow) F:\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{3F98FA45-2FB1-4BCB-BE68-980DE740F770}] => (Allow) F:\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{5DDB9792-1A16-40D7-98A0-B2834D45D8A7}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{97287D2C-34E5-4AB3-B90C-DE309960252D}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4E653A6B-859F-4B84-9196-84075A5169DB}] => (Allow) F:\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{003DF08B-1052-4A62-9145-0AF8860B8D7D}] => (Allow) F:\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{84B2B86C-449B-472F-9895-3F8A2F4B4E59}] => (Allow) F:\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{A7C8592E-EFF5-4B71-A609-FA0912C57381}] => (Allow) F:\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{893A4FB0-E6E1-405F-B7BB-C6AE89F28BC4}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{57D0C455-7483-49B0-9940-9934A2FC5674}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{C11BA3AE-6B0D-488D-9510-FFF49E3058C1}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{20545753-7754-4A79-9F78-DF698B9E4CF6}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{975B82DF-20CD-4968-84F2-1BCB157C7FC1}] => (Allow) F:\Steam\steamapps\common\Overlord\Overlord.exe
FirewallRules: [{3C2F828D-5EB1-40CC-BAE7-75ACCFCF1970}] => (Allow) F:\Steam\steamapps\common\Overlord\Overlord.exe
FirewallRules: [{9CA7A31A-DD47-4BBF-9E81-98232EDE3304}] => (Allow) F:\Steam\steamapps\common\Overlord\Config.exe
FirewallRules: [{975C6FFD-3E46-4A80-8CFA-6CC68FAADF45}] => (Allow) F:\Steam\steamapps\common\Overlord\Config.exe
FirewallRules: [{F6D445C0-E1A1-499A-B108-0171039EB53A}] => (Allow) F:\Steam\steamapps\common\Overlord II\Overlord2.exe
FirewallRules: [{C1582815-3F4A-4F5A-8C3A-EF534C043A79}] => (Allow) F:\Steam\steamapps\common\Overlord II\Overlord2.exe
FirewallRules: [{E31AE7B7-1F90-42F8-B442-1B1C4831177B}] => (Allow) F:\Steam\steamapps\common\Overlord II\Config.exe
FirewallRules: [{694A45AA-F432-486B-85B9-A761723E8407}] => (Allow) F:\Steam\steamapps\common\Overlord II\Config.exe
FirewallRules: [{ACDCD5B2-C89C-4662-A837-66AE11D3304C}] => (Allow) F:\Steam\steamapps\common\Age of Mythology\aomx.exe
FirewallRules: [{074B54C0-4A8B-47CB-B336-15565877EDC1}] => (Allow) F:\Steam\steamapps\common\Age of Mythology\aomx.exe
FirewallRules: [{759F4D0F-2C11-4107-A7C4-1D9A811F7962}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0500BFA4-2801-47E3-88AA-AD7BD7B0A732}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{A9EDEB38-4145-4714-B3CB-54A4934EA5CF}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{8FDD42C7-E615-4015-B70D-B1ACA0F04D2D}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{97B8191C-5DB9-429E-B80C-D1493769C4DB}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{C871B5DF-AD2B-47BF-AB56-DF84A52D90D8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
04-03-2017 04:42:20 Windows Update
07-03-2017 05:07:09 Windows Update
18-03-2017 13:15:14 Windows Update
19-03-2017 12:26:54 Windows Update
==================== Faulty Device Manager Devices =============
Name: Malwarebytes Anti-Exploit
Description: Malwarebytes Anti-Exploit
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ESProtectionDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/22/2017 04:58:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/22/2017 09:59:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/22/2017 12:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/21/2017 12:36:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/20/2017 06:44:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/20/2017 06:32:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 05:44:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 12:39:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 12:29:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 12:14:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (03/22/2017 04:58:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ESProtectionDriver
Error: (03/22/2017 04:57:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
The system cannot find the file specified.
Error: (03/22/2017 04:57:44 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The chip 1-click download service service has reported an invalid current state 0.
Error: (03/22/2017 04:57:44 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The chip 1-click download service service has reported an invalid current state 0.
Error: (03/22/2017 04:57:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/22/2017 04:57:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/22/2017 10:50:56 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
Error: (03/22/2017 10:27:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
The system cannot find the file specified.
Error: (03/22/2017 10:27:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/22/2017 09:59:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ESProtectionDriver
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Percentage of memory in use: 42%
Total physical RAM: 8129.89 MB
Available physical RAM: 4674.69 MB
Total Virtual: 16257.97 MB
Available Virtual: 12399.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:150 GB) (Free:59.62 GB) NTFS
Drive f: (Volume 1) (Fixed) (Total:781.41 GB) (Free:325.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9F386E92)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=781.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Sleipnir (22-03-2017 17:04:53)
Running from C:\Users\Sleipnir\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2016-01-05 17:24:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-792549663-3945398320-1686471432-500 - Administrator - Disabled)
Guest (S-1-5-21-792549663-3945398320-1686471432-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-792549663-3945398320-1686471432-1002 - Limited - Enabled)
Sleipnir (S-1-5-21-792549663-3945398320-1686471432-1000 - Administrator - Enabled) => C:\Users\Sleipnir
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-792549663-3945398320-1686471432-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Age of Mythology: Extended Edition (HKLM\...\Steam App 266840) (Version: - SkyBox Labs)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version: - SkyBox Labs)
AIO_CDA_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version: - Blue Byte)
Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version: - Blue Byte)
Anno 2070 (HKLM\...\Steam App 48240) (Version: - Blue Byte)
Apple Application Support (32 bits) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64 bits) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{0b46d918-af4f-4612-8076-5c0ae67cb2aa}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
Belkin N600 DB USB Wireless Adapter (HKLM-x32\...\{B20F9D1C-A0A5-4CD8-8306-DA03872311B1}) (Version: 1.00.0184.3 - Belkin International, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Bootstrapper (x32 Version: 1.2.2.0 - Minitab, Inc.) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4100 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
c4100_Help (x32 Version: 82.0.256.000 - Hewlett-Packard) Hidden
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 4.3.03086 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 4.3.03086 - Cisco Systems, Inc.) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Discord (HKU\S-1-5-21-792549663-3945398320-1686471432-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.59.1 - Dropbox, Inc.) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Farming Simulator 15 (HKLM\...\Steam App 313160) (Version: - Giants Software)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.87.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.87.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hama Wireless LAN Adapter (HKLM-x32\...\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}) (Version: 13.06.0 - Hama)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{EB72DB50-C935-4C26-8349-69828F198902}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.7.28.0 (HKLM\...\PROSetDX) (Version: 18.7.28.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Medieval II: Total War (HKLM\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
MiKTeX 2.9 (HKU\S-1-5-21-792549663-3945398320-1686471432-1000\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Minitab 17 (HKLM-x32\...\Minitab17) (Version: 17.2.1 - Minitab, Inc.)
Minitab Software Update Manager (HKLM-x32\...\MinitabSoftwareManager) (Version: 1.2.0.0 - Minitab, Inc.)
Minitab17 (x32 Version: 17.2.1.0 - Minitab Inc) Hidden
Minitab17 (x32 Version: 17.2.1.0 - Minitab, Inc.) Hidden
Mozilla Firefox 52.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 en-US)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA PhysX (HKLM-x32\...\{DD1865F0-AD73-40FB-B23E-1822E02396FF}) (Version: 9.09.0203 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.2 (HKLM-x32\...\{DCB1B348-C94E-4D6D-8CE0-7D9DA5CF663E}) (Version: 4.12.9782 - Apache Software Foundation)
Oracle VM VirtualBox 5.0.12 (HKLM\...\{6F93731D-89E1-4A8F-BDA9-D104860DDB02}) (Version: 5.0.12 - Oracle Corporation)
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Overlord (HKLM\...\Steam App 11450) (Version: - Triumph Studios)
Overlord II (HKLM\...\Steam App 12810) (Version: - Triumph Studios)
Overlord: Raising Hell (HKLM\...\Steam App 12710) (Version: - Triumph Studios)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.103.40.0 - Overwolf Ltd.)
PDF Blender (HKLM-x32\...\PDF Blender) (Version: - )
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.3-r114633-release - Raptr, Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1104 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7179 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 1.0.44 - RStudio)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shelter 2 (HKLM-x32\...\Steam App 275100) (Version: - Might and Delight)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version: - Firaxis)
Sid Meier's Civilization: Beyond Earth (HKLM\...\Steam App 65980) (Version: - Firaxis Games)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SoftwareManager (x32 Version: 1.2.0.0 - Minitab, Inc.) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sonic Radar (HKLM\...\{0E2BE1E8-F087-45D6-8D29-5CB305643B78}) (Version: 1.0.001 - ASUSTeKcomputer.Inc)
Spotify (HKU\S-1-5-21-792549663-3945398320-1686471432-1000\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 2.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD PROJEKT RED)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tyto Ecology (HKLM\...\Steam App 453750) (Version: - Immersed Games)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 20.2 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-3) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WildStar (HKLM\...\Steam App 376570) (Version: - Carbine Studios)
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
Worms Ultimate Mayhem (HKLM\...\Steam App 70600) (Version: - Team17 Digital Ltd)
YoloMouse (HKLM\...\{0BD95EA1-50C1-4841-869E-25B3AC863A26}) (Version: 0.8.1.0 - HaPpY)
ZHPFix 2015 (HKLM-x32\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0BB2BED2-3677-49D4-B636-8BC12279C5F0} - System32\Tasks\HPCeeScheduleForSleipnir => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {1F4F2C6C-6E4B-492E-883E-FE0C04D608DD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {1FB3BB11-ED12-445E-BDD6-794136054186} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-14] (Dropbox, Inc.)
Task: {266BD6B0-B47C-40F9-9139-977E3FE15714} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {2727A5D1-081D-4D6F-92EE-636FFCD2E5AF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {28B68EB6-27AE-44B2-AA62-35A197A37815} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-03-16] (Overwolf LTD)
Task: {41CA534F-A020-46A7-A89D-4EEA4FD42604} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {511AB5FF-B0F2-44D0-BE08-741B0C8A869A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-02-08] (HP Inc.)
Task: {53EDFA65-6B1C-493E-85AB-017576380A0F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-02-10] (HP Inc.)
Task: {55A954F9-8271-4702-8268-C0AC788FF446} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {56072CFD-6968-42AF-81C4-EE421ACCF3B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {56422602-3983-428E-A248-6EFDF06066E2} - System32\Tasks\{7EE99B7C-0D41-4CB0-9DEC-0607B2DAC837} => pcalua.exe -a F:\Games\Launcher\vcredist_x64_2010.exe -d F:\Games\Launcher -c /q
Task: {62382F65-EA34-4409-9122-5D17B4B4E00E} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {8657606A-0189-4447-BE84-59A57EE2C279} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {A7BBC26E-582B-48F8-A448-739098195638} - System32\Tasks\{14EC3E71-72B1-4E94-8107-9CBF2A9FFF94} => C:\Program Files (x86)\Steam\Steam.exe
Task: {A7FD006A-6DBB-4941-B1CF-298ECF296637} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.)
Task: {ADE2B2BE-0C4F-40C4-9802-2CB64709FB04} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {B06E92D3-166E-4512-BEE3-D867D36E272D} - System32\Tasks\{F205B179-44EA-4FAB-982B-62AA49DC75DC} => C:\Program Files (x86)\Steam\Steam.exe
Task: {B419A08E-6F17-4B5F-AFE3-C3521EA3CF55} - System32\Tasks\{ACBD3A35-86DF-401A-B751-F21AC4060609} => Firefox.exe hxxp://ui.skype.com/ui/0/7.26.80.101/en/abandoninstall?page=tsProgressBar
Task: {BC62A303-6D64-44DC-8EDE-CFDBB99BF9E7} - System32\Tasks\{B7BDCF4E-B460-4285-A4E8-5095A2142FA9} => pcalua.exe -a C:\Users\Sleipnir\Downloads\PDFBlenderSetup1.1.2.exe -d C:\Users\Sleipnir\Downloads
Task: {C040E84C-21BE-431C-8657-C90AC1F1001A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-14] (Dropbox, Inc.)
Task: {C1C9C1B1-4041-41AF-8C7A-2749DA3F6A80} - System32\Tasks\Minitab\Minitab Software Update Manager => C:\Program Files (x86)\Common Files\Minitab Shared\Software Manager\SoftwareManager.exe [2015-02-25] (Minitab)
Task: {DBD3F0CE-2D1F-4223-BE7B-08EE2CCD5D28} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-05] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSleipnir.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-12-17 18:38 - 2015-12-17 18:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-05 18:55 - 2013-05-07 08:45 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-11-13 19:27 - 2016-11-13 19:27 - 00222208 _____ () C:\Program Files\YoloMouse\YoloMouse.exe
2015-12-08 20:25 - 2015-12-08 20:25 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll
2016-03-25 01:03 - 2016-03-17 18:58 - 203469362 ___SH () C:\ProgramData\cdblc\cdblc.exe
2016-08-19 09:12 - 2016-08-19 09:12 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-10-06 18:37 - 2016-10-06 18:37 - 00073728 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2016-01-05 18:55 - 2017-03-22 16:57 - 00035472 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-01-05 18:55 - 2013-05-07 08:45 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-03-24 18:01 - 2015-03-24 18:01 - 00192512 _____ () C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GvVGAConfig.dll
2016-11-18 11:41 - 2016-11-18 11:41 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libcef.dll
2017-03-12 20:15 - 2017-03-06 21:59 - 00807232 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-01-14 02:07 - 2017-02-09 03:19 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-01-14 02:07 - 2017-02-09 03:19 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-01-14 02:07 - 2017-02-09 03:19 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-01-14 02:07 - 2017-03-06 22:01 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-01-14 02:07 - 2017-02-09 03:19 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-01-14 02:07 - 2017-02-09 03:20 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-03-12 20:15 - 2017-02-09 03:19 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-03-12 20:15 - 2017-02-09 03:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-03-12 20:15 - 2017-02-09 03:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-01-14 02:07 - 2017-02-09 03:22 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-05 18:07 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-03-12 20:15 - 2017-02-09 03:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-03-12 20:15 - 2017-02-09 03:22 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-01-14 02:07 - 2017-03-06 22:01 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-05 18:07 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-05 18:07 - 2017-02-09 03:21 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-01-14 02:07 - 2017-03-06 22:01 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-01-14 02:07 - 2017-02-09 03:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-27 23:17 - 2017-03-06 22:01 - 00053072 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-23 23:52 - 2017-03-06 22:01 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-01-23 23:52 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-23 23:52 - 2017-03-06 22:01 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-23 23:52 - 2017-03-06 22:01 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-21 20:34 - 2017-03-06 22:01 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-03-12 20:15 - 2017-02-09 03:17 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-03-12 20:15 - 2017-03-06 22:01 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-03-12 20:15 - 2017-02-09 03:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-03-12 20:15 - 2017-02-09 03:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-03-12 20:15 - 2017-03-06 22:01 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-01-14 02:07 - 2017-02-09 03:22 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-05 18:07 - 2017-03-06 22:01 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-12 20:15 - 2017-03-06 22:01 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-12-23 18:51 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libglesv2.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzSynapse\cef\libegl.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-12-23 18:51 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\Sleipnir\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2016-11-13 19:26 - 2016-11-13 19:26 - 00154624 _____ () C:\Program Files\YoloMouse\Yolo32.dll
2017-01-11 22:19 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-12 15:34 - 2017-01-12 15:34 - 01082880 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-12 15:34 - 2017-01-12 15:34 - 03750400 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-12 15:34 - 2017-01-12 15:34 - 00914432 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-11 22:19 - 2017-01-04 14:28 - 02278912 _____ () C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 22:19 - 2017-01-04 14:28 - 00096768 _____ () C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-03-22 17:00 - 2017-03-22 17:00 - 00148992 _____ () \\?\C:\Users\Sleipnir\AppData\Local\Temp\38CB.tmp.node
2017-01-12 15:34 - 2017-01-12 15:34 - 02658304 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-12 15:54 - 2017-01-12 15:54 - 02130432 _____ () \\?\C:\Users\Sleipnir\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2016-01-05 19:05 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [514]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-792549663-3945398320-1686471432-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sleipnir\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Hama Wireless LAN Utility.lnk => C:\Windows\pss\Hama Wireless LAN Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: Discord => C:\Users\Sleipnir\AppData\Local\Discord\app-0.0.297\Discord.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Sleipnir\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Sleipnir\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "F:\Steam\steam.exe" -silent
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{0215F11E-14A2-43C0-A3D0-0E60165071EA}] => (Allow) C:\Program Files (x86)\Hama\Common\RaUI.exe
FirewallRules: [{CA95152C-0D33-446B-BCCD-65C7E1BE6063}] => (Allow) C:\Program Files (x86)\Hama\Common\RaUI.exe
FirewallRules: [{D0DC15BA-6ADB-4815-A3F9-1D2E1C89C3B9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3F166727-3757-4E3F-9689-4094D4EA889A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{63929A69-A648-4E72-9228-F3E74836E69E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9F274A5F-0BE4-40ED-9193-D90AAC59EA2D}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03F902C5-E70A-49DC-9BA0-0C87F370E375}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{5589957A-07CB-44B4-A85D-79B12B1C344A}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2F8CCAC6-8331-4E4F-B1C6-4B30E72F9A9E}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CC77F8C8-BC39-42C8-B010-92A5D7B45BAA}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{367603B6-4A82-471C-8F8E-1C1BDB78D92B}] => (Allow) C:\Users\Sleipnir\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B8D633AD-D4CA-40F0-BEB1-B509CF5BB72F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CFE7824C-8DB6-47B8-9DEA-7C61E2440D3B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{53A6013B-27AC-4003-8146-AD653B207A1A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E6CC7718-4082-43F0-B23C-EDC46F493C11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{38A742C9-124C-4C0A-8C62-237A2DBD5385}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{51736B86-22DC-4E6A-8714-DE0B09C27B4B}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{E3806208-A822-4CE8-8394-6FAA3083046D}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{44A1C545-F4C5-45DD-B725-EE892C7A4AB7}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{041FA600-85BE-4D87-86C7-6E70784DB5C3}] => (Allow) F:\Steam\bin\steamwebhelper.exe
FirewallRules: [{3F82CA1B-08BF-4F8B-82E7-8F1A153A792D}] => (Allow) F:\Steam\steamapps\common\Shelter2\Shelter2.exe
FirewallRules: [{244BE40C-98BF-4EC7-9EF0-8EC03D280DD6}] => (Allow) F:\Steam\steamapps\common\Shelter2\Shelter2.exe
FirewallRules: [{B2EED0E4-BDE6-47F4-BC6D-30D5962A43DC}] => (Allow) F:\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{6FA1111D-DC6F-48C2-AAE2-7B0B4513E699}] => (Allow) F:\Steam\steamapps\common\Age of Mythology\Launcher.exe
FirewallRules: [{BB7A8625-E432-4C90-926D-711813C1E1E9}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{98ABA5F8-9F5D-4D0D-A579-5ACD09BB1B37}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{A98AD9C0-BB45-48BF-A92A-8844A9410ECC}] => (Allow) F:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{446B7F80-1106-4ED0-942E-08F82C3A0A0D}] => (Allow) F:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{7D1C2DB8-A45A-40F3-8718-009B3810F855}] => (Allow) F:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{860A2C8A-FAEA-4E61-97B1-C850A4AF9999}] => (Allow) F:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A4948A45-8895-4E04-82C3-6A4FE9B315A4}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{E3554C21-3EE3-4295-B872-9DFB274FD7C9}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{A4A53B8D-8A20-4957-A051-0675F5C98241}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{951D7A7C-40E8-432D-9628-F0F75795B2E8}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{25EABC61-5224-4D7A-8DBC-F428A3A25E26}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{89EB0C64-8FB6-4606-B77B-D29ED31068FE}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{9FA89984-DB94-44C7-AB65-4A9345B4A30F}] => (Allow) F:\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{21308EAD-B42C-4992-A6D4-8054C9E94818}] => (Allow) F:\Steam\steamapps\common\Anno 1404\Anno4.exe
FirewallRules: [{82B4A150-100C-4E8E-9DAC-AC87361FEA2F}] => (Allow) F:\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [{5D8A1552-852D-4C72-8694-9E6F8C2C22D0}] => (Allow) F:\Steam\steamapps\common\Anno 1404\Addon.exe
FirewallRules: [TCP Query User{C1B99BF4-9DC9-4A45-9FBA-AC873BEE3ACA}F:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) F:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{E59D17F4-2173-4E9D-938A-E3D634CC9D82}F:\steam\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) F:\steam\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{BDF0B271-3C9B-47EA-B956-1405CF3EB0F6}] => (Allow) F:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{5BD29EB3-A4E3-4C74-AA33-03078BA99AD2}] => (Allow) F:\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{7F0DD522-A270-48DB-97B4-61ED50D4DF0D}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{E538C148-64FA-45E4-BDB4-DAE2D4689B0B}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{543FCAAA-F363-42B0-AB2A-C77D2F5B4AF8}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{71355FFA-AC3C-45F8-BFF8-78401B282148}] => (Allow) F:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [TCP Query User{B39DBB93-E2E9-40E7-8DBB-0682478347E1}F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{BA77DA29-A11C-4357-9FE5-8B1DF32DFEF9}F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) F:\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [TCP Query User{E333BAFB-98FD-4D2C-895D-968BDCBA30DF}C:\users\sleipnir\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sleipnir\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9C9E6E4D-E8B5-42D0-B6BC-3E02951D628E}C:\users\sleipnir\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sleipnir\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39570EE7-CEA9-44DA-98E1-768B5E9FF084}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{897499EB-6F01-4D07-9C1C-60639F454414}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{3887857C-8E72-40E6-8AE1-A782BD6372BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{AD231480-E5A1-4BD8-8DC8-1341D76F9B5F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{4B58A9C2-FCFA-44A7-BC73-F5DF5FAB100C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4C1F6137-A979-4C7B-8A15-95D455199246}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F7805985-B738-4FC8-94C8-A5556F9C418B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{3746EE5B-6B9C-4A28-A042-960508034850}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{5019D143-0477-4BA9-9022-B31F2BE11571}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DA3DBAFA-3495-494F-B297-536CBEE960C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{33705532-CB0C-4637-B2B5-43079D642849}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{CD95F743-3505-4757-A3DB-484B0203BD9A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{21C9A279-3B53-412F-BBA7-34046A3EAA86}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{9D2C3AF1-7E78-430F-AD68-C56CB145D9DF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{0E90B5F6-4785-4970-8182-DF892A1F977D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{D2526148-7EB5-49CE-B8F8-F52EC154EDCF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{311B23CE-A8A5-4786-9084-7C764BADE69E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{4F7364C9-974A-4625-A569-366D1D377516}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{B56F6CD2-2FC1-4E4F-B4B1-1017DE889036}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{3ED51240-F80C-4EDB-A3DA-C09E3C373152}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{522B722C-04B2-495D-B31F-5DDB44A45D0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{DDC84001-676A-433A-8E92-BB0001C6296E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{DDAC5665-1BB5-43A4-A4FD-156EEA436AF7}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{D0DC7D0D-3E5E-4F72-8D54-24885B7D020A}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{C05F43E7-A7CD-499F-91CC-B5E36F84130B}F:\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) F:\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{AFA4B244-7A34-4AB6-BF0B-6BBC5E9F1EA0}F:\steam\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) F:\steam\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [{9B45EC58-59D7-4532-BF8B-DACFFB87ED8A}] => (Allow) F:\Steam\steamapps\common\WormsXHD\Launcher.exe
FirewallRules: [{A0B462B4-3BA4-44E0-A806-2943C4ECDA82}] => (Allow) F:\Steam\steamapps\common\WormsXHD\Launcher.exe
FirewallRules: [{C42D1EE0-9C97-4BA0-BABB-9E011166514E}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{8C63A2CF-6D4B-416A-8BA2-3615A9E973FC}] => (Allow) F:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{7B9963A6-727F-4D44-A542-00358D7DE9F6}] => (Allow) F:\Steam\steamapps\common\Tyto Ecology\TytoEcology.exe
FirewallRules: [{206C577C-7FD3-4F64-9D0B-169511960CAA}] => (Allow) F:\Steam\steamapps\common\Tyto Ecology\TytoEcology.exe
FirewallRules: [{586948E3-6423-4794-9710-05822AC4747D}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{CA3D189B-6016-41C5-8BF6-BD129590BBE2}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{9D1B7AD5-1D1A-4F07-BCF5-9ECCAC33B968}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{651FB22C-E767-46AC-8A44-C2204F0623EF}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [TCP Query User{927BF593-B1B0-40B6-BA71-F5118880A814}F:\steam\steamapps\common\tyto ecology\tytoecology\binaries\win64\tytoecology-win64-shipping.exe] => (Allow) F:\steam\steamapps\common\tyto ecology\tytoecology\binaries\win64\tytoecology-win64-shipping.exe
FirewallRules: [UDP Query User{B5880B3A-1C4D-442D-B21A-2D6DE1CCD385}F:\steam\steamapps\common\tyto ecology\tytoecology\binaries\win64\tytoecology-win64-shipping.exe] => (Allow) F:\steam\steamapps\common\tyto ecology\tytoecology\binaries\win64\tytoecology-win64-shipping.exe
FirewallRules: [{60904234-D0BA-4408-89B8-5F92B18798A8}] => (Allow) F:\Steam\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{49C6A698-F9B3-4182-9056-CE71AB4EB26D}] => (Allow) F:\Steam\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{1A9C61F3-BB1C-4253-8044-B69806BE2824}] => (Allow) F:\Steam\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{5EC3FEFF-7560-48F5-971B-E5CD9A48E644}] => (Allow) F:\Steam\steamapps\common\Anno 2070\Anno5.exe
FirewallRules: [{9079DFB3-27B0-4EE4-9517-9F5DE03D22AA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{0F7C31D5-74BA-473A-BE4C-DFAACE9B60A3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3C0443F9-4BCB-4DE0-A064-51A9A3B9D69A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{D44960F5-0EAF-4246-9290-782C7E1453A3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{54128206-C2E5-4CCE-8291-2CC5B68008AE}] => (Allow) F:\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{68D7E272-2984-458A-8890-F4EAD3C41AAB}] => (Allow) F:\Steam\steamapps\common\WildStar\Steam_WildStar.exe
FirewallRules: [{D1BD2A83-A52D-4B14-9009-80303A16FEF9}] => (Allow) F:\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{59ED2F7F-D921-4BAA-982C-F4BF23FD23D6}] => (Allow) F:\Steam\steamapps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{9428789E-AF43-4D38-80EA-8A91C2084605}] => (Allow) F:\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{3F98FA45-2FB1-4BCB-BE68-980DE740F770}] => (Allow) F:\Steam\steamapps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{5DDB9792-1A16-40D7-98A0-B2834D45D8A7}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{97287D2C-34E5-4AB3-B90C-DE309960252D}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{4E653A6B-859F-4B84-9196-84075A5169DB}] => (Allow) F:\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{003DF08B-1052-4A62-9145-0AF8860B8D7D}] => (Allow) F:\Steam\steamapps\common\Farming Simulator 15\x64\FarmingSimulator2015Game.exe
FirewallRules: [{84B2B86C-449B-472F-9895-3F8A2F4B4E59}] => (Allow) F:\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{A7C8592E-EFF5-4B71-A609-FA0912C57381}] => (Allow) F:\Steam\steamapps\common\Farming Simulator 15\x86\FarmingSimulator2015Game.exe
FirewallRules: [{893A4FB0-E6E1-405F-B7BB-C6AE89F28BC4}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{57D0C455-7483-49B0-9940-9934A2FC5674}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{C11BA3AE-6B0D-488D-9510-FFF49E3058C1}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{20545753-7754-4A79-9F78-DF698B9E4CF6}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{975B82DF-20CD-4968-84F2-1BCB157C7FC1}] => (Allow) F:\Steam\steamapps\common\Overlord\Overlord.exe
FirewallRules: [{3C2F828D-5EB1-40CC-BAE7-75ACCFCF1970}] => (Allow) F:\Steam\steamapps\common\Overlord\Overlord.exe
FirewallRules: [{9CA7A31A-DD47-4BBF-9E81-98232EDE3304}] => (Allow) F:\Steam\steamapps\common\Overlord\Config.exe
FirewallRules: [{975C6FFD-3E46-4A80-8CFA-6CC68FAADF45}] => (Allow) F:\Steam\steamapps\common\Overlord\Config.exe
FirewallRules: [{F6D445C0-E1A1-499A-B108-0171039EB53A}] => (Allow) F:\Steam\steamapps\common\Overlord II\Overlord2.exe
FirewallRules: [{C1582815-3F4A-4F5A-8C3A-EF534C043A79}] => (Allow) F:\Steam\steamapps\common\Overlord II\Overlord2.exe
FirewallRules: [{E31AE7B7-1F90-42F8-B442-1B1C4831177B}] => (Allow) F:\Steam\steamapps\common\Overlord II\Config.exe
FirewallRules: [{694A45AA-F432-486B-85B9-A761723E8407}] => (Allow) F:\Steam\steamapps\common\Overlord II\Config.exe
FirewallRules: [{ACDCD5B2-C89C-4662-A837-66AE11D3304C}] => (Allow) F:\Steam\steamapps\common\Age of Mythology\aomx.exe
FirewallRules: [{074B54C0-4A8B-47CB-B336-15565877EDC1}] => (Allow) F:\Steam\steamapps\common\Age of Mythology\aomx.exe
FirewallRules: [{759F4D0F-2C11-4107-A7C4-1D9A811F7962}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{0500BFA4-2801-47E3-88AA-AD7BD7B0A732}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{A9EDEB38-4145-4714-B3CB-54A4934EA5CF}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{8FDD42C7-E615-4015-B70D-B1ACA0F04D2D}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{97B8191C-5DB9-429E-B80C-D1493769C4DB}] => (Allow) F:\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{C871B5DF-AD2B-47BF-AB56-DF84A52D90D8}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Restore Points =========================
04-03-2017 04:42:20 Windows Update
07-03-2017 05:07:09 Windows Update
18-03-2017 13:15:14 Windows Update
19-03-2017 12:26:54 Windows Update
==================== Faulty Device Manager Devices =============
Name: Malwarebytes Anti-Exploit
Description: Malwarebytes Anti-Exploit
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ESProtectionDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/22/2017 04:58:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/22/2017 09:59:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/22/2017 12:55:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/21/2017 12:36:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/20/2017 06:44:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/20/2017 06:32:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 05:44:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 12:39:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 12:29:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (03/19/2017 12:14:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (03/22/2017 04:58:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ESProtectionDriver
Error: (03/22/2017 04:57:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
The system cannot find the file specified.
Error: (03/22/2017 04:57:44 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The chip 1-click download service service has reported an invalid current state 0.
Error: (03/22/2017 04:57:44 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: The chip 1-click download service service has reported an invalid current state 0.
Error: (03/22/2017 04:57:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMChameleon service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/22/2017 04:57:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/22/2017 10:50:56 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
Error: (03/22/2017 10:27:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error:
The system cannot find the file specified.
Error: (03/22/2017 10:27:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error:
The system cannot find the file specified.
Error: (03/22/2017 09:59:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ESProtectionDriver
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Percentage of memory in use: 42%
Total physical RAM: 8129.89 MB
Available physical RAM: 4674.69 MB
Total Virtual: 16257.97 MB
Available Virtual: 12399.45 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:150 GB) (Free:59.62 GB) NTFS
Drive f: (Volume 1) (Fixed) (Total:781.41 GB) (Free:325.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9F386E92)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=781.4 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================