Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017
Ran by Clem (24-05-2017 14:36:32)
Running from C:\Users\Clem\Downloads
Windows 10 Home Version 1607 (X64) (2017-01-04 16:07:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2797358354-675690363-1071357138-500 - Administrator - Enabled) => C:\Users\Administrator
Clem (S-1-5-21-2797358354-675690363-1071357138-1001 - Administrator - Enabled) => C:\Users\Clem
DefaultAccount (S-1-5-21-2797358354-675690363-1071357138-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2797358354-675690363-1071357138-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2797358354-675690363-1071357138-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Applen ohjelmatuki (32-bittinen) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Applen ohjelmatuki (64-bittinen) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.14731 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dishonored 2 (HKLM\...\Steam App 403640) (Version: - Arkane Studios)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel Extreme Tuning Utility (HKLM-x32\...\{fde8aa07-3912-4bdf-ad35-ff1231bfd00d}) (Version: 6.2.0.17 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 6.2.0.17 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (x32 Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® Small Business Advantage (HKLM-x32\...\{C7A82877-2365-4A03-B23F-DFDD629B7F3A}) (Version: 4.0.44 - Intel Corporation)
iTunes (HKLM\...\{643531B8-09B1-4AEE-9FEE-8E0477957D25}) (Version: 12.6.0.95 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Mad Max (HKLM\...\Steam App 234140) (Version: - Avalanche Studios)
Max Payne 3 (HKLM\...\Steam App 204100) (Version: - Rockstar Studios)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2797358354-675690363-1071357138-500\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 fr) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 fr)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.07 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.22 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.08 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.12 - MSI)
MSI USB Speed Up (HKLM-x32\...\{79D5FA63-7003-4398-B882-C70ED18778D1}_is1) (Version: 1.0.0.10 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.05 - MSI)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.104.210.0 - Overwolf Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8034 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
Ryse: Son of Rome (HKLM\...\Steam App 302510) (Version: - Crytek)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
South Park™: The Stick of Truth™ (HKLM\...\Steam App 213670) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 30.0 - Ubisoft)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06AD29FB-B2AC-4060-832D-1783126C61AB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {1B840622-5103-4651-A737-E10EF8F0194E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {25FFEC27-6090-4AED-AEA2-75307CB66ACB} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {39A6D880-A946-4937-9E30-FFACEB724E50} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {45114245-8090-4D81-A97F-1698AA239B68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {59B389B4-7A86-4AAD-9EAB-627680D3CA7F} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {5E60F744-DF19-45B5-8C9C-F56D6DAABD89} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {70574CBD-020D-4D89-B0D6-275D292687B9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {70A78517-86B2-437B-A2B8-0FB6B7249238} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {739E2CAB-CE20-4A23-82C1-A44F50E86E20} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {935B1A1B-7C58-4530-A782-8BA48BB478CA} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-05-14] (Overwolf LTD)
Task: {987F564B-9EF2-4F97-9184-50C0DAF0D84A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {C234E4D1-871F-4C55-9519-D4B08E461E4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {D1DA25A8-38BB-46FF-9D61-24E60A29ED5B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {D941B456-0479-4665-9F47-46FA98CCE6D5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {DFA98CD2-9DCF-44EE-9199-CB3D7D5B14DA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {E6EFCF47-C527-4B50-A4A0-657F1A8F2343} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {EE324961-F755-427D-A91F-02B59AEC9525} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {FC5D4DE9-88FC-4C1C-A658-3E5C4D01F6A6} - System32\Tasks\SorarCharts => Rundll32.exe "C:\Program Files\SorarCharts\SorarCharts.dll",DXGsOtns
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 14:42 - 2016-07-16 14:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-11 12:25 - 2017-04-28 03:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-05-19 11:45 - 2015-06-01 22:26 - 02706944 _____ () C:\Program Files\SorarCharts\SorarCharts.dll
2017-01-04 19:30 - 2016-12-29 15:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 00107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 00412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-01-15 13:42 - 2017-05-03 23:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-11 12:25 - 2017-04-28 03:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2017-05-24 13:23 - 2017-05-24 13:36 - 00335872 _____ () C:\Windows\TEMP\gEB0.tmp.exe
2017-01-04 22:35 - 2016-09-07 07:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 19:30 - 2017-03-04 09:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:30 - 2017-03-04 09:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:30 - 2017-03-04 09:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:30 - 2017-03-04 09:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 12:25 - 2017-04-28 02:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 12:25 - 2017-04-28 02:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-24 13:24 - 2017-05-24 13:36 - 00475648 _____ () C:\Windows\TEMP\g307E.tmp.exe
2016-10-04 18:09 - 2016-10-04 18:09 - 00253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2017-02-13 13:52 - 2005-07-18 14:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2017-03-20 19:41 - 2017-03-20 19:40 - 02493440 _____ () D:\Origin\libGLESv2.dll
2017-01-15 13:42 - 2017-05-03 23:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-23 17:23 - 2017-03-10 03:13 - 00674592 _____ () D:\Steam\SDL2.dll
2017-01-04 20:04 - 2016-09-01 04:02 - 04969248 _____ () D:\Steam\v8.dll
2017-04-27 12:17 - 2017-04-26 02:55 - 02465056 _____ () D:\Steam\video.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2017-01-04 20:04 - 2016-09-01 04:02 - 01563936 _____ () D:\Steam\icui18n.dll
2017-01-04 20:04 - 2016-09-01 04:02 - 01195296 _____ () D:\Steam\icuuc.dll
2017-04-27 12:17 - 2017-04-26 02:55 - 00848672 _____ () D:\Steam\bin\chromehtml.DLL
2017-01-04 20:04 - 2016-07-05 01:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2017-03-10 13:12 - 2017-01-31 00:41 - 68875552 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2017-04-27 12:17 - 2017-04-26 02:55 - 00383776 _____ () D:\Steam\steam.dll
2016-10-20 02:28 - 2016-10-20 02:28 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 14:47 - 2016-07-16 14:45 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2797358354-675690363-1071357138-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Clem\Downloads\cork_oak_trees_along_road-wallpaper-1920x1200.jpg
HKU\S-1-5-21-2797358354-675690363-1071357138-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 172.20.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "USB_Speed_Up"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{30F5E106-957D-49BF-BBB2-F5EFE8705465}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{9C17D530-33A8-47C0-85F7-B2791F3A5A92}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{BA42EF8C-22C7-4BF3-836D-BA82C6DC11B2}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{99317B35-D6DE-4F82-9C1D-92BC48E37A11}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{8719F845-5506-47E0-9E18-47C2BF5FA7CA}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9997F182-99CC-4586-87F7-2591B2FA0102}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [{10A15896-B4D9-4D9D-B88E-9BAB9943315F}] => (Allow) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\Sba.exe
FirewallRules: [{068241C4-2A02-421D-8189-A1A2B3FBF3A2}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{A8BB5A83-B9B8-4624-BF80-E8E640DAECCF}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{CA69528C-C46D-4ADF-930B-49A30F4C2052}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4FCE7503-9B5E-4538-94FA-64DBEDA70DFD}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{413C563F-98D1-483E-8E01-3DD52A1F9222}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4C53E652-26F4-4A43-96B8-271028D25A4A}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B0E382BD-C525-41E3-9BA2-61C0876224C1}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{456453DF-2AC2-412B-8D49-4F8EEAF1172F}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A19C51E7-7885-4B20-9D37-D768BC8BD39C}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{D56B69B2-CC41-41D2-A104-340903B3AE14}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{DD50DB83-F22E-4833-A702-DFF026704762}] => (Allow) D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{D3184A7E-A20D-4C32-86F2-3F746FF5FEAA}] => (Allow) D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{0CCF8593-BC56-4077-B35A-6B9F13B5E42F}] => (Allow) D:\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{706B6DE1-B4D2-430B-9FC0-4E41D0486E33}] => (Allow) D:\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [TCP Query User{5333C8B7-7919-4C9F-9A96-8BD4AA9A63FA}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{29100A4A-3B1F-4CC0-9088-EEC289F5F9AD}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{2778E781-6830-47BA-8C96-497BD090B41A}] => (Allow) D:\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{0199D4CD-33DC-45ED-AC3C-48B720B2E47C}] => (Allow) D:\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{DDDCD8B4-4E82-47E0-87FE-FB5BCB21138B}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{0F901F81-FA19-4945-BB0C-35C0382C03E6}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{D77148F0-C425-426C-95CB-DE8A3430DC96}] => (Allow) D:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{4CED32FD-FF9A-461D-844F-3506BDE9FBC6}] => (Allow) D:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [TCP Query User{73F53A7B-AC60-4FA7-98CF-BE884BF06023}D:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{EEC74BC9-6DC8-4799-BAB5-F98B26EA3AF7}D:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{7E34422D-89A7-40D9-A1BE-4B04E6F90541}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F6698E9E-6F6F-4134-85D0-C6B1CB0F0625}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5F4E971F-BDCB-49E2-BB64-EEB4792A22E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F8A8F51B-9CC2-4EF8-9D5F-3F08005B81B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{636C77A4-0F17-4660-9A03-6E3B41B212A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{624BC44B-39CC-4A9B-A873-47BC736101F8}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{60A6B9E5-BFF5-4268-A959-6D40535C240F}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe
FirewallRules: [{981ECD8E-0B58-4E57-8183-DA14C96E8D5A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6CCF43DA-17BC-4D01-A401-F83E439FFAB9}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F5517ABC-EEC9-4C3A-8D46-30A03363A985}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6B99019B-1E3A-4EE3-98AD-54FA1D098638}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{4E627FD0-C9CD-4E81-A788-3CF261AAB578}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{C97552AC-4BD1-4674-B411-DF5813225430}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{55596054-5247-410D-9F06-FEF19D013B65}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{CD19B57A-DC76-46C9-8CA0-673D76C59C51}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{146263A3-393E-450D-B1A0-ECAEFCB5F40F}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{327A58D0-F630-4E9B-95CC-33039998A380}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [TCP Query User{52D7E126-BAF5-41B1-8FBE-C1F1398DF897}D:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [UDP Query User{9377DC2E-A36F-4060-98F0-6FB9FFE39966}D:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [{4668D0FC-4E72-4FC7-8C3A-66536E160DA3}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe
FirewallRules: [{8581CE2F-1952-4231-BAA7-465AD315BFA8}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe
FirewallRules: [{D4904CBF-7D6D-49A6-9A1E-AD4EB909C5CB}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe
FirewallRules: [{921E1BC9-058D-4104-A6C1-7975C54D0537}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe
FirewallRules: [{1BBB3A6A-F7A1-4342-9967-EFD89EE4041E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6843E90C-BD1E-4AD9-91C4-0A0E3FC825B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{99757395-7767-4DD9-9DB6-3C0078C1F913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0D544655-4A1E-42AB-9B8A-3DF145CBA027}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{46A49568-FCDD-4018-96F1-6D8D651CA676}D:\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) D:\ubisoft game launcher\games\forhonor\forhonor.exe
FirewallRules: [UDP Query User{699089D2-FFC8-4960-B104-A16314F73E52}D:\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) D:\ubisoft game launcher\games\forhonor\forhonor.exe
FirewallRules: [{6AA91ED0-0F3A-4471-BE0B-8B66EDA89677}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{97B308F7-7D41-4BA3-BEBF-58581243C971}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{0B62D7A1-48FC-44F4-821C-45564EDDEFFE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{563F632A-C41A-4D4C-909F-FF631CBAE9CB}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{CEB13741-93C0-4C16-A094-4627CC008BDF}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [TCP Query User{58D40597-2142-4079-997A-8633EACEDAB8}D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7D0A13B1-3B2F-4EA5-AB81-A14534B96C1D}D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [{3F037BD8-5F09-4951-AB8D-F0E02354AB04}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BAD2FEB6-F042-4CA1-9EFF-BA109BAF1E65}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{FE2BADCC-0DE6-4C1E-9332-45BC8D5BC32C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A4A4F70-D9BF-4CA8-9E22-9CFBDDE5E755}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{23A29960-EC1A-486A-8AD2-1EBB403F9233}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{BA0A084D-7A43-4B82-899B-2169B80ADDA6}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/24/2017 01:37:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-M9SLN4S)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/24/2017 01:30:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-M9SLN4S)
Description: Activation of app Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppX9zvsr9qeth9e9a03yr0g7rpdrcrwgn5r.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/24/2017 12:56:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40943907
Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40943907
Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/23/2017 09:29:29 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
Error: (05/23/2017 04:32:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\Windows\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (05/23/2017 04:32:25 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (05/23/2017 04:32:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
System errors:
=============
Error: (05/24/2017 01:38:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:37:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel(R) Online Connect Helper service.
Error: (05/24/2017 01:36:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:36:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel(R) Online Connect Helper service.
Error: (05/24/2017 01:36:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:36:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13.22.32 on 24.5.2017 was unexpected.
Error: (05/24/2017 01:34:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:31:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:30:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:29:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2017-05-08 11:57:06.900
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:57:06.892
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:55:34.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:55:17.947
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:55:17.885
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:55:17.663
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 26%
Total physical RAM: 8138.69 MB
Available physical RAM: 5965.64 MB
Total Virtual: 14282.69 MB
Available Virtual: 11611.16 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
Drive c: () (Fixed) (Total:111.24 GB) (Free:71.64 GB) NTFS
Drive d: (WD) (Fixed) (Total:931.51 GB) (Free:549.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6E17AF57)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Clem (24-05-2017 14:36:32)
Running from C:\Users\Clem\Downloads
Windows 10 Home Version 1607 (X64) (2017-01-04 16:07:04)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2797358354-675690363-1071357138-500 - Administrator - Enabled) => C:\Users\Administrator
Clem (S-1-5-21-2797358354-675690363-1071357138-1001 - Administrator - Enabled) => C:\Users\Clem
DefaultAccount (S-1-5-21-2797358354-675690363-1071357138-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-2797358354-675690363-1071357138-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-2797358354-675690363-1071357138-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Ansel (Version: 376.33 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Applen ohjelmatuki (32-bittinen) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)
Applen ohjelmatuki (64-bittinen) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.14731 - Electronic Arts)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Dishonored 2 (HKLM\...\Steam App 403640) (Version: - Arkane Studios)
ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Intel Extreme Tuning Utility (HKLM-x32\...\{fde8aa07-3912-4bdf-ad35-ff1231bfd00d}) (Version: 6.2.0.17 - Intel Corporation)
Intel Extreme Tuning Utility (x32 Version: 6.2.0.17 - Intel Corporation) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (x32 Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel® Small Business Advantage (HKLM-x32\...\{C7A82877-2365-4A03-B23F-DFDD629B7F3A}) (Version: 4.0.44 - Intel Corporation)
iTunes (HKLM\...\{643531B8-09B1-4AEE-9FEE-8E0477957D25}) (Version: 12.6.0.95 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Mad Max (HKLM\...\Steam App 234140) (Version: - Avalanche Studios)
Max Payne 3 (HKLM\...\Steam App 204100) (Version: - Rockstar Studios)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft OneDrive (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2797358354-675690363-1071357138-500\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 53.0.3 (x86 fr) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 fr)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.07 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.22 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.08 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.12 - MSI)
MSI USB Speed Up (HKLM-x32\...\{79D5FA63-7003-4398-B882-C70ED18778D1}_is1) (Version: 1.0.0.10 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.05 - MSI)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.104.210.0 - Overwolf Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8034 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games)
Ryse: Son of Rome (HKLM\...\Steam App 302510) (Version: - Crytek)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
South Park™: The Stick of Truth™ (HKLM\...\Steam App 213670) (Version: - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios)
Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version: - Creative Assembly)
Uplay (HKLM-x32\...\Uplay) (Version: 30.0 - Ubisoft)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06AD29FB-B2AC-4060-832D-1783126C61AB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {1B840622-5103-4651-A737-E10EF8F0194E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {25FFEC27-6090-4AED-AEA2-75307CB66ACB} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {39A6D880-A946-4937-9E30-FFACEB724E50} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {45114245-8090-4D81-A97F-1698AA239B68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {59B389B4-7A86-4AAD-9EAB-627680D3CA7F} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {5E60F744-DF19-45B5-8C9C-F56D6DAABD89} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {70574CBD-020D-4D89-B0D6-275D292687B9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {70A78517-86B2-437B-A2B8-0FB6B7249238} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {739E2CAB-CE20-4A23-82C1-A44F50E86E20} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {935B1A1B-7C58-4530-A782-8BA48BB478CA} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-05-14] (Overwolf LTD)
Task: {987F564B-9EF2-4F97-9184-50C0DAF0D84A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {C234E4D1-871F-4C55-9519-D4B08E461E4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.)
Task: {D1DA25A8-38BB-46FF-9D61-24E60A29ED5B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {D941B456-0479-4665-9F47-46FA98CCE6D5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {DFA98CD2-9DCF-44EE-9199-CB3D7D5B14DA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {E6EFCF47-C527-4B50-A4A0-657F1A8F2343} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {EE324961-F755-427D-A91F-02B59AEC9525} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {FC5D4DE9-88FC-4C1C-A658-3E5C4D01F6A6} - System32\Tasks\SorarCharts => Rundll32.exe "C:\Program Files\SorarCharts\SorarCharts.dll",DXGsOtns
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 14:42 - 2016-07-16 14:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll
2017-05-11 12:25 - 2017-04-28 03:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll
2017-05-19 11:45 - 2015-06-01 22:26 - 02706944 _____ () C:\Program Files\SorarCharts\SorarCharts.dll
2017-01-04 19:30 - 2016-12-29 15:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 00107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 13:15 - 2016-10-05 13:15 - 00412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-01-15 13:42 - 2017-05-03 23:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-05-11 12:25 - 2017-04-28 03:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2017-05-24 13:23 - 2017-05-24 13:36 - 00335872 _____ () C:\Windows\TEMP\gEB0.tmp.exe
2017-01-04 22:35 - 2016-09-07 07:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 19:30 - 2017-03-04 09:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 19:30 - 2017-03-04 09:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 19:30 - 2017-03-04 09:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 19:30 - 2017-03-04 09:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-11 12:25 - 2017-04-28 02:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-11 12:25 - 2017-04-28 02:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-24 13:24 - 2017-05-24 13:36 - 00475648 _____ () C:\Windows\TEMP\g307E.tmp.exe
2016-10-04 18:09 - 2016-10-04 18:09 - 00253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2017-02-13 13:52 - 2005-07-18 14:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2017-03-20 19:41 - 2017-03-20 19:40 - 02493440 _____ () D:\Origin\libGLESv2.dll
2017-01-15 13:42 - 2017-05-03 23:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-23 17:23 - 2017-03-10 03:13 - 00674592 _____ () D:\Steam\SDL2.dll
2017-01-04 20:04 - 2016-09-01 04:02 - 04969248 _____ () D:\Steam\v8.dll
2017-04-27 12:17 - 2017-04-26 02:55 - 02465056 _____ () D:\Steam\video.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 00491008 _____ () D:\Steam\libavformat-56.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 00332800 _____ () D:\Steam\libavresample-2.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 00442880 _____ () D:\Steam\libavutil-54.dll
2017-01-04 20:04 - 2016-01-27 10:49 - 00485888 _____ () D:\Steam\libswscale-3.dll
2017-01-04 20:04 - 2016-09-01 04:02 - 01563936 _____ () D:\Steam\icui18n.dll
2017-01-04 20:04 - 2016-09-01 04:02 - 01195296 _____ () D:\Steam\icuuc.dll
2017-04-27 12:17 - 2017-04-26 02:55 - 00848672 _____ () D:\Steam\bin\chromehtml.DLL
2017-01-04 20:04 - 2016-07-05 01:17 - 00266560 _____ () D:\Steam\openvr_api.dll
2017-03-10 13:12 - 2017-01-31 00:41 - 68875552 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll
2017-04-27 12:17 - 2017-04-26 02:55 - 00383776 _____ () D:\Steam\steam.dll
2016-10-20 02:28 - 2016-10-20 02:28 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-07-16 14:47 - 2016-07-16 14:45 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2797358354-675690363-1071357138-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Clem\Downloads\cork_oak_trees_along_road-wallpaper-1920x1200.jpg
HKU\S-1-5-21-2797358354-675690363-1071357138-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 172.20.10.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Live Update"
HKLM\...\StartupApproved\Run32: => "MSIRegister"
HKLM\...\StartupApproved\Run32: => "USB_Speed_Up"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Fast Boot"
HKLM\...\StartupApproved\Run32: => "Super Charger"
HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "Overwolf"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{30F5E106-957D-49BF-BBB2-F5EFE8705465}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{9C17D530-33A8-47C0-85F7-B2791F3A5A92}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{BA42EF8C-22C7-4BF3-836D-BA82C6DC11B2}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{99317B35-D6DE-4F82-9C1D-92BC48E37A11}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{8719F845-5506-47E0-9E18-47C2BF5FA7CA}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{9997F182-99CC-4586-87F7-2591B2FA0102}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe
FirewallRules: [{10A15896-B4D9-4D9D-B88E-9BAB9943315F}] => (Allow) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\Sba.exe
FirewallRules: [{068241C4-2A02-421D-8189-A1A2B3FBF3A2}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{A8BB5A83-B9B8-4624-BF80-E8E640DAECCF}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{CA69528C-C46D-4ADF-930B-49A30F4C2052}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4FCE7503-9B5E-4538-94FA-64DBEDA70DFD}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{413C563F-98D1-483E-8E01-3DD52A1F9222}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4C53E652-26F4-4A43-96B8-271028D25A4A}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B0E382BD-C525-41E3-9BA2-61C0876224C1}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{456453DF-2AC2-412B-8D49-4F8EEAF1172F}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A19C51E7-7885-4B20-9D37-D768BC8BD39C}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{D56B69B2-CC41-41D2-A104-340903B3AE14}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{DD50DB83-F22E-4833-A702-DFF026704762}] => (Allow) D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{D3184A7E-A20D-4C32-86F2-3F746FF5FEAA}] => (Allow) D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{0CCF8593-BC56-4077-B35A-6B9F13B5E42F}] => (Allow) D:\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [{706B6DE1-B4D2-430B-9FC0-4E41D0486E33}] => (Allow) D:\Steam\steamapps\common\Mad Max\MadMax.exe
FirewallRules: [TCP Query User{5333C8B7-7919-4C9F-9A96-8BD4AA9A63FA}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{29100A4A-3B1F-4CC0-9088-EEC289F5F9AD}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{2778E781-6830-47BA-8C96-497BD090B41A}] => (Allow) D:\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{0199D4CD-33DC-45ED-AC3C-48B720B2E47C}] => (Allow) D:\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe
FirewallRules: [{DDDCD8B4-4E82-47E0-87FE-FB5BCB21138B}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{0F901F81-FA19-4945-BB0C-35C0382C03E6}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{D77148F0-C425-426C-95CB-DE8A3430DC96}] => (Allow) D:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{4CED32FD-FF9A-461D-844F-3506BDE9FBC6}] => (Allow) D:\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [TCP Query User{73F53A7B-AC60-4FA7-98CF-BE884BF06023}D:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [UDP Query User{EEC74BC9-6DC8-4799-BAB5-F98B26EA3AF7}D:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steam\steamapps\common\total war warhammer\warhammer.exe
FirewallRules: [{7E34422D-89A7-40D9-A1BE-4B04E6F90541}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{F6698E9E-6F6F-4134-85D0-C6B1CB0F0625}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{5F4E971F-BDCB-49E2-BB64-EEB4792A22E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F8A8F51B-9CC2-4EF8-9D5F-3F08005B81B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{636C77A4-0F17-4660-9A03-6E3B41B212A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{624BC44B-39CC-4A9B-A873-47BC736101F8}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{60A6B9E5-BFF5-4268-A959-6D40535C240F}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe
FirewallRules: [{981ECD8E-0B58-4E57-8183-DA14C96E8D5A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6CCF43DA-17BC-4D01-A401-F83E439FFAB9}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F5517ABC-EEC9-4C3A-8D46-30A03363A985}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{6B99019B-1E3A-4EE3-98AD-54FA1D098638}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe
FirewallRules: [{4E627FD0-C9CD-4E81-A788-3CF261AAB578}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{C97552AC-4BD1-4674-B411-DF5813225430}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe
FirewallRules: [{55596054-5247-410D-9F06-FEF19D013B65}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{CD19B57A-DC76-46C9-8CA0-673D76C59C51}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{146263A3-393E-450D-B1A0-ECAEFCB5F40F}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [{327A58D0-F630-4E9B-95CC-33039998A380}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe
FirewallRules: [TCP Query User{52D7E126-BAF5-41B1-8FBE-C1F1398DF897}D:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [UDP Query User{9377DC2E-A36F-4060-98F0-6FB9FFE39966}D:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz_x64.exe
FirewallRules: [{4668D0FC-4E72-4FC7-8C3A-66536E160DA3}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe
FirewallRules: [{8581CE2F-1952-4231-BAA7-465AD315BFA8}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe
FirewallRules: [{D4904CBF-7D6D-49A6-9A1E-AD4EB909C5CB}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe
FirewallRules: [{921E1BC9-058D-4104-A6C1-7975C54D0537}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe
FirewallRules: [{1BBB3A6A-F7A1-4342-9967-EFD89EE4041E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6843E90C-BD1E-4AD9-91C4-0A0E3FC825B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{99757395-7767-4DD9-9DB6-3C0078C1F913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0D544655-4A1E-42AB-9B8A-3DF145CBA027}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{46A49568-FCDD-4018-96F1-6D8D651CA676}D:\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) D:\ubisoft game launcher\games\forhonor\forhonor.exe
FirewallRules: [UDP Query User{699089D2-FFC8-4960-B104-A16314F73E52}D:\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) D:\ubisoft game launcher\games\forhonor\forhonor.exe
FirewallRules: [{6AA91ED0-0F3A-4471-BE0B-8B66EDA89677}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{97B308F7-7D41-4BA3-BEBF-58581243C971}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe
FirewallRules: [{0B62D7A1-48FC-44F4-821C-45564EDDEFFE}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{563F632A-C41A-4D4C-909F-FF631CBAE9CB}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [{CEB13741-93C0-4C16-A094-4627CC008BDF}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe
FirewallRules: [TCP Query User{58D40597-2142-4079-997A-8633EACEDAB8}D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7D0A13B1-3B2F-4EA5-AB81-A14534B96C1D}D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe
FirewallRules: [{3F037BD8-5F09-4951-AB8D-F0E02354AB04}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{BAD2FEB6-F042-4CA1-9EFF-BA109BAF1E65}] => (Allow) C:\Windows\system32\rundll32.exe
FirewallRules: [{FE2BADCC-0DE6-4C1E-9332-45BC8D5BC32C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3A4A4F70-D9BF-4CA8-9E22-9CFBDDE5E755}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{23A29960-EC1A-486A-8AD2-1EBB403F9233}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{BA0A084D-7A43-4B82-899B-2169B80ADDA6}] => (Allow) C:\Windows\System32\rundll32.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/24/2017 01:37:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-M9SLN4S)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/24/2017 01:30:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-M9SLN4S)
Description: Activation of app Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppX9zvsr9qeth9e9a03yr0g7rpdrcrwgn5r.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (05/24/2017 12:56:56 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 40943907
Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 40943907
Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/23/2017 09:29:29 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.
Error: (05/23/2017 04:32:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "WmiApRpl" in DLL "C:\Windows\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (05/23/2017 04:32:25 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (05/23/2017 04:32:25 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
System errors:
=============
Error: (05/24/2017 01:38:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:37:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel(R) Online Connect Helper service.
Error: (05/24/2017 01:36:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:36:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel(R) Online Connect Helper service.
Error: (05/24/2017 01:36:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:36:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13.22.32 on 24.5.2017 was unexpected.
Error: (05/24/2017 01:34:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:31:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:30:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (05/24/2017 01:29:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2017-05-08 11:57:06.900
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:57:06.892
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:55:34.458
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:55:17.947
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:55:17.885
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements.
Date: 2017-05-08 11:55:17.663
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Percentage of memory in use: 26%
Total physical RAM: 8138.69 MB
Available physical RAM: 5965.64 MB
Total Virtual: 14282.69 MB
Available Virtual: 11611.16 MB
==================== Drives ================================
Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
Drive c: () (Fixed) (Total:111.24 GB) (Free:71.64 GB) NTFS
Drive d: (WD) (Fixed) (Total:931.51 GB) (Free:549.45 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6E17AF57)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================