Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01 Ran by MNO (2016-04-10 12:30:39) Running from C:\Users\MNO\Downloads Windows 10 Pro Version 1511 (X64) (2015-11-26 10:53:53) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2012643852-3025939997-1499587798-500 - Administrator - Disabled) ASPNET (S-1-5-21-2012643852-3025939997-1499587798-1004 - Limited - Enabled) DefaultAccount (S-1-5-21-2012643852-3025939997-1499587798-503 - Limited - Disabled) Guest (S-1-5-21-2012643852-3025939997-1499587798-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2012643852-3025939997-1499587798-1002 - Limited - Enabled) MNO (S-1-5-21-2012643852-3025939997-1499587798-1000 - Administrator - Enabled) => C:\Users\MNO ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Acrobat Reader DC - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated) Advanced Calendar 2.0.0.11189 (HKLM\...\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}) (Version: 2.0.0.11189 - MEIXIAN XIE) <==== ATTENTION Age of Empires III - Complete Collection (HKLM-x32\...\Age of Empires III - Complete Collection_Origami_is1) (Version: 1.0 - R.G. Origami, Seraph1) Akamai NetSession Interface (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{261ED3C4-356F-4810-80B9-EDD0992ED5AA}) (Version: 20.3.44.03963 - Alcor Micro Corp.) Alcor Micro USB Card Reader Driver (x32 Version: 20.3.44.03963 - Alcor Micro Corp.) Hidden AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk) Autodesk 3ds Max 2016 (Version: 18.0.873.0 - Autodesk) Hidden Autodesk 3ds Max 2016 Populate Data (HKLM\...\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk) Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk) Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 4.0.69.0 - Autodesk) Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk) Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk) Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk) Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk) Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk) Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk) Autodesk Revit Interoperability for 3ds Max (HKLM\...\Autodesk Revit Interoperability for 3ds Max ) (Version: 16.0.394.0 - Autodesk) Autodesk Revit Interoperability for 3ds Max (Version: 16.0.394.0 - Autodesk) Hidden AVG 2016 (Version: 16.0.4477 - AVG Technologies) Hidden Bastion (HKLM-x32\...\1423058311_is1) (Version: 2.0.0.6 - GOG.com) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios) Bleed (HKLM-x32\...\Steam App 239800) (Version: - Ian Campbell) Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ATTENTION BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team) ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 2.1.1.6 - Byte Technologies LLC) Castlevania - Lords of Shadow 2 (HKLM-x32\...\Castlevania - Lords of Shadow 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Catalyst Control Center Next Localization BR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) Cockatrice (HKLM-x32\...\Cockatrice) (Version: - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Crysis (HKLM-x32\...\Steam App 17300) (Version: - Crytek) Darkest Dungeon (HKLM-x32\...\1450711444_is1) (Version: 2.0.0.2 - GOG.com) Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version: - Eidos Montreal) Devil May Cry 3: Special Edition (HKLM-x32\...\Steam App 6550) (Version: - CAPCOM Co., Ltd.) Devil May Cry 4 Special Edition (HKLM-x32\...\Devil May Cry 4 Special Edition_is1) (Version: - ) Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.0.0.3 - GOG.com) Dll-Files Fixer (HKLM-x32\...\Dll-Files Fixer_is1) (Version: 1.0 - Dll-Files.com) DmC Devil May Cry (HKLM-x32\...\Steam App 220440) (Version: - Ninja Theory) DNS Unlocker (HKLM-x32\...\DNSUnlocker.ns) (Version: - ) <==== ATTENTION DRAGON BALL XENOVERSE (HKLM-x32\...\Steam App 323470) (Version: - DIMPS) f.lux (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\Flux) (Version: - ) Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.57 - Google Inc.) Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden groover (HKLM-x32\...\{5C4B78A2-4DA1-4ECF-93A8-576D74D47A25}) (Version: 2.0.0.477 - groover) groover (HKLM-x32\...\{6F6637BB-0AF6-44D5-822B-E92E3CA91B36}) (Version: 2.0.0.477 - groover) Hola™ 1.11.723 - Better Internet (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\Hola) (Version: 1.11.723 - Hola Networks Ltd.) Hostify version 1.1 (HKLM-x32\...\Hostify_is1) (Version: 1.1 - Wizzlabs) Instalação do DivX (HKLM-x32\...\DivX Setup) (Version: 2.8.0.18 - DivX, LLC) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1173 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.6.1000 - Intel Corporation) Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation) IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan) Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation) Java SE Development Kit 8 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation) Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche Studios) KokoMoss version 1.1 (HKLM-x32\...\KokoMoss_is1) (Version: 1.1 - aze) Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Magic Duels (HKLM-x32\...\Steam App 316010) (Version: - Stainless Games Ltd.) Mass Effect (HKLM-x32\...\Steam App 17460) (Version: - BioWare) Max Payne 3 (HKLM-x32\...\Max Payne 3_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft) Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.6.140.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MixVideoPlayer (HKLM-x32\...\MixVideoPlayer) (Version: v1.0.0.25 - SoftForce LLC) <==== ATTENTION MobilePCStarterKit 000.005030286 (HKLM-x32\...\mpck_en_005030286_is1) (Version: - MOBILEPCSTARTERKIT) <==== ATTENTION MobilePCStarterKit Maintenance 000.238 (HKLM-x32\...\rec_en_238_is1) (Version: - MOBILEPCSTARTERKIT) <==== ATTENTION Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment) Mozilla Firefox 45.0.1 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 pt-BR)) (Version: 45.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MusicBee 2.5 (HKLM-x32\...\MusicBee) (Version: 2.5 - Steven Mayall) MyBestOffersToday 000.037050286 (HKLM-x32\...\mbot_en_037050286_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION MyStart Toolbar (HKLM-x32\...\mystarttb) (Version: 5.6.0.6 - Visicom Media Inc.) NARUTO SHIPPUDEN Ultimate Ninja STORM 4 (HKLM-x32\...\NARUTO SHIPPUDEN Ultimate Ninja STORM 4_is1) (Version: - ) NewExt (HKLM\...\{629529fb-edaf-4033-89cc-5ef7b43f021a}) (Version: 1.0 - NewExt) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.4 - Black Tree Gaming) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden PDF Slideshow 1 (HKLM-x32\...\PDF Slideshow 1) (Version: - ) Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com) Pillars of Eternity Kickstarter Item (HKLM-x32\...\Pillars of Eternity Kickstarter Item_is1) (Version: 2.0.0.1 - GOG.com) Pillars of Eternity Kickstarter Pet (HKLM-x32\...\Pillars of Eternity Kickstarter Pet_is1) (Version: 2.0.0.1 - GOG.com) Pillars of Eternity Preorder Item and Pet (HKLM-x32\...\Pillars of Eternity Preorder Item and Pet_is1) (Version: 2.0.0.1 - GOG.com) PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.9.2-r111395-release - Plays.tv, LLC) Popcorn Time (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\Popcorn Time) (Version: - Popcorn Official) PriceFountain (remove only) (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\PriceFountain) (Version: 1.2.9.6 - PBNGTBJJPYO) <==== ATTENTION PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.) Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink) Raptr (HKLM-x32\...\Raptr) (Version: 5.1.2-r111396-release - Raptr, Inc) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Resident Evil 0 HD Remaster (HKLM-x32\...\Resident Evil 0 HD Remaster_is1) (Version: - ) Resident Evil 4 1.10 (HKLM-x32\...\Resident Evil 4_is1) (Version: - ) RinoReader (HKLM-x32\...\RinoReader) (Version: 0.1 - RinoReader) <==== ATTENTION Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games) Satellite Comma (HKLM-x32\...\SoftwareUpdater) (Version: 1.0.0.0 - Satellite Comma) <==== ATTENTION Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ATTENTION Shadow Warrior (HKLM-x32\...\Steam App 233130) (Version: - Flying Wild Hog) shopperz (HKLM-x32\...\{649DBCD1-453C-4864-8564-682C664D4CA3}) (Version: 2.0.0.480 - shopperz) <==== ATTENTION shopperz (HKLM-x32\...\{C350BFBC-E04E-4980-87F3-1555489A5D30}) (Version: 2.0.0.477 - shopperz) <==== ATTENTION Should I Remove It (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\Should I Remove It 1.0.4) (Version: 1.0.4 - Reason Software Company Inc.) Should I Remove It (x32 Version: 1.0.4 - Reason Software Company Inc.) Hidden Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.) Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.111 - Skype Technologies S.A.) SnapDo (HKLM-x32\...\{D8A55D48-6AFF-470B-B870-70C0F49C0FD1}) (Version: 1.0.0.0 - Resoft) <==== ATTENTION South Park - The Stick of Truth (HKLM-x32\...\South Park - The Stick of Truth_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Split Second (HKLM-x32\...\Split Second_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Styx: Master of Shadows (HKLM-x32\...\Steam App 242640) (Version: - Cyanide Studio) SUPERHOT (HKLM-x32\...\1456141688_is1) (Version: 2.0.0.4 - GOG.com) Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.) The Desktop Weather 2.0.0.11150 (HKLM\...\WeatherTool) (Version: 2.0.0.11150 - Baidu Japan Inc.) <==== ATTENTION The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) The Legend of Heroes - Trails in the Sky (HKLM-x32\...\1207665083_is1) (Version: 2.0.0.2 - GOG.com) The Legend of Heroes - Trails in the Sky Second Chapter (HKLM-x32\...\1444826419_is1) (Version: 2.0.0.1 - GOG.com) The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version: - Telltale Games) TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{1B21D8CD-4C62-40D4-AEA5-CBFA3DCCBC97}) (Version: 1.16.2.0 - Texas Instruments Inc.) TI USB3 Host Driver (x32 Version: 1.16.2.0 - Texas Instruments Inc.) Hidden TOEFL Sampler (HKLM-x32\...\{95744E49-71D1-453A-9466-6930819043C8}) (Version: 1.00.0001 - ETS) Torchlight II (c) Runic Games version 1 (HKLM-x32\...\Torchlight II (c) Runic Games_is1) (Version: 1 - ) Transformers Devastation (HKLM-x32\...\Transformers Devastation_is1) (Version: - ) TRANSFORMERS - War for Cybertron (HKLM-x32\...\TRANSFORMERS - War for Cybertron_R.G. Mechanics_is1) (Version: - R.G. Mechanics, ProZorg_tm) Unity Web Player (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS) Update for PriceFountain (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\Price Fountain) (Version: - Update for PriceFountain) <==== ATTENTION Valkyria Chronicles™ (HKLM-x32\...\Steam App 294860) (Version: - SEGA) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.) Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.1.0 - Azureus Software, Inc.) Wajam (HKLM-x32\...\0faafc60aa2887cdad1854bd0ea51349) (Version: 1.63.1.20 (i1.0) - Wajam) <==== ATTENTION Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version: - Relic) WizzWifiHotspot version 1.0 (HKLM-x32\...\Wizzwifihotspot_is1) (Version: 1.0 - Wizzlabs) XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games) Yandex (HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\YandexBrowser) (Version: 16.4.0.6174 - YANDEX) YellowSend (HKLM-x32\...\YSPackage) (Version: - CMI Limited) yessearches Uninstall (HKLM-x32\...\Uninstall sqr1) (Version: - ) <==== ATTENTION yessearches Uninstall (HKLM-x32\...\Uninstall wak) (Version: - ) <==== ATTENTION yoursearching uninstall (HKLM-x32\...\yoursearching uninstall) (Version: - yoursearching) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2012643852-3025939997-1499587798-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\MNO\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {01C37A23-94A4-4E95-9EB8-17ED5873BBDE} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {04C93015-9A04-47B3-B79F-1DD9831B4CA2} - \Обновление Браузера Яндекс -> No File <==== ATTENTION Task: {095FCBB8-D949-438A-81B5-5E5927CB2367} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {0AED02AD-2406-45E7-8024-F83824C05388} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {0C7B86C6-B00D-486A-B272-2AD7E67CD4CD} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {0E806B71-6E7E-4318-A0BD-8A2F61B61729} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK Task: {121A6792-9637-4E06-AC2C-10CC95E9BED2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation) Task: {1FDF0B46-3A06-420D-9451-394B0647275A} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation) Task: {20D9F65A-3F66-48C2-9C68-1E0E46F74CC8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-16] (Google Inc.) Task: {26C66524-F2CE-4B0B-B445-9378D99AD407} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {2BC9FB33-AEF1-4192-AB4B-35ED0A5052E0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {2C5C9B80-1C4C-4D86-9CC3-98ED1F9F54FF} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {2D78BD0E-CE49-42EE-91E8-64D9B9A4D506} - System32\Tasks\DNSWILLISTON => C:\Program Files (x86)\DNS Unlocker\dnswilliston.exe <==== ATTENTION Task: {47219A68-A10A-429C-BBDB-7F00307C9AF4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {47804823-E39F-42D3-9325-D060E62972AE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {49E8DA57-59F2-4CEE-9384-FA418897F315} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {5138D719-681D-4806-BDCF-A464AF48CC4C} - System32\Tasks\ByteFence Scan => C:\Program Files\ByteFence\ByteFence.exe [2016-03-28] (Byte Technologies LLC) Task: {5566F8C9-40AE-42A2-AF61-74BB64C78F70} - System32\Tasks\Ixuawlo => C:\Program Files\Sivco\Caionjo.bat [2016-04-02] () Task: {55CF178A-C0A4-473E-B299-C2695C15C861} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {587A3359-4A6D-4715-AFB1-9B28B825DA60} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {5939BFDC-7AFE-4D18-986F-B3BE4E29B668} - System32\Tasks\ShouldIRemoveIt => C:\Program Files (x86)\Reason\Should I Remove It\ShouldIRemoveIt.exe [2015-04-07] (Reason Software Company Inc.) Task: {5B5EB500-2F4B-4D5C-9E86-2502C650D86C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {5D65224D-754D-4EDD-B116-2178B871C650} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {5E1F8407-CF6D-40AC-B134-6F4BBDECE263} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {5ED28975-EB08-4892-B0CB-0D8D90762653} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {6F3FBB24-1C46-45E3-B44B-EAF21F8AF527} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {7095AF43-E285-4B7E-B0DC-15C182D95093} - System32\Tasks\Ovamwext => C:\Program Files\Ketrarsanjyrfef\Buuafi.bat [2016-04-02] () Task: {718D77A1-47A6-4293-89D2-1EF88B9C4B2B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {76C8B25A-23BB-4A67-871B-CCFCD70917F7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {76DE9755-ECF9-4619-BE44-A6B40401A323} - System32\Tasks\osTip => C:\ProgramData\WindowsMsg\osmsg.exe [2016-03-31] () Task: {77426489-C46C-462D-A232-1A33DB94B926} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com) Task: {7A450DFD-CF5F-4293-9194-B5D693EBF839} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated) Task: {7A5659D9-62DD-4318-9650-25F4EEA48B6A} - \Actualização do Navegador Yandex -> No File <==== ATTENTION Task: {7BA62224-3D8A-49F3-97EE-716DDB3FEA78} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {7BBC4CA9-D63D-4E42-A0C7-6DCF01EA300B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {830691B5-8D07-43C9-82A0-DAFFADEDDD0F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {83929E38-44DB-4B94-A9C3-04C0073B2995} - System32\Tasks\WinTaske => C:\Program Files (x86)\WinTaske\WinTaske\WinTaske.exe Task: {8623F182-AD2A-44CE-8BCF-57EB2B398AD8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {8769EDA2-D42C-4DD0-A765-D6E36D23B897} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {88B8A4E9-F2D1-4569-986E-FBE93AC87706} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {8954BDDC-ACD9-42D5-9C63-6AB88FB99C69} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {95548F01-C07A-4776-AC1B-774336E831D3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {9AE82DFE-1EBD-4A02-8584-5DAE695B374F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation) Task: {A7E58BCF-5D90-441C-99AE-8EACDE8A874E} - System32\Tasks\Price Fountain => C:\Users\MNO\AppData\Roaming\PriceFountain\UpdateProc\UpdateTask.exe [2016-04-02] () <==== ATTENTION Task: {A87EB84A-8D0C-453E-9D1A-5700A177B7C7} - System32\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B} => C:\Program Files (x86)\baidu\update\baidujp_update.exe [2015-07-08] (Baidu) Task: {B5163EC2-B4E2-4DEF-A81A-884C85888B1F} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe [2013-07-31] (Dll-FIles.Com) Task: {B8729AB6-C7CB-47CA-8DAC-F00E97B325F8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-09-10] (Microsoft) Task: {B940CFB5-04C2-4CBF-ADFA-DC112FFC4E65} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {BE8E1CEB-2D90-4046-9412-015EF451E5EF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C028EE89-54B0-477C-9D99-621BCAAB9244} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C15F6C66-C70F-43B2-8F7D-ACA1EF720E6A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {C7411B70-4B93-4A9D-9F2D-5EA92077B410} - System32\Tasks\MixVideoPlayer Update => C:\Program Files (x86)\MixVideoPlayer\mixUpdater.exe [2015-08-06] () <==== ATTENTION Task: {C9C47B50-CC05-4E87-88CF-AE00E91D73CC} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {CAE8ED27-03C1-4500-9D78-983F0D3C20E2} - System32\Tasks\{E4928D4B-77D0-4804-B02F-F7FFE96B98F0} => pcalua.exe -a "C:\Program Files (x86)\CleanBrowser\uninstall.exe" -c /uninstall Task: {CD984629-BB50-421B-8784-24B3DFC1C427} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {D030DBA1-4A18-4047-98D0-27D3476C5AC3} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation) Task: {D442597B-794F-4E42-B290-3912D934AF15} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation) Task: {D476D633-BD71-4BBC-AE2C-361E974EFE07} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2016-03-28] (Byte Technologies LLC) Task: {D5CA8E46-7FCA-41A8-8059-6BBDDC7FBC41} - System32\Tasks\WindowedBorderlessGaming-MNO => C:\Users\MNO\AppData\Local\Temp\TEMP1_~2.ZIP\WINDOW~1.EXE [2016-02-18] (GameplayCrush) <==== ATTENTION Task: {D6751AB1-B3FE-4BFB-8E1F-B09797181B55} - \CCleanerSkipUAC -> No File <==== ATTENTION Task: {D73C6808-44B6-4C70-AE0A-8637D42C4051} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation) Task: {D8C594F2-42B7-4ACA-8F5C-79E51935CE2A} - System32\Tasks\PFExe => C:\Users\MNO\AppData\Local\PriceFountain\pricefountain.exe [2016-02-03] (PAVVXA) <==== ATTENTION Task: {E1DED6C9-2926-46EA-AEB0-89D63923665C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-16] (Google Inc.) Task: {E597FD1D-C370-4FCC-81E4-07D7759C5582} - System32\Tasks\DivXUpdate => C:\Program Files (x86)\Common Files\DivX Shared\Qt4.8\DivXUpdate.exe [2016-03-01] (DivX, LLC) Task: {EC937191-DFC2-4814-8214-53C3BBDE545C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {F5BC3EF7-4559-4300-835B-7E1BC8D88164} - System32\Tasks\{43191566-AEE1-4DA1-A526-8878D72C6781} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm\bin\addoninstaller.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\Alien Swarm" -c /register Task: {FA3CC78D-9E9D-4339-B58B-D24F4019FE11} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Actualização do Navegador Yandex .job => C:\Users\MNO\AppData\Local\Yandex\YandexBrowser\Application\browser.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\BaiduJP_Update_{8099779F-A13B-403e-B39A-65133857586B}.job => C:\Program Files (x86)\baidu\update\baidujp_update.exe Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\WINDOWS\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Обновление Браузера Яндекс .job => C:\Users\MNO\AppData\Local\Yandex\YandexBrowser\Application\browser.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\MNO\Desktop\Yandex.lnk -> C:\Users\MNO\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\MNO\Desktop\Yeabeats Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\MNO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\Users\MNO\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yandex.lnk -> C:\Users\MNO\AppData\Local\Yandex\YandexBrowser\Application\browser.exe (YANDEX LLC) -> hxxp://www.yeabests.cc/ ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\rff42i15r14e33f26o83x.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://www.yeabests.cc/ ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 04:18 - 2015-10-30 04:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-04-02 23:43 - 2016-04-02 23:43 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll 2016-04-07 18:27 - 2016-04-07 18:27 - 00174440 _____ () C:\Users\MNO\AppData\Roaming\Fekva\Fekva.exe 2016-04-02 09:35 - 2016-04-02 23:31 - 00169808 _____ () C:\Program Files\Ketrarsanjyrfef\Oogejyu.exe 2016-04-03 03:35 - 2016-04-03 03:35 - 00294912 _____ () C:\Program Files\NewExt\nssm.exe 2016-03-31 14:33 - 2016-03-31 14:33 - 02949120 _____ () C:\Program Files\0faafc60aa2887cdad1854bd0ea51349\8ca0f66e40411bdd258ea7fe9fffb763.exe 2016-04-03 00:22 - 2016-04-03 00:22 - 00284160 _____ () C:\Program Files (x86)\5F1B481C-1459650000-70E7-10DB-04476B0CAAA7\knspAED1.tmp 2016-04-03 01:58 - 2016-04-03 01:58 - 00174424 _____ () C:\Users\MNO\AppData\Roaming\Pyvficoji\Pyvficoji.exe 2016-04-07 20:33 - 2016-04-09 15:00 - 00254264 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe 2016-01-06 20:03 - 2016-01-06 20:03 - 00066872 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2016-04-07 18:27 - 2016-04-07 18:27 - 00125800 _____ () C:\Users\MNO\AppData\Roaming\ImigLaukf\Mhdioqda.exe 2016-04-02 23:32 - 2016-04-02 23:32 - 00196288 _____ () C:\Program Files (x86)\SFK\SSFK.exe 2015-12-25 05:42 - 2015-12-25 05:42 - 00141960 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarServ.exe 2016-04-03 03:35 - 2016-04-03 03:36 - 07556203 _____ () C:\Program Files\NewExt\jsinjector.exe 2016-04-09 15:00 - 2016-04-09 15:00 - 00564024 _____ () C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe 2015-12-25 05:42 - 2015-12-25 05:42 - 03934344 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\Calendar.exe 2015-12-25 05:42 - 2015-12-25 05:42 - 00148104 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\CalendarEntry.dll 2016-04-02 22:04 - 2016-04-02 22:04 - 00670552 _____ () C:\Users\MNO\AppData\Roaming\Keakfutl\Tokoghuoli.dll 2016-04-03 01:58 - 2016-04-03 01:58 - 00670552 _____ () C:\Users\MNO\AppData\Roaming\Pyvficoji\Goedgefkon.dll 2016-03-01 16:29 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-07 18:27 - 2016-04-07 18:27 - 00670568 _____ () C:\Users\MNO\AppData\Roaming\Fekva\Jeveja.dll 2016-04-02 09:34 - 2016-04-02 09:34 - 00670544 _____ () C:\Users\MNO\AppData\Roaming\Dugusiac\Fyjlobca.dll 2016-03-01 16:29 - 2016-02-23 08:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-04-02 09:35 - 2016-04-02 23:31 - 00329552 _____ () C:\Program Files\Ketrarsanjyrfef\Icosujyl64.DLL 2016-04-03 01:58 - 2016-04-03 01:58 - 00146264 _____ () C:\Users\MNO\AppData\Roaming\Pyvficoji\Goedgefkon.exe 2016-04-07 18:27 - 2016-04-07 18:27 - 00115560 _____ () C:\Users\MNO\AppData\Roaming\Fekva\Cuvcektivu.exe 2016-04-02 09:34 - 2016-04-02 09:34 - 00115536 _____ () C:\Users\MNO\AppData\Roaming\Dugusiac\Mitrogfoa.exe 2016-04-03 01:58 - 2016-04-03 01:58 - 00115544 _____ () C:\Users\MNO\AppData\Roaming\Pyvficoji\Isuslem.exe 2016-04-02 22:04 - 2016-04-02 22:04 - 00146264 _____ () C:\Users\MNO\AppData\Roaming\Keakfutl\Tokoghuoli.exe 2016-04-02 22:04 - 2016-04-02 22:04 - 00115544 _____ () C:\Users\MNO\AppData\Roaming\Keakfutl\Giiuuvv.exe 2016-01-22 11:32 - 2016-01-22 11:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-19 13:33 - 2015-12-07 01:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-01 16:29 - 2016-02-23 05:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 15:04 - 2016-01-04 22:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 15:04 - 2016-01-04 22:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-02-04 10:05 - 2016-01-16 02:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-02-04 10:05 - 2016-01-16 02:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2016-04-02 22:05 - 2016-04-02 23:21 - 00329048 _____ () C:\Program Files\Sivco\Ubukiu64.DLL 2016-04-09 14:52 - 2016-04-09 14:52 - 03954688 _____ () C:\Program Files (x86)\Hostify\idsccom_YP3.exe 2016-04-07 20:25 - 2016-04-07 20:25 - 00069632 _____ () C:\Program Files (x86)\UCBrowser\Application\UUC0789.exe 2016-04-02 22:05 - 2016-04-02 23:20 - 00407552 _____ () C:\Program Files\Sivco\Rojrigoi.exe 2016-04-02 22:05 - 2016-04-02 23:20 - 00425304 _____ () C:\Program Files\Sivco\EwyvOfai.exe 2016-03-31 14:33 - 2016-03-31 14:33 - 02949120 _____ () c:\program files\0faafc60aa2887cdad1854bd0ea51349\8ca0f66e40411bdd258ea7fe9fffb763.exe 2016-04-10 11:49 - 2016-04-10 11:49 - 12130816 _____ () c:\program files\0faafc60aa2887cdad1854bd0ea51349\ffe5881c4bbce4ea1c26a1f021f923a2\bmoffk.dll 2015-08-07 07:20 - 2015-08-07 07:20 - 00122536 _____ () C:\Program Files (x86)\MixVideoPlayer\BrowserWeb.exe 2015-08-07 07:18 - 2015-08-07 07:18 - 02719912 _____ () C:\Program Files (x86)\MixVideoPlayer\MixVideoPlayer.exe 2016-04-02 23:18 - 2016-03-31 16:28 - 02041856 _____ () C:\ProgramData\WindowsMsg\osmsg.exe 2016-04-02 09:35 - 2016-04-02 23:31 - 00232272 _____ () C:\Program Files\Ketrarsanjyrfef\Yigektom.exe 2016-04-02 09:35 - 2016-04-02 23:31 - 00425296 _____ () C:\Program Files\Ketrarsanjyrfef\EcirvWisdi.exe 2016-04-02 23:20 - 2016-04-07 21:52 - 00940394 _____ () C:\Program Files (x86)\5F1B481C-1459650000-70E7-10DB-04476B0CAAA7\vnseDD2C.tmp 2016-04-02 09:35 - 2016-04-02 23:31 - 00467280 _____ () C:\Program Files\Ketrarsanjyrfef\Asant64.exe 2016-04-02 09:35 - 2016-04-02 23:31 - 00641872 _____ () C:\Program Files\Ketrarsanjyrfef\Cogdidro64.DLL 2016-04-02 09:35 - 2016-04-02 23:31 - 00312656 _____ () C:\Program Files\Ketrarsanjyrfef\Tulwut64.DLL 2016-04-02 09:35 - 2016-04-02 23:31 - 00375808 _____ () C:\Program Files\Ketrarsanjyrfef\Ogeuz64.DLL 2016-04-02 22:04 - 2016-04-02 22:04 - 00174424 _____ () C:\Users\MNO\AppData\Roaming\Keakfutl\Keakfutl.exe 2015-10-30 04:18 - 2015-10-30 04:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll 2016-04-02 23:43 - 2016-04-02 23:43 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll 2015-05-26 17:17 - 2014-12-04 23:27 - 00055688 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll 2015-05-26 17:17 - 2014-12-04 23:27 - 00104328 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll 2015-11-24 17:48 - 2015-11-24 17:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd 2015-11-24 17:46 - 2015-11-24 17:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll 2015-11-24 17:48 - 2015-11-24 17:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd 2015-11-24 17:48 - 2015-11-24 17:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd 2015-11-24 17:43 - 2015-11-24 17:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd 2015-11-24 17:48 - 2015-11-24 17:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd 2015-11-24 17:48 - 2015-11-24 17:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd 2015-11-24 17:48 - 2015-11-24 17:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd 2015-11-24 17:43 - 2015-11-24 17:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd 2015-11-24 17:43 - 2015-11-24 17:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd 2015-11-24 17:43 - 2015-11-24 17:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd 2015-11-24 17:46 - 2015-11-24 17:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll 2015-11-24 17:48 - 2015-11-24 17:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd 2015-11-24 17:47 - 2015-11-24 17:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd 2015-12-07 17:57 - 2015-12-07 17:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd 2015-11-24 17:47 - 2015-11-24 17:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd 2015-11-24 17:47 - 2015-11-24 17:47 - 00516608 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd 2015-11-24 17:47 - 2015-11-24 17:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd 2015-11-24 17:43 - 2015-11-24 17:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd 2016-04-07 18:28 - 2016-04-07 19:59 - 00183144 _____ () C:\Users\MNO\AppData\Roaming\ImigLaukf\Ojepxy.din 2015-12-25 05:42 - 2015-12-25 05:42 - 00543368 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPTask.dll 2015-12-25 05:42 - 2015-12-25 05:42 - 00406664 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPNet.dll 2015-12-25 05:41 - 2015-12-25 05:41 - 00428680 _____ () C:\Program Files (x86)\CalendarTool\2.0.0.11189\EVPDR.dll 2016-04-03 01:58 - 2016-04-03 01:58 - 00261976 _____ () C:\Users\MNO\AppData\Roaming\Pyvficoji\Isuslem.dll 2016-04-02 09:34 - 2016-04-02 09:34 - 00261968 _____ () C:\Users\MNO\AppData\Roaming\Dugusiac\Mitrogfoa.dll 2016-04-02 22:04 - 2016-04-02 22:04 - 00261976 _____ () C:\Users\MNO\AppData\Roaming\Keakfutl\Giiuuvv.dll 2016-04-07 18:27 - 2016-04-07 18:27 - 00261992 _____ () C:\Users\MNO\AppData\Roaming\Fekva\Cuvcektivu.dll 2016-01-22 11:32 - 2016-01-22 11:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 11:32 - 2016-01-22 11:33 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2016-04-02 22:05 - 2016-04-02 23:20 - 00291672 _____ () C:\Program Files\Sivco\Ubukiu.DLL 2016-04-02 22:05 - 2016-04-02 23:20 - 00607064 _____ () C:\Program Files\Sivco\Kukuoau.DLL 2016-04-02 22:05 - 2016-04-02 23:20 - 00246616 _____ () C:\Program Files\Sivco\Itakc.DLL 2016-04-02 22:05 - 2016-04-02 23:20 - 00297472 _____ () C:\Program Files\Sivco\Okouvb.DLL 2016-04-02 22:05 - 2016-04-02 23:20 - 00199512 _____ () C:\Program Files\Sivco\Icitnu.dll 2016-04-10 11:49 - 2016-04-10 11:49 - 11940864 _____ () c:\program files\0faafc60aa2887cdad1854bd0ea51349\ffe5881c4bbce4ea1c26a1f021f923a2\kiybyw.dll 2016-04-07 20:04 - 2016-03-24 00:57 - 19397824 _____ () C:\Users\MNO\AppData\Local\Yandex\YandexBrowser\Application\49.0.2623.6174\plugins\NPSWF32_21_0_0_182.dll 2016-04-10 12:19 - 2016-04-10 12:19 - 00011264 _____ () C:\Users\MNO\AppData\Local\Temp\nszF6B.tmp\System.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\hola.org -> hxxp://hola.org ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 23:34 - 2016-04-02 23:18 - 00001268 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 systweak.com 127.0.0.1 updateservice1.systweak.com 127.0.0.1 www.systweak.com 127.0.0.1 systemspeedup.systweak.com 127.0.0.1 systweak.com/STCheckGenuineness 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\MNO\Pictures\Red_Steel_2.jpg DNS Servers: 82.163.143.177 - 82.163.142.179 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: ADSKAppManager => "C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\AdAppMgr.exe" -showminimized -checkautorun MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\MNO\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: CCleaner => "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\RAPTRS~1.EXE --startup MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" HKLM\...\StartupApproved\StartupFolder: => "WebBrowserMixVideoPlayer.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "IDSCCOM5KF" HKLM\...\StartupApproved\Run: => "IDSCCOMIQS" HKLM\...\StartupApproved\Run: => "SpaceSoundPro" HKLM\...\StartupApproved\Run: => "WINCOMF4K" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "AVG_UI" HKLM\...\StartupApproved\Run32: => "ComoBo" HKLM\...\StartupApproved\Run32: => "KokoMoss" HKLM\...\StartupApproved\Run32: => "comoBoss" HKLM\...\StartupApproved\Run32: => "DivXMediaServer" HKLM\...\StartupApproved\Run32: => "HomePageHelper" HKLM\...\StartupApproved\Run32: => "LightGate" HKLM\...\StartupApproved\Run32: => "mbot_en_037050286" HKLM\...\StartupApproved\Run32: => "mpck_en_005030286" HKLM\...\StartupApproved\Run32: => "PlaysTV" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "rec_en_238" HKLM\...\StartupApproved\Run32: => "SwitchBoard" HKLM\...\StartupApproved\Run32: => "SystemClose" HKLM\...\StartupApproved\Run32: => "WizzWifiHotspot" HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\StartupApproved\Run: => "Pritc" HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\StartupApproved\Run: => "msiql" HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\StartupApproved\Run: => "osmsg" HKU\S-1-5-21-2012643852-3025939997-1499587798-1000\...\StartupApproved\Run: => "taskhost" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{B697FCF7-58F2-4371-B91F-C896DFE53419}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Neon\bin\DoubleDragon.exe FirewallRules: [{5FFFD3FD-1424-41E5-82A6-7C848B093D4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Double Dragon Neon\bin\DoubleDragon.exe FirewallRules: [{9AF69791-89C0-4AAE-BCE3-980AF22EB291}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe FirewallRules: [{E1FCDCBC-330D-49E4-961D-C38C3C4CD863}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Valkyria Chronicles\Launcher.exe FirewallRules: [{30CD2673-6080-4C52-9065-28BBF997483B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{6C6D3CF9-CC22-41D7-88BB-8A97F432ABAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{C541829D-EB4F-48EA-87D4-225BE55BD3D3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{73332230-3832-45ED-A198-021C5F33E9ED}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{F972BAD6-F28E-488D-9DA2-A6990BC9CA1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe FirewallRules: [{32BC3BA7-3BB9-4F7F-8B45-4068A9E61123}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mass Effect\Binaries\MassEffect.exe FirewallRules: [{C74C96EC-1DFB-4EC5-BC97-F29157B671FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{AC01EBE6-4898-4E89-A4C5-1253DAD559DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [UDP Query User{71D79288-8A82-43C9-8CDD-2669ED7C22DC}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe FirewallRules: [TCP Query User{17202EF6-7E94-49DB-BE3D-9EAF1763861A}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe FirewallRules: [UDP Query User{EB951E4D-F64E-4EAF-BA61-E8598363FC42}C:\users\mno\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\mno\appdata\local\popcorn time\nw.exe FirewallRules: [TCP Query User{B1E9B9AC-206D-4FD3-9CB6-8A79980F239C}C:\users\mno\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\mno\appdata\local\popcorn time\nw.exe FirewallRules: [{3B3F59ED-F190-46DE-85EF-900149E5CCF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{1BB54726-E5C8-4E48-B8E3-4E0E47EABAF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [UDP Query User{67F61FB5-08F8-495A-86D1-6744BD02FD06}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{8DC2238C-6B00-464D-8564-D7100BD02440}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{9C3C8AB9-410D-4A8B-A0E5-84EB7E8433D0}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [TCP Query User{949B9B2E-9853-4656-BC92-CF3A29249ED7}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{03DB92E0-93B1-4B34-BF73-5CFD250425FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Styx\Binaries\Win64\StyxGame.exe FirewallRules: [{54B4BDB0-BA40-4E6F-A2B4-16AF95E6F03F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Styx\Binaries\Win64\StyxGame.exe FirewallRules: [{BD03451B-11A7-41D9-AB6C-9DE442C51BE2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{C178FDDD-BD01-46A0-8C77-8EAA32342C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{BC676CDA-EDF3-468B-BB1E-FDFCAAAD744C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe FirewallRules: [{2F5EB8EE-B7B6-44EE-A77C-1FE5988A741C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Deus Ex Human Revolution Director's Cut\DXHRDC.exe FirewallRules: [UDP Query User{586ECCC5-641E-4079-BB67-835ECAA26885}C:\users\mno\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mno\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{641B277E-6FDA-4785-8433-38BA1B1BB5C0}C:\users\mno\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mno\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{24128910-3A63-4665-9D4D-47BB20886FD4}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe FirewallRules: [TCP Query User{7F36A569-960F-42F4-9B94-5F98CD0F5FB9}C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe] => (Allow) C:\program files (x86)\r.g. mechanics\far cry 4\bin\farcry4.exe FirewallRules: [UDP Query User{CCCB07C5-2F82-4BD4-9BDC-CEB558568860}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe FirewallRules: [TCP Query User{227E5244-E177-4C19-B17C-DFB847B282BC}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe FirewallRules: [{7F6067CC-8ADC-4BEE-AA9B-E845F6F35409}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe FirewallRules: [{DC112F6E-EAE4-47DD-AC59-087F11DAA7E7}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe FirewallRules: [{AF62DEB2-59F5-4B70-8F49-FB65FF4F5E5C}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe FirewallRules: [{9AFC3E04-1340-4B78-806E-845373830FBF}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe FirewallRules: [UDP Query User{0D076972-2387-4BCE-B745-605E176DE7FB}C:\users\mno\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mno\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{D0018455-70B6-434B-B8CC-B8CBC4664F5A}C:\users\mno\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\mno\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{C56EE838-916A-4335-869B-52BA914197B1}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{3669A7A3-C44E-4E39-9199-58972764FC87}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [{862AECA8-2C42-4A37-A47A-7773F5E7FE48}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{4D21F4EB-4C0D-44D2-9063-1895A8B75739}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{E3AEABC0-E2C7-4B37-B962-C9F0C4F3A716}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{B90C5043-7813-4E61-BB9F-5DC07F50BEA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{57C3D4BE-858C-4EDC-AC2E-A6CD82FC04DD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{91336925-E924-4E80-96D9-872B5C15798E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A471D818-C2E2-43B6-B9B4-BB3033DE8607}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{87908CEA-845E-40AE-86B6-58BE6D27E254}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{622E7161-4129-4D90-9CE3-5C3CE9584AC0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{237E8F4D-2AFA-4306-B057-1122F10585C4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{6827EBC2-1665-4E6B-B89B-8CA791A48083}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe FirewallRules: [{228ED8CA-A88C-45B8-ABC3-70D87B2405E8}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{ACA33C17-B99D-4701-8B1D-EEC765921DC9}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{20907D5E-70AD-4A55-AB3C-53ACFBD23F28}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{C524B1D9-0BC9-4514-810A-12E9380D7609}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{E9E21845-DD68-418F-A2BB-927B60917923}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{D3CE32EA-8324-4746-A05C-E7B14D2DEA87}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{221AD24D-55D2-4EC3-9564-8A92FE355B4A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{E37FDEC1-E799-41EF-983E-145A1DF4D51C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{C4EE3920-4421-41EC-A8AF-3437AB58E41E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{4FAE0176-DD4E-493C-99D8-2B94F1C9290F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{01035266-58B4-4A22-BC7D-4E846C22D8CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe FirewallRules: [{A3A34105-5305-45A2-8B7B-B7623AA7C1BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warhammer 40,000 Space Marine\SpaceMarine.exe FirewallRules: [{6696D09B-A359-45DF-AC1D-CE5CCEC84776}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe FirewallRules: [{284BBA1D-4057-473F-BD35-31D827975338}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DmC Devil May Cry\Binaries\Win32\DMC-DevilMayCry.exe FirewallRules: [{6E2ABC10-311F-46D9-89BE-6E06D6B68C44}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B9A6F4CB-862D-4874-B1F0-C6FEE43A6275}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DFB4732E-5AB6-4133-BCD7-E6B2922CFA21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe FirewallRules: [{DA30F215-3996-473D-95D5-ED644CE2B521}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe FirewallRules: [TCP Query User{E2C0C500-A15C-412C-B624-52E363D0445B}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe FirewallRules: [UDP Query User{4025711C-DF8D-4541-BC33-D0101BC5A847}C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe] => (Block) C:\program files (x86)\wolfenstein the new order\wolfneworder_x64.exe FirewallRules: [{3C479C55-F354-48E7-A04A-8A32806F1369}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4772F24A-507D-495B-9887-3558DAF66AD1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{3C2B5998-4D8B-4C76-AF6D-DCDE9EA61DB4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{8CE253BE-4332-4B5C-B166-8486C65BCCAC}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{CF3D7C8D-E884-4250-9505-2BB077D7FBC6}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{C1FA5573-BC6C-419B-9B76-51B06DC7A329}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{9CEEDE1C-0CC9-41AD-88DB-3D18E115C048}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{5257C41A-C077-432B-B637-4ACE03A7A625}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{56842F2E-F6E1-4712-89BC-7E0E47B24D8C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [TCP Query User{385160BE-B70C-4802-85BF-9C436FFE7324}C:\program files (x86)\mortal kombat complete edition\mkke.exe] => (Allow) C:\program files (x86)\mortal kombat complete edition\mkke.exe FirewallRules: [UDP Query User{FF01BA61-49F0-4F82-9BE8-9D307515A973}C:\program files (x86)\mortal kombat complete edition\mkke.exe] => (Allow) C:\program files (x86)\mortal kombat complete edition\mkke.exe FirewallRules: [{26A4F112-16ED-4962-9CC2-BB7B171682D1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{9A7B53AE-ECBF-4561-BF92-3E6A838F8AE2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{E5B0C19D-7228-4FEC-BDE9-D346E103464D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{180814E2-F21C-483E-A7D1-F1AE713D1040}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{145F0C39-F158-4F87-99DB-5D8334E90BFF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{6E15DFBF-CA45-4582-89AA-36D74F913497}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{C4B4E030-E60B-4DA2-B007-2F2615C5318C}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [TCP Query User{064E8FFB-F93A-4FEE-9D2D-A03C362E69A4}C:\games\dying light\dyinglightgame.exe] => (Allow) C:\games\dying light\dyinglightgame.exe FirewallRules: [UDP Query User{C7C6169C-00E3-46B4-9777-3F31CA52CFF7}C:\games\dying light\dyinglightgame.exe] => (Allow) C:\games\dying light\dyinglightgame.exe FirewallRules: [{EF02C7A8-C83B-4F80-A781-975C87241C12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DB Xenoverse\DBXV.exe FirewallRules: [{6E356EDD-158F-4955-A6BF-D0054BC00180}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DB Xenoverse\DBXV.exe FirewallRules: [{31960B81-9483-4F82-865A-2F8B79D8A373}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{20C704DA-2B4C-41D0-AC58-7DE34CB469F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe FirewallRules: [{D2835220-DEEC-4D16-8862-18324981F332}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Wolf Among Us\TheWolfAmongUs.exe FirewallRules: [{B55A7565-FA5D-41A4-9ECE-C6D2760B1AFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bleed\Bleed.exe FirewallRules: [{BD07FE90-FAD4-4EB6-A0F4-EAB99509BF5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bleed\Bleed.exe FirewallRules: [{64FD81EE-89E6-4330-978F-EDC93CFAB8DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{67A5B418-5CFF-4E0C-9D07-ADE6D69FBCC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe FirewallRules: [{A48A3208-6911-445F-8049-999FB1215B09}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe FirewallRules: [{3BA2678E-487F-4790-9ED9-9C323DFC9A8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Besiege\Besiege.exe FirewallRules: [{127FF59A-8798-43D1-936C-C0E96ACF69ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe FirewallRules: [{E6D3C984-2C22-43BB-B66F-9D76E6F70C8F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Just Cause 2\JustCause2.exe FirewallRules: [{4AEC858E-02E2-4C83-B1D6-90067F1A5196}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe FirewallRules: [{C2CF5A34-DFA5-486C-8481-7F693F8498C2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe FirewallRules: [{47634FDE-4F7E-4F0C-BC90-60E8D899D698}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{7DE98D14-6C86-4C41-A6F1-FF8BCD4A4649}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{61CB9F05-833E-46DB-9BCF-1677D9AA057C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{DC1330F9-E871-4AE8-A530-B86821754AA2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{DCB21D93-1102-491D-803A-3D45CC8BCB62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis\Bin32\Crysis.exe FirewallRules: [{01727AB4-730E-4508-8B46-37518C8F7902}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Crysis\Bin32\Crysis.exe FirewallRules: [{A038076F-A46C-48CE-903D-88FA1AEC85D6}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{FF3AF614-B8EA-422A-B3AC-6501A54296AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{A03CE6BE-3115-4A5A-A307-C24426877FB8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{09C461B3-C859-48E1-89BF-E318D181A28B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{4CE11ECA-4B37-4B1F-8B59-A9BED53036BA}C:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe FirewallRules: [UDP Query User{AE14A623-600C-40E6-B35A-E3967A3F8C58}C:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Block) C:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe FirewallRules: [{2EF7D92D-4A72-444D-AF26-1B450D84F775}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{18403C9A-43AA-40BA-8CA2-447059705878}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{249835F2-8F94-400E-B53C-B1DDD6B72CA1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{58957E8A-8D0C-4BE8-B457-2222C770270D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{7D7DAD6C-1E81-47CD-8BF5-47DA3522DB52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{9C0D708C-6C74-4951-952F-B590C4C5824F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{74A34900-D8E5-4C76-B8A6-930DF3255E30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{6249838C-AC84-4ACF-8728-4A88B9821E56}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{B797CF42-BCC4-41ED-A4A0-E65F4D4E3325}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{E807E150-1870-43CA-873F-AD9E12F85C91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{1B6E1C97-AC62-4F72-A4EA-A95C0B8E0F6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{44A6F078-0149-410E-95EA-4E276601A99D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{6D0DE1BC-F38E-4A14-93E2-09A46D7452F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{6DB98ED4-B314-44C5-B8E9-2CEA1601EC9C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{92EF5519-D073-43A1-A245-40FA98BCCA6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [TCP Query User{852CF0C5-1A24-4479-A250-6741489C9E99}C:\program files (x86)\r.g. mechanics\dark sector\ds.exe] => (Block) C:\program files (x86)\r.g. mechanics\dark sector\ds.exe FirewallRules: [UDP Query User{0B4A2E5A-A3CF-4924-81EB-E85707690F8A}C:\program files (x86)\r.g. mechanics\dark sector\ds.exe] => (Block) C:\program files (x86)\r.g. mechanics\dark sector\ds.exe FirewallRules: [{E15085A7-9307-453B-8BE5-9184AAB3B2FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\dx11\launcher.exe FirewallRules: [{8D0F4DE6-0CE5-4FD6-A9AE-2AE86F8A1131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\dx11\launcher.exe FirewallRules: [{B2F35C57-E148-4A22-A71B-15008BAFB65B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\sw.exe FirewallRules: [{E22E3036-2131-4105-90B1-86E177DF0EAE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior\sw.exe FirewallRules: [{9E26085A-BF77-4B93-BCDB-8ED28B8DFA3B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{3204EE06-CD71-43D8-86B2-EF649790FB6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{249E3F75-A28C-4AE6-8902-E2D1561DDD0D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{8C15C851-42B8-405E-B960-188E7B262476}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{5F8959FC-137B-45DD-9C17-1EF2DCBE32BB}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [TCP Query User{47F17779-5A83-47F8-AD60-A446400A0859}C:\games\firewatch\firewatch.exe] => (Block) C:\games\firewatch\firewatch.exe FirewallRules: [UDP Query User{D6CC2B1A-A118-47C9-B697-E1F6EB809A4A}C:\games\firewatch\firewatch.exe] => (Block) C:\games\firewatch\firewatch.exe FirewallRules: [TCP Query User{6E9321D3-C166-427A-AD22-7C948A4C171B}C:\users\mno\appdata\local\hola\local\app\hola_svc.exe] => (Allow) C:\users\mno\appdata\local\hola\local\app\hola_svc.exe FirewallRules: [UDP Query User{02D8C8E0-48CB-4073-98BA-DE9307D82BD6}C:\users\mno\appdata\local\hola\local\app\hola_svc.exe] => (Allow) C:\users\mno\appdata\local\hola\local\app\hola_svc.exe FirewallRules: [TCP Query User{2B6DBB53-A026-4087-9C12-6345BD3428EC}C:\program files (x86)\r.g. mechanics\transformers - war for cybertron\binaries\twfc.exe] => (Block) C:\program files (x86)\r.g. mechanics\transformers - war for cybertron\binaries\twfc.exe FirewallRules: [UDP Query User{2014DA53-8EC9-4D22-81A7-E961E103A210}C:\program files (x86)\r.g. mechanics\transformers - war for cybertron\binaries\twfc.exe] => (Block) C:\program files (x86)\r.g. mechanics\transformers - war for cybertron\binaries\twfc.exe FirewallRules: [{BEBB076C-89A0-4FD8-BAB0-9A952FC716A2}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [TCP Query User{03504300-7A46-4DF7-BBE3-C7D750995929}C:\program files (x86)\cockatrice\servatrice.exe] => (Allow) C:\program files (x86)\cockatrice\servatrice.exe FirewallRules: [UDP Query User{F1575A9A-EED9-477E-A2D2-F0946A88E9BB}C:\program files (x86)\cockatrice\servatrice.exe] => (Allow) C:\program files (x86)\cockatrice\servatrice.exe FirewallRules: [TCP Query User{C303983D-2C48-4638-9927-51B8A74812BD}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe FirewallRules: [UDP Query User{6C18B507-4BEC-41D2-8CDE-03D1896B046B}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe FirewallRules: [{D017C059-7197-46E4-9BD3-4C7CC7A5A910}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devil May Cry 3\dmc3se.exe FirewallRules: [{560EEC26-2BAD-438B-B9B7-E6896EE39A3E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devil May Cry 3\dmc3se.exe FirewallRules: [{D274FB75-6E34-44F8-A36F-B44078E9C66E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devil May Cry 3\GPadCfg.exe FirewallRules: [{18E6683F-E7EC-4D98-92F3-8B15D46B9E69}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Devil May Cry 3\GPadCfg.exe FirewallRules: [{6BF8CD68-46C1-4DA5-B0FA-2858B298D95D}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [TCP Query User{BF229C94-C8E4-4154-9CA4-F6FD9E9A4FC0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{D63281A5-1A8B-457E-8143-583C237FFDE9}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{8AA6FE85-2043-424B-8F5E-5EE241C7E4BE}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4DEF5486-FD94-4BB3-9CCC-0C2E13447952}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe FirewallRules: [{3565863A-7F91-4D63-8282-5276A11D57C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe FirewallRules: [{BC000103-BEA4-4E95-808A-2AE03534D0EC}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{9828FB1D-C7BC-4E26-8F71-BA0422C2DD9D}] => (Allow) C:\Program Files\Vuze\Azureus.exe FirewallRules: [{1AF665CB-0495-4C6A-BC86-F1A18B6275F4}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{7409F383-694F-4357-AAD0-DF01B4DA37DF}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{67D67236-1042-478F-8391-D95BAE411CC3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{4E36C6B4-96E5-48D8-9316-0FE6B432C54F}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{7CBD0A6A-FFCA-4D33-A8E9-E70240E8DE68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{204B70E2-EFA0-4703-9F61-E1B62874219E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [TCP Query User{1886DD90-1D8B-4306-AC75-B1E446DC201A}C:\program files (x86)\r.g. mechanics\max payne 3\maxpayne3.exe] => (Block) C:\program files (x86)\r.g. mechanics\max payne 3\maxpayne3.exe FirewallRules: [UDP Query User{5BAF3CAA-DF53-42B5-BE1E-BF09611DA808}C:\program files (x86)\r.g. mechanics\max payne 3\maxpayne3.exe] => (Block) C:\program files (x86)\r.g. mechanics\max payne 3\maxpayne3.exe FirewallRules: [{2E7AFC78-3950-429F-A159-2CA29FD9A4D3}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{9ACDA75B-AFEC-46F0-939F-F0B1647F03AA}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{3869CF97-2DA7-4CA4-974A-EF6EB451502D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{245C54F1-B922-4001-A71B-633FD96A7E54}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{C28562B2-5038-4DBD-8846-BFE3BC79E4FD}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{846DAE91-7334-4488-8813-67052F0047D0}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{7296AE73-443C-4842-9881-315F1C289CB7}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{F6E12DBA-7FF0-4728-8F14-616B4F83076D}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{FD4D9A47-0148-4920-8C69-0E59172E03DE}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{0B741A55-296A-4762-B99B-49C767C38614}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{A24EA569-6D98-49A9-A17F-7B21616EED4B}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{7442B783-5E69-4F35-837E-CDF3F3088AB9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{68F9A878-74B5-4CB2-9B41-9C9CDAB9E436}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{ECB0B280-B950-4A65-89B8-83FF1C197808}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{2F0D07F7-D2F9-4020-BDCE-47D0976848EA}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{49B76C91-4AD0-496B-B5CE-38477BC1E0CD}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{45115D11-9EAE-4E1D-8406-FDAECB352B3D}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{78E54ADF-60E7-4BFE-820B-5310B2A54D83}] => (Allow) C:\Users\MNO\AppData\Local\Yandex\YandexBrowser\Application\browser.exe FirewallRules: [{0AABFE1F-19A2-42F1-9895-4FB4EA218BDF}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{3E30F678-B2DD-479D-A231-75760C61915D}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{3DA09F44-BDC9-49AD-91B1-14E8C560C660}] => (Allow) C:\Program Files\NewExt\jsinjector.exe FirewallRules: [{46E6B2BD-870D-47F0-8484-34F2B3949BF4}] => (Allow) C:\Program Files\NewExt\jsinjector.exe ==================== Restore Points ========================= ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/10/2016 12:26:13 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (04/10/2016 12:26:12 PM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1". Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (04/10/2016 12:02:53 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.10586.0, time stamp: 0x5632d7ba Faulting module name: SafeGuard64.dll_unloaded, version: 2.2.0.40, time stamp: 0x5683828f Exception code: 0xc0000005 Fault offset: 0x000000000005827b Faulting process id: 0x2728 Faulting application start time: 0xsvchost.exe_DiagTrack0 Faulting application path: svchost.exe_DiagTrack1 Faulting module path: svchost.exe_DiagTrack2 Report Id: svchost.exe_DiagTrack3 Faulting package full name: svchost.exe_DiagTrack4 Faulting package-relative application ID: svchost.exe_DiagTrack5 Error: (04/10/2016 11:59:49 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.10586.0, time stamp: 0x5632d7ba Faulting module name: SafeGuard64.dll_unloaded, version: 2.2.0.40, time stamp: 0x5683828f Exception code: 0xc0000005 Fault offset: 0x000000000005827b Faulting process id: 0x1cc8 Faulting application start time: 0xsvchost.exe_DiagTrack0 Faulting application path: svchost.exe_DiagTrack1 Faulting module path: svchost.exe_DiagTrack2 Report Id: svchost.exe_DiagTrack3 Faulting package full name: svchost.exe_DiagTrack4 Faulting package-relative application ID: svchost.exe_DiagTrack5 Error: (04/10/2016 11:53:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MPCProtectService.exe, version: 3.4.9883.323, time stamp: 0x56f26c5e Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x719c221c Faulting process id: 0x2078 Faulting application start time: 0xMPCProtectService.exe0 Faulting application path: MPCProtectService.exe1 Faulting module path: MPCProtectService.exe2 Report Id: MPCProtectService.exe3 Faulting package full name: MPCProtectService.exe4 Faulting package-relative application ID: MPCProtectService.exe5 Error: (04/10/2016 11:53:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MPCProtectService.exe, version: 3.4.9883.323, time stamp: 0x56f26c5e Faulting module name: SafeGuard32.dll_unloaded, version: 2.2.0.40, time stamp: 0x568382a8 Exception code: 0xc00001a5 Fault offset: 0x001442c3 Faulting process id: 0x2078 Faulting application start time: 0xMPCProtectService.exe0 Faulting application path: MPCProtectService.exe1 Faulting module path: MPCProtectService.exe2 Report Id: MPCProtectService.exe3 Faulting package full name: MPCProtectService.exe4 Faulting package-relative application ID: MPCProtectService.exe5 Error: (04/10/2016 11:50:56 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_DiagTrack, version: 10.0.10586.0, time stamp: 0x5632d7ba Faulting module name: SafeGuard64.dll_unloaded, version: 2.2.0.40, time stamp: 0x5683828f Exception code: 0xc0000005 Fault offset: 0x000000000005827b Faulting process id: 0x7d0 Faulting application start time: 0xsvchost.exe_DiagTrack0 Faulting application path: svchost.exe_DiagTrack1 Faulting module path: svchost.exe_DiagTrack2 Report Id: svchost.exe_DiagTrack3 Faulting package full name: svchost.exe_DiagTrack4 Faulting package-relative application ID: svchost.exe_DiagTrack5 Error: (04/10/2016 11:50:50 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MPCProtectService.exe, version: 3.4.9883.323, time stamp: 0x56f26c5e Faulting module name: SafeGuard32.dll_unloaded, version: 2.2.0.40, time stamp: 0x568382a8 Exception code: 0xc00001a5 Fault offset: 0x001442c3 Faulting process id: 0x69c Faulting application start time: 0xMPCProtectService.exe0 Faulting application path: MPCProtectService.exe1 Faulting module path: MPCProtectService.exe2 Report Id: MPCProtectService.exe3 Faulting package full name: MPCProtectService.exe4 Faulting package-relative application ID: MPCProtectService.exe5 Error: (04/09/2016 03:30:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MNO-PC) Description: Activation of app Microsoft.Getstarted_8wekyb3d8bbwe!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (04/09/2016 03:27:10 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: uninstall_temp_410828.exe, version: 0.0.0.0, time stamp: 0x5667d55a Faulting module name: uninstall_temp_410828.exe, version: 0.0.0.0, time stamp: 0x5667d55a Exception code: 0x40000015 Fault offset: 0x000000000007b00e Faulting process id: 0x808 Faulting application start time: 0xuninstall_temp_410828.exe0 Faulting application path: uninstall_temp_410828.exe1 Faulting module path: uninstall_temp_410828.exe2 Report Id: uninstall_temp_410828.exe3 Faulting package full name: uninstall_temp_410828.exe4 Faulting package-relative application ID: uninstall_temp_410828.exe5 System errors: ============= Error: (04/10/2016 12:27:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The 83FDBCE7-B43A-4E83-80F9-043D5AB0119A service failed to start due to the following error: %%2 Error: (04/10/2016 12:26:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Jijbicaj service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 600 milliseconds: Restart the service. Error: (04/10/2016 12:26:22 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Jijbicaj service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 600 milliseconds: Restart the service. Error: (04/10/2016 12:26:14 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Jijbicaj service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 600 milliseconds: Restart the service. Error: (04/10/2016 12:26:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Wamlogis service failed to start due to the following error: %%2 Error: (04/10/2016 12:26:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Wamlogis service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 600 milliseconds: Restart the service. Error: (04/10/2016 12:26:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Reservation Plastic service terminated unexpectedly. It has done this 1 time(s). Error: (04/10/2016 12:26:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Cizleis service failed to start due to the following error: %%2 Error: (04/10/2016 12:26:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Cizleis service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 600 milliseconds: Restart the service. Error: (04/10/2016 12:26:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The 83FDBCE7-B43A-4E83-80F9-043D5AB0119A service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2016-04-02 23:29:11.254 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:29:11.238 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:29:11.218 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:29:11.186 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:29:10.658 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:28:58.058 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:28:58.043 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:28:58.026 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:28:57.723 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-04-02 23:28:56.817 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-2300 CPU @ 2.80GHz Percentage of memory in use: 64% Total physical RAM: 4076.32 MB Available physical RAM: 1432.49 MB Total Virtual: 8172.32 MB Available Virtual: 4096.2 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:917.03 GB) (Free:41.62 GB) NTFS Drive d: (HP_RECOVERY) (Fixed) (Total:13.94 GB) (Free:2.31 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3CF59975) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=917 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=13.9 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================