Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-09-2017 Ran by Adrian (13-09-2017 20:30:14) Running from C:\Users\Adrian\Desktop Windows 7 Professional Service Pack 1 (X64) (2014-07-23 16:30:14) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-4055709356-1465872850-4113285666-500 - Administrator - Disabled) Adrian (S-1-5-21-4055709356-1465872850-4113285666-1000 - Administrator - Enabled) => C:\Users\Adrian Guest (S-1-5-21-4055709356-1465872850-4113285666-501 - Limited - Disabled) => C:\Users\Guest ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.) Adobe Acrobat Reader DC - Français (HKLM-x32\...\{AC76BA86-7AD7-1036-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated) Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated) Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - ) AVI ReComp 1.5.6 (HKLM-x32\...\AVI ReComp) (Version: 1.5.6 - Mateusz Gola (aka Prozac)) AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd) Dell System Detect (HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\9204f5692a8faf3b) (Version: 5.9.0.5 - Dell) Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.1.0 - Synaptics Incorporated) DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.30.223.99 - Dell Inc.) FileZilla Client 3.27.1 (HKLM-x32\...\FileZilla Client) (Version: 3.27.1 - Tim Kosse) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.8.251 - Intel Corporation) Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) LibreOffice 4.2.5.2 (HKLM-x32\...\{93AD8CBD-C32E-4318-90BB-A294BE2D712C}) (Version: 4.2.5.2 - The Document Foundation) Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 55.0.3 (x64 fr) (HKLM\...\Mozilla Firefox 55.0.3 (x64 fr)) (Version: 55.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) Mp3tag v2.61d (HKLM-x32\...\Mp3tag) (Version: v2.61d - Florian Heidenreich) MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team) OpenOffice 4.1.1 (HKLM-x32\...\{121727D5-FDF3-4723-BA57-EB383440ED72}) (Version: 4.11.9775 - Apache Software Foundation) Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.15.018 - Dell Inc.) Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.61.612.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6788 - Realtek Semiconductor Corp.) Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation) Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.) SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1236 - SUPERAntiSpyware.com) Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb) WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.4700 - Broadcom Corporation) Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation) WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) VobSub 2.23 (HKLM-x32\...\VobSub) (Version: 2.23 - Gabest) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-07-15] (Florian Heidenreich) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-06-10] (Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-07-15] (Florian Heidenreich) ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2014-07-15] (Florian Heidenreich) ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-10-15] (Intel Corporation) ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] () ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2014-06-10] (Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2014-06-10] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0495E12D-FD90-4BDB-B7AA-2E66F24D626F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated) Task: {180BCAF9-5A08-4DDE-9571-50855D3BEC5C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent Task: {180BCAF9-5A08-4DDE-9571-50855D3BEC5C} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation) Task: {20B6F0F3-C640-4B35-9DCE-C9F402964757} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {20B6F0F3-C640-4B35-9DCE-C9F402964757} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation) Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION Task: {328036D0-B8D5-405A-85D9-DC2E3BD6C2BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated) Task: {3E591933-07CC-476C-96F6-A468CBA3042A} - System32\Tasks\Opera scheduled Autoupdate 1438255419 => C:\Program Files (x86)\Opera\launcher.exe Task: {4BA5F4A0-11C2-4D33-A77B-76871E2FBCE3} - System32\Tasks\Microsoft\Windows Defender\Mp Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe Task: {5449C1EC-B879-4E20-9A5D-9D67BAA0EDF0} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig Task: {5449C1EC-B879-4E20-9A5D-9D67BAA0EDF0} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent Task: {5449C1EC-B879-4E20-9A5D-9D67BAA0EDF0} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation) Task: {5C0AEEEA-C154-45BE-8499-BEA5F11BAFF6} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe Task: {6F489C2D-1E62-4912-8D0E-90EC5BE13B67} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION Task: {9863C838-AEF0-4BF9-94AD-894E10CB5EA3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd) Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION Task: {B929EC9C-9653-403C-8AC6-9BC800A4DCBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-02] (Google Inc.) Task: {C32CCDB9-DFFA-4E56-9CD2-8E1E230EF91E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION Task: {D0250F3F-6480-484F-B719-42F659AC64D5} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe Task: {DE0218D7-1753-4088-BC14-88C60AC5B7EE} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => C:\Program Files\Windows Defender\MpCmdRun.exe Task: {F0D9010B-E9A9-41C6-830C-EA449F1B6F4C} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-13] (Adobe Systems Incorporated) Task: {F6738E3C-D745-4A82-8ED2-26198F59D67D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-02] (Google Inc.) Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION Task: {FDF392C4-1856-4E14-92DE-67D0DB637920} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime Task: {FDF392C4-1856-4E14-92DE-67D0DB637920} - C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [2016-03-20] (Microsoft Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\Adrian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeadesktop.com/ ==================== Loaded Modules (Whitelisted) ============== 2017-08-14 19:05 - 2017-08-14 19:05 - 000076456 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2017-09-06 20:28 - 2017-08-25 23:33 - 001952256 ___SH () C:\Users\Adrian\AppData\Roaming\tmp546.dat 2010-07-15 07:44 - 2010-07-15 07:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2014-07-23 19:33 - 2012-10-15 23:08 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-10-19 23:00 - 2015-10-19 23:00 - 000065536 _____ () C:\Program Files\CCleaner\lang\lang-1036.dll 2017-08-25 07:05 - 2017-08-23 11:48 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libglesv2.dll 2017-08-25 07:05 - 2017-08-23 11:48 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\libegl.dll 2017-09-06 20:28 - 2016-03-18 01:33 - 000473384 _____ () c:\windows\syswow64\wtmkussrv.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\...\dell.com -> dell.com ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2017-09-06 20:28 - 000001291 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 cpm.paneladmin.pro 127.0.0.1 publisher.hmdiadmingate.xyz 127.0.0.1 distribution.hmdiadmingate.xyz 127.0.0.1 hmdicrewtracksystem.xyz 127.0.0.1 linkmate.space 127.0.0.1 space1.adminpressure.space 127.0.0.1 trackpressure.website 127.0.0.1 doctorlink.space 127.0.0.1 plugpackdownload.net 127.0.0.1 texttotalk.org 127.0.0.1 gambling577.xyz 127.0.0.1 htagdownload.space 127.0.0.1 mybcnmonetize.com 127.0.0.1 360devtraking.website 127.0.0.1 dscdn.pw 127.0.0.1 beautifllink.xyz ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-4055709356-1465872850-4113285666-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Adrian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{D7347E83-684A-4026-81AE-173630027978}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A97CB748-E233-49E2-B0E2-F527D248372F}] => (Allow) C:\Users\Adrian\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{228A0AE0-6F13-4860-BBE1-D19466BE7488}] => (Allow) LPort=58172 FirewallRules: [{60563056-DE5F-42E4-BEAF-494DB490BD91}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{12716EE3-E24D-4FC7-9F52-A63006D7DAC6}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe FirewallRules: [{DCD7F423-87CE-4174-9CFC-455EC4371EA5}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\Streaming Video Recorder.exe FirewallRules: [{1A655AF1-66A6-461D-AEA9-EF49B2ADEC5E}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll FirewallRules: [{F2A95EA8-79AA-44B6-9464-1E79E9179E82}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftSrv.dll FirewallRules: [{19DD00E4-DC50-4723-A55D-FCC4B5C2EA03}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll FirewallRules: [{45D9A44F-40E6-46F3-A2CB-006605A87D68}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDump.dll FirewallRules: [{B632795C-79D5-4851-B034-EB97624CE22F}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll FirewallRules: [{893A49B1-97CC-4D49-B60A-EC2D612FDE9B}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftAC.dll FirewallRules: [{F5B6FBD4-692A-4B53-A64B-8958C6DF64C8}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll FirewallRules: [{367F45C6-9E2A-4052-91B7-870A3EB51EBB}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftPlayer.dll FirewallRules: [{FF46CAFD-7600-44CC-9639-0EF9531625D2}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll FirewallRules: [{7E9359AF-9B8C-4520-93D5-CC06F4E29DA4}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftDownloaderHelp.dll FirewallRules: [{44E978EA-EC2D-4AD4-B952-56ACF2E4C22A}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll FirewallRules: [{A58D3AC1-AF2E-49F2-BB13-16628C379895}] => (Allow) C:\Program Files (x86)\Apowersoft\Streaming Video Recorder\ApowersoftHDSDump.dll FirewallRules: [{F8F2467E-3599-45EF-9942-BEC23B48F4AE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{32181F2F-C378-4A70-97A6-CCB5C4C79D5A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5356D667-A010-40FD-ACCE-9FED6E3D5173}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe FirewallRules: [{E088059E-7B8D-47B3-92FC-0FACDB2C1108}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe FirewallRules: [{51B1EA8D-266B-4E78-93BE-A065B015AA79}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{27AC024D-8257-4F74-8AE8-402D132D18C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{F590F87B-B4AC-4C88-8455-F75063291C34}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Restore Points ========================= 06-08-2017 19:09:10 Removed Windows Movie Maker 2.6 28-08-2017 16:10:15 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 28-08-2017 16:14:21 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 28-08-2017 16:15:01 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 ==================== Faulty Device Manager Devices ============= Name: LanmaMaster Description: LanmaMaster Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: LanmaMaster Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Dell Wireless 1704 Bluetooth v4.0+HS Description: Dell Wireless 1704 Bluetooth v4.0+HS Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Broadcom Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: USB2.0-CRW Description: USB2.0-CRW Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (08/30/2017 07:46:22 AM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (1428) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V010000A.log. Error: (08/29/2017 03:12:26 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-4055709356-1465872850-4113285666-1000}/">. Error: (08/29/2017 03:08:29 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-4055709356-1465872850-4113285666-1000}/">. Error: (08/28/2017 06:44:40 AM) (Source: ESENT) (EventID: 455) (User: ) Description: DllHost (3784) WebCacheLocal: Error -1811 occurred while opening logfile C:\Users\Adrian\AppData\Local\Microsoft\Windows\WebCache\V010002C.log. Error: (08/27/2017 06:17:33 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-4055709356-1465872850-4113285666-1000}/">. Error: (06/03/2017 11:00:27 AM) (Source: Wininit) (EventID: 1015) (User: ) Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code c0000005. The machine must now be restarted. Error: (06/02/2017 03:59:32 PM) (Source: Windows Search Service) (EventID: 1019) (User: ) Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-4055709356-1465872850-4113285666-1000}/">. Error: (06/02/2017 03:57:46 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/02/2017 03:57:46 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialized. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (06/02/2017 03:57:46 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) System errors: ============= Error: (09/13/2017 08:16:23 PM) (Source: SCardSvr) (EventID: 602) (User: ) Description: WDM Reader driver initialization cannot open reader device: The system cannot find the path specified. Error: (09/13/2017 08:16:23 PM) (Source: SCardSvr) (EventID: 602) (User: ) Description: WDM Reader driver initialization cannot open reader device: The system cannot find the path specified. Error: (09/13/2017 09:07:09 AM) (Source: SCardSvr) (EventID: 602) (User: ) Description: WDM Reader driver initialization cannot open reader device: The system cannot find the path specified. Error: (09/13/2017 09:07:09 AM) (Source: SCardSvr) (EventID: 602) (User: ) Description: WDM Reader driver initialization cannot open reader device: The system cannot find the path specified. Error: (09/12/2017 02:52:15 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} did not register with DCOM within the required timeout. Error: (09/12/2017 02:30:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (60000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error: (09/12/2017 11:01:39 AM) (Source: Ntfs) (EventID: 137) (User: ) Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code. Error: (09/11/2017 01:08:03 PM) (Source: Ntfs) (EventID: 137) (User: ) Description: The default transaction resource manager on volume E: encountered a non-retryable error and could not start. The data contains the error code. Error: (09/11/2017 01:06:59 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. Error: (09/11/2017 01:06:59 PM) (Source: Disk) (EventID: 11) (User: ) Description: The driver detected a controller error on \Device\Harddisk1\DR1. ==================== Memory info =========================== Processor: Intel(R) Pentium(R) CPU 2127U @ 1.90GHz Percentage of memory in use: 69% Total physical RAM: 3983.36 MB Available physical RAM: 1231.93 MB Total Virtual: 9981.54 MB Available Virtual: 7372.82 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.66 GB) (Free:20.63 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7A5EBAFA) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================