Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by Paull (14-04-2017 18:26:12) Running from C:\Users\Paull\Desktop Windows 10 Pro Version 1607 (X64) (2016-10-02 15:02:54) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3267268650-2798118591-2097688958-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3267268650-2798118591-2097688958-503 - Limited - Disabled) Guest (S-1-5-21-3267268650-2798118591-2097688958-501 - Limited - Disabled) Paull (S-1-5-21-3267268650-2798118591-2097688958-1001 - Administrator - Enabled) => C:\Users\Paull ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated) AION Free-to-Play (HKLM\...\Steam App 261430) (Version: - NCSOFT) AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge 4D GmbH) Application Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment) Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.03 - Ubisoft) Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft) ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.3.2291 - AVAST Software) BEEP (HKLM\...\Steam App 104200) (Version: - Big Fat Alien) Beholder (HKLM\...\Steam App 475550) (Version: - Warm Lamp Games) Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.14.0 - Bethesda Softworks) Browser-Security (HKLM-x32\...\Browser-Security) (Version: 1.2.0.0 - Vondos Media GmbH) <==== ATTENTION ByteFence Anti-Malware (HKLM-x32\...\ByteFence) (Version: 2.3.0.23 - Byte Technologies LLC) <==== ATTENTION Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version: - Cheat Engine) Chivalry: Medieval Warfare (HKLM\...\Steam App 219640) (Version: - Torn Banner Studios) Chromium (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\Chromium) (Version: 51.0.2683.0 - Chromium) Cities Skylines (HKLM-x32\...\Cities Skylines_is1) (Version: - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.16.52 - Conexant) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.5.0.0221 - Disc Soft Ltd) DEFCON (HKLM\...\Steam App 1520) (Version: - Introversion Software) Discord (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) ELITE-M20 Gaming Mouse (HKLM-x32\...\{6B97CCC4-D493-442F-A9E2-EE092DCA25CE}) (Version: 1.0 - SPIRIT OF GAMER) Elsword 1.0 (HKLM-x32\...\Elsword_fr_is1) (Version: 1.0 - Gameforge4d) Empire: Total War (HKLM\...\Steam App 10500) (Version: - The Creative Assembly) Europa Universalis IV (HKLM\...\Steam App 236850) (Version: - Paradox Development Studio) Fraps (HKLM-x32\...\Fraps) (Version: - ) Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Gameforge Live 2.0.12 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.12 - Gameforge) Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden Guild Quest (HKLM\...\Steam App 547680) (Version: - Hyper Hippo Games) Hearthstone Deck Tracker (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\HearthstoneDeckTracker) (Version: 1.1.7 - HearthSim) Intel Security True Key (HKLM\...\TrueKey) (Version: 4.9.108.1 - Intel Security) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Kerbal Space Program (HKLM\...\Steam App 220200) (Version: - Squad) League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.558 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.558 - LogMeIn, Inc.) Hidden Magic Duels (HKLM\...\Steam App 316010) (Version: - Stainless Games Ltd.) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.523.1 - McAfee, Inc.) Men of War: Assault Squad (HKLM\...\Steam App 64000) (Version: - Digitalmindsoft) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mount & Blade: Warband (HKLM\...\Steam App 48700) (Version: - TaleWorlds Entertainment) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 53.0 (x64 en-US) (HKLM\...\Mozilla Firefox 53.0 (x64 en-US)) (Version: 53.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.0.6311 - Mozilla) Napoleon: Total War (HKLM\...\Steam App 34030) (Version: - The Creative Assembly) NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version: - arcai.com) NVIDIA GeForce Experience 3.5.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.5.0.70 - NVIDIA Corporation) NVIDIA Graphics Driver 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) NvNodejs (Version: 3.5.0.70 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.3 (HKLM-x32\...\{3E1679DA-5081-44AA-B4C2-BF8EE7E107E0}) (Version: 4.13.9783 - Apache Software Foundation) osu! (HKLM-x32\...\{bdff8c6e-b2a3-417e-95a0-53f538138aab}) (Version: latest - ppy Pty Ltd) ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.7.0 - ParetoLogic, Inc.) PAYDAY 2 (HKLM\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) PianoFacile - Le clavier (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\PianoFacile - Le clavier) (Version: - ) PianoFacile - Les Jeux (Membre) (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\PianoFacile - Les Jeux (Membre)) (Version: - ) Prison Architect (HKLM\...\Steam App 233450) (Version: - Introversion Software) PS4 Remote Play (HKLM-x32\...\{7D35E02C-305D-4CBE-899F-E584CF2AA679}) (Version: 2.0.0.02211 - Sony Interactive Entertainment Inc.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.3.26.13113 - Razer Inc.) Reigns (HKLM\...\Steam App 474750) (Version: - Nerial) Rising Storm/Red Orchestra 2 Multiplayer (HKLM\...\Steam App 35450) (Version: - Tripwire Interactive) RUNNING WITH RIFLES Demo (HKLM\...\Steam App 288330) (Version: - Modulaatio Games) SafeZone Stable 3.55.2393.596 (x32 Version: 3.55.2393.596 - Avast Software) Hidden SHIELD Streaming (Version: 7.1.0360 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.5.0.70 - NVIDIA Corporation) Hidden Sid Meier's Civilization V (HKLM\...\Steam App 8930) (Version: - Firaxis Games) Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.) Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Subnautica version b4075 (HKLM-x32\...\{B9508019-457A-4F84-9DA4-2EC2F944ECB3}_is1) (Version: b4075 - Trackerock.Ru) SurfEasy VPN 3.9.542 (HKLM-x32\...\SurfEasy VPN) (Version: 3.9.542 - SurfEasy Inc) Team Fortress 2 (HKLM\...\Steam App 440) (Version: - Valve) TeamSpeak 3 Client (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) The Elder Scrolls Legends (HKLM-x32\...\The Elder Scrolls Legends) (Version: - Bethesda Softworks) The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version: - Bethesda Game Studios) The Guild 2 - Renaissance (HKLM-x32\...\{THEGUILDREN-0010-2010-300520102330}_is1) (Version: - JoWooD Entertainment AG) This Is the Police (HKLM\...\Steam App 443810) (Version: - Weappy Studio) This War of Mine - The Little Ones (HKLM-x32\...\This War of Mine - The Little Ones_is1) (Version: - ) Tom Clancy's Splinter Cell (HKLM-x32\...\Uplay Install 109) (Version: - Ubisoft) Total War: ROME II - Emperor Edition (HKLM\...\Steam App 214950) (Version: - Creative Assembly) Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version: - The Creative Assembly) Uplay (HKLM-x32\...\Uplay) (Version: 21.0 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) War Thunder (HKLM\...\Steam App 236390) (Version: - Gaijin Entertainment) Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes) Wargame: European Escalation (HKLM\...\Steam App 58610) (Version: - Eugen Systems) Web Companion (HKLM-x32\...\{88525a23-39ab-458c-b8b0-47fbd9f9d21a}) (Version: 2.3.1479.2868 - Lavasoft) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) Windows Driver Package - ASUS (ATP) Mouse (06/17/2015 6.0.0.66) (HKLM\...\1EFB54678773735560B565BE7FA6F2BCC557EE21) (Version: 06/17/2015 6.0.0.66 - ASUS) Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) World of Warships (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net) World of Warships (HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814na}_is1) (Version: - Wargaming.net) Yahoo! Powered (HKLM-x32\...\winsearch) (Version: - ) <==== ATTENTION ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {005CB034-4AA0-4805-BC6F-7E5F2FE06AEB} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation) Task: {11261907-3191-4C7E-AB3E-FDEA3A336EE2} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\RunCampaignManager2 => C:\Windows\system32\UNP\UNPCampaignManager.exe [2017-04-02] (Microsoft Corporation) <==== ATTENTION Task: {1436D33C-9667-4B1D-9D89-F8D37A4B1358} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-01] (Google Inc.) Task: {148D26C1-DD91-478A-8B02-132D10D2EF3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-01] (Google Inc.) Task: {18C64546-E5FB-4DFF-AEB7-F2EAE7192887} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Unlock => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation) <==== ATTENTION Task: {2009DA9B-3798-4157-BB58-BC566F6D99DA} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-03-28] (NVIDIA Corporation) Task: {42742E19-1052-4177-813D-4C8AF119EB70} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-03-28] (NVIDIA Corporation) Task: {5CE1C152-BF67-4DDE-AA5D-450735373C96} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OutOfIdle => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation) <==== ATTENTION Task: {5D284F78-D9E5-48C0-AB72-227BC009EAA8} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Logon => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation) <==== ATTENTION Task: {5E39988C-D58F-4BEA-AF23-E8D750AFD7E4} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\Time => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation) <==== ATTENTION Task: {61988E20-C55F-4A31-BF97-C4901324E4AD} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-03-28] (NVIDIA Corporation) Task: {63CBE6FC-4CC7-4C27-AF66-3FABFD64D6F8} - System32\Tasks\{777B61E9-9131-40E2-BA5C-B823E563C90D} => C:\Users\Paull\AppData\Roaming\{BDC58~1\updater.exe [2016-08-13] () <==== ATTENTION Task: {6491E2D2-AC28-438C-B6C0-E8BD8922C775} - System32\Tasks\Yahoo! Powered firid => Wscript.exe "C:\ProgramData\{D4DA11B9-5E98-9B7F-D85E-053D421C8EF3}\mifa.txt" "687474703a2f2f7761676e672e636f6d" "433a5c50726f6772616d446174615c7b44344441313142392d354539382d394237462d443835452d3035334434323143384546337d5c6e6f6c696469" "433a5c50726f6772616d446174615c7b44344441313142392d354539382d394237462d443835 (the data entry has 78 more characters). Task: {6AECE041-F8CC-494C-9BA4-815894170C49} - System32\Tasks\Microsoft\Windows\UNP\RunCampaignManager => C:\WINDOWS\System32\UNP\UNPCampaignManager.exe [2017-04-02] (Microsoft Corporation) <==== ATTENTION Task: {736A51F4-70BF-4D3A-9CC6-7E26CB9312F0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated) Task: {7BE67CEA-E50A-42B0-B03D-EBE8BCF40053} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-03-28] (NVIDIA Corporation) Task: {AC385814-5E5B-443F-A814-89C6E7F75776} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-04-05] (AVAST Software) Task: {AF7D67EC-1AB8-4CF8-978D-2C58E4D2C1CE} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek) Task: {B62214AE-B782-4DFA-B858-7FE87EF7F1EE} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation) Task: {C61DD6DF-15B2-4F90-B3AF-8EF8C33317B8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-03-28] (NVIDIA Corporation) Task: {DA40D310-8395-4AE9-BD2D-1C1A7C0FFF9B} - System32\Tasks\Microsoft\Windows\UNP\Campaigns\{91be532c-f9f1-406a-9858-43697c6f437a}\OnIdle => C:\WINDOWS\system32\UNP\UNPUXLauncher.exe [2017-04-02] (Microsoft Corporation) <==== ATTENTION Task: {DBCE3573-92B1-4E18-97D6-A022799F8224} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Paull\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe Task: {E5D6B0CC-9666-452B-855E-29D27285320A} - System32\Tasks\SafeZone scheduled Autoupdate 1467319998 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-22] (Avast Software) Task: {F6E1E33C-C469-4AF0-A895-0A91B740468D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK Task: {FB3C6BB9-C23C-46D4-9B37-CCAC310E11FF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-04-13] (AVAST Software) Task: {FB41D30E-57B5-47E7-999F-9B90D3A6BB19} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe <==== ATTENTION Task: C:\WINDOWS\Tasks\{777B61E9-9131-40E2-BA5C-B823E563C90D}.job => C:\Users\Paull\AppData\Roaming\{BDC58~1\updater.exe <==== ATTENTION ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-04-13 01:41 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-10-02 16:27 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-06-01 00:31 - 2016-06-01 00:31 - 00187824 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2017-04-13 19:48 - 2017-03-28 05:33 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2016-12-18 16:12 - 2017-04-13 18:20 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2017-03-14 21:39 - 2017-03-14 21:39 - 01663368 _____ () C:\Program Files (x86)\SurfEasy VPN\client\SurfEasyService.exe 2017-04-13 01:41 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2017-04-05 16:48 - 2017-04-05 16:48 - 00522512 _____ () C:\Program Files\AVAST Software\Avast\x64\gaming_spy.dll 2015-08-15 02:28 - 2016-11-30 22:57 - 00401888 _____ () C:\WINDOWS\system32\igfxTray.exe 2016-10-03 02:10 - 2016-10-03 02:10 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-26 19:07 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-26 19:01 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-26 19:01 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-26 19:01 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-04-13 01:40 - 2017-03-28 07:07 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-04-13 01:40 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-04-13 01:41 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-04-10 10:24 - 2017-04-14 09:51 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-04-10 10:24 - 2017-04-14 09:51 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-04-10 10:24 - 2017-04-14 09:51 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-04-10 10:24 - 2017-04-14 09:51 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll 2017-03-14 21:40 - 2017-03-14 21:40 - 00078216 _____ () C:\Program Files (x86)\SurfEasy VPN\client\ZLIB1.dll 2017-04-13 19:48 - 2017-03-28 05:33 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-04-05 16:48 - 2017-04-05 16:48 - 00454424 _____ () C:\Program Files\AVAST Software\Avast\gaming_spy.dll 2017-04-05 16:49 - 2017-04-05 16:49 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-06-30 21:54 - 2016-06-30 21:54 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-04-05 16:50 - 2017-04-05 16:50 - 00176480 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll 2017-04-05 16:48 - 2017-04-05 16:48 - 00293936 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll 2017-04-05 16:50 - 2017-04-05 16:50 - 00653520 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2017-01-30 13:52 - 2017-01-30 13:52 - 01926632 ____R () C:\Program Files (x86)\Skype\Phone\roottools.dll 2017-04-08 17:46 - 2016-11-01 15:20 - 00057344 _____ () C:\Program Files (x86)\SPIRIT OF GAMER\ELITE-M20\lan.dll 2017-04-08 17:46 - 2014-04-16 09:19 - 00049152 _____ () C:\Program Files (x86)\SPIRIT OF GAMER\ELITE-M20\hiddriver.dll 2017-04-13 19:49 - 2017-03-21 06:27 - 02442176 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node 2017-04-13 19:49 - 2017-03-21 06:27 - 00363576 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node 2017-04-13 19:49 - 2017-03-21 06:27 - 00254008 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node 2017-04-13 19:49 - 2017-03-21 06:27 - 00385592 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node 2017-04-13 19:49 - 2017-03-21 06:27 - 00469048 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node 2017-04-13 19:49 - 2017-03-21 06:27 - 00571840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node 2017-01-11 23:59 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Paull\AppData\Local\Discord\app-0.0.297\ffmpeg.dll 2017-01-12 14:24 - 2017-01-12 14:24 - 01082880 _____ () \\?\C:\Users\Paull\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node 2017-01-12 14:24 - 2017-01-12 14:24 - 03750400 _____ () \\?\C:\Users\Paull\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll 2017-01-12 14:24 - 2017-01-12 14:24 - 00914432 _____ () \\?\C:\Users\Paull\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node 2017-01-12 14:24 - 2017-01-12 14:24 - 01127424 _____ () \\?\C:\Users\Paull\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node 2017-01-11 23:59 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Paull\AppData\Local\Discord\app-0.0.297\libglesv2.dll 2017-01-11 23:59 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Paull\AppData\Local\Discord\app-0.0.297\libegl.dll 2017-04-14 17:11 - 2017-04-14 17:11 - 00148992 _____ () \\?\C:\Users\Paull\AppData\Local\Temp\753D.tmp.node 2017-01-12 14:24 - 2017-01-12 14:24 - 02658304 _____ () \\?\C:\Users\Paull\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node 2017-01-12 14:26 - 2017-03-22 20:26 - 02665976 _____ () \\?\C:\Users\Paull\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\.DEFAULT\...\localhost -> localhost IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com IE trusted site: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\localhost -> localhost IE trusted site: HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\webcompanion.com -> hxxp://webcompanion.com ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 09:24 - 2017-04-14 14:12 - 00000867 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paull\AppData\Local\osu!\Songs\547494 Araragi Tsukihi(Iguchi Yuka) - Platinum Disco\bg.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: esifsvc => 2 MSCONFIG\Services: RzKLService => 2 HKLM\...\StartupApproved\Run32: => "Arc" HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\StartupApproved\Run: => "Chromium" HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\StartupApproved\Run: => "cacaoweb" HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\StartupApproved\Run: => "World of Warships" HKU\S-1-5-21-3267268650-2798118591-2097688958-1001\...\StartupApproved\Run: => "uTorrent" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{987B6F01-E1B0-4B69-9023-CE73E012BF99}C:\users\paull\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\paull\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{06784754-C99A-450A-B87E-742C79B44369}C:\users\paull\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\paull\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [{8A2043C3-175A-4CFC-9DE4-F572A81B76DB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{74002D69-1CC0-49B4-9C8B-1D4652F17AF4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{002205F2-6AE1-4A9D-A554-9258F3783E10}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{E89B6D49-9009-483E-8556-CDE5534BA810}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [{80A29C76-B461-4460-94F8-8CDF262EC586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [{B5BFF077-6D20-459E-9C1F-40662EBC0BB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe FirewallRules: [TCP Query User{0BE014A8-6552-4F62-B2AE-D21212E33A11}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [UDP Query User{CB543BC3-E5CA-4115-BFB2-66244EB209CF}C:\games\world_of_warships\wowslauncher.exe] => (Block) C:\games\world_of_warships\wowslauncher.exe FirewallRules: [TCP Query User{2157DD7C-7221-4B77-AC4E-E9B47EF1CE93}D:\program files (x86)\skype\phone\skype.exe] => (Block) D:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{B2F58CB5-D97A-4F6E-A06F-52B7070E4015}D:\program files (x86)\skype\phone\skype.exe] => (Block) D:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{718877BF-8A03-4AC0-92E1-A9C8DB24934F}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{9BF75C23-45E1-487B-A83E-ADF9815EFF73}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{BE0F1FCF-A0B0-47D2-924A-C7E1D28854B0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{E0C26E3B-3D3D-49B8-9ADA-6B1136BFAC0A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{575FE369-1BA9-4F33-AD1A-BF0502D55D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Defcon\Defcon.exe FirewallRules: [{5D0A6A93-5920-41CE-B5E4-8516C38B27BD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Defcon\Defcon.exe FirewallRules: [TCP Query User{D18938E9-3EEC-4054-9FF9-26C110D48BF4}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe FirewallRules: [UDP Query User{C691FC05-FCBF-4598-8F49-B37A7CE4913E}C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\chivalrymedievalwarfare\binaries\win64\cmw.exe FirewallRules: [{018FC0EF-185C-45B2-9CED-8186D8259C22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe FirewallRules: [{5B489083-1F6D-48CB-BABA-8536C7FC934F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe FirewallRules: [{341DBA98-2E54-48EB-A968-1AF85479DFA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe FirewallRules: [{FA03C768-70BA-4626-B375-07BB3B16693F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe FirewallRules: [{3600BF8E-B324-4B9B-9E68-2407A0B1BDE3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe FirewallRules: [{CA9064E4-DAED-4698-91D7-F18035F1E811}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3SP.exe FirewallRules: [{13505B55-C4EB-4819-91FF-5CC7C0D17192}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe FirewallRules: [{46806622-2172-49F0-B538-E74DDF429307}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Assassin's Creed III\AC3MP.exe FirewallRules: [{922E4880-C741-4DAD-8DB2-B76ACDE342F5}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B0DD5E91-A10D-46EA-BF7F-E108C80E49F0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{B5BAFC65-2392-4D9C-B81D-EEE63254A312}] => (Allow) C:\Users\Paull\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{72CCA31B-AF4A-4C84-8401-F9DD43031285}] => (Allow) C:\Users\Paull\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{2E2FB596-56CE-4771-900A-CCB34083D8AF}] => (Allow) C:\Users\Paull\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{96E75FF0-C21A-4BBB-B034-ED46965E8C6B}] => (Allow) C:\Users\Paull\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{44ED997A-C73C-4108-BE0B-8F901DA45D55}] => (Allow) C:\Users\Paull\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{D62D5E25-F28A-4085-8DD6-EEC580A5AC51}] => (Allow) C:\Users\Paull\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B04616A0-72AC-408C-AEAE-3E4F851C3C55}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe FirewallRules: [{F531CA68-0542-4BC9-92C5-170787D7A365}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe FirewallRules: [{1F735287-7E25-44A2-B36B-0C3D392C20D2}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{0091D5F5-EC93-46D0-AC16-18AD3CF77DC3}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe FirewallRules: [{A7C40788-69CA-4B20-B8FE-DCE0BAF5845B}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe FirewallRules: [{6B45CE89-5060-4455-B7EB-212585F8AD80}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe FirewallRules: [{5F330ADC-8E2F-4698-95DB-582208EAAC7A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe FirewallRules: [{1514230F-4D24-498C-8251-3941A94234B9}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe FirewallRules: [{B316AA66-91E6-4140-B337-818FA5069426}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{CBCAC4C4-9D22-431A-8995-1A923CE3D8C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe FirewallRules: [{B6F9C483-93D0-4BB6-A1DD-DA14B7394105}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [{BD53479B-4158-4105-B8B3-4E7FC71D6946}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe FirewallRules: [{0DF42BEE-3812-4AED-8E7A-E0C520825C53}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [{2EDB7756-C965-4836-951D-70589F1A78D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{9375EC09-39F3-45D9-B877-B4CF6B00854E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{C4DDB84A-7807-4672-A768-EDB24A37D9A0}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\FRA_fra\Elsword\data\x2.exe FirewallRules: [{05DDB3CF-0DC3-410E-A644-0607026CFA15}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\FRA_fra\Elsword\data\x2.exe FirewallRules: [{1832092C-AFE5-4DC5-B8C7-0CA08A884EF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe FirewallRules: [{337EE860-4641-4F94-914C-51E6A1E1F90F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MountBlade Warband\mb_warband.exe FirewallRules: [{609F90DA-9BB6-415E-AF6A-0FA92DB26BCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{2E2D53A9-8C14-436C-9C9B-C17476FBF3DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{61B31E93-A98B-41B3-B591-DDDC070A7514}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe FirewallRules: [{1004F662-3812-4678-94B1-B8E07804B8D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe FirewallRules: [TCP Query User{D1B95F78-F170-4C07-B236-094CF38C2999}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{D6636FD3-97A4-4AF7-967B-D13541F3BBEB}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{CE3CF934-0BC1-4E1D-B027-A61AC341B2CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe FirewallRules: [{2DF884BC-26B0-4685-B0DB-A6E22C426C98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magic Duels\MagicDuels.exe FirewallRules: [{FEE4B7AD-A0DF-43B2-9A44-F76DCE3BF6BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe FirewallRules: [{EDB62749-D9C3-4791-A05A-304C2A180014}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe FirewallRules: [{C70F123D-FED3-4545-AE8F-E293963C9398}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{DE28FBA1-2A31-4147-923D-DD0B60E20B26}] => (Allow) LPort=2869 FirewallRules: [{59DF9D76-0A7D-4150-B25C-EB5DC8775474}] => (Allow) LPort=1900 FirewallRules: [{E7E02509-5BA9-4519-B267-81B6D03BD048}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{02D2A6A3-0595-4697-A2D4-6F063A614A81}] => (Allow) LPort=1688 FirewallRules: [{A8B7B9FA-B37E-4E66-BDD1-70A6B02B1283}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{DB72AF1E-9010-42B4-B826-20F6D601C63B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{98A95170-D455-4715-B626-2F15AF8409B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{FFC2F231-D4D3-4184-9789-E5E4BA832A17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{4265D0F3-990A-4E21-A4C7-2981BA25895A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{2FEFC538-738E-4D9E-AB3D-09D91E526DF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{68D35242-58AB-4AA7-AEAF-AE9D39AC68C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{C213DC6F-C4D8-4DB6-BD43-660401A481C8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{AA12226A-2B48-474E-8516-1E0FA778B659}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{780E8112-CBD0-4664-A9F4-7313EA4BCA9A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{ADA26F7A-DFD5-43C4-9D17-C37AC0053C4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{6C93FD5B-1D41-49D0-8CE1-D8F5801ACA88}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{53D6F58E-47C4-49FE-981C-DF29F60DEB70}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{B5D181C3-21C4-4852-82B0-09BC04E88BAA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{5E523F33-684A-4028-9805-E5F50C75E8B8}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe FirewallRules: [TCP Query User{8F868007-7054-4B54-8561-8CB98EDE1178}C:\users\paull\downloads\rimworld.alpha.14 by whicraft creation\rimworldwin.exe] => (Allow) C:\users\paull\downloads\rimworld.alpha.14 by whicraft creation\rimworldwin.exe FirewallRules: [UDP Query User{64ABA7EF-58A4-4AC1-82DF-BD2F292BF65A}C:\users\paull\downloads\rimworld.alpha.14 by whicraft creation\rimworldwin.exe] => (Allow) C:\users\paull\downloads\rimworld.alpha.14 by whicraft creation\rimworldwin.exe FirewallRules: [TCP Query User{54CAC386-ADFB-4CFF-B7DF-31FAD84D5B48}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{27B4DD67-891F-42CA-BCBC-120F5DF32F84}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{FFED04D5-63BB-4061-AAE1-E9313F62E04F}C:\users\paull\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\paull\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [UDP Query User{B2E812C6-4889-4DA9-8744-930AF14F1982}C:\users\paull\appdata\roaming\cacaoweb\cacaoweb.exe] => (Block) C:\users\paull\appdata\roaming\cacaoweb\cacaoweb.exe FirewallRules: [{4C9CEF98-2F5D-41D8-ACD9-93F930283143}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe FirewallRules: [{0394CAC9-F691-420D-8242-0A9B83A03AB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reigns\Reigns.exe FirewallRules: [TCP Query User{10C2271A-3B83-48C3-950D-E9E0D295C966}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{CA30487F-518E-4296-8356-84F11FF9D807}C:\program files (x86)\hearthstone\hearthstone.exe] => (Block) C:\program files (x86)\hearthstone\hearthstone.exe FirewallRules: [{6F6842BC-1582-4C69-BB7E-9C7AD1017B35}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guild Quest\guild-quest.exe FirewallRules: [{0BC994F4-8CCB-420C-88F9-1D1564B26AA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Guild Quest\guild-quest.exe FirewallRules: [{F41A23B7-C0A6-4CB0-99F3-0DAFF188BFDE}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe FirewallRules: [{4A69E6AD-C53E-4796-99C8-CE19BB19B741}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [{0DB7D975-2D0B-496B-B558-0B4DEB603526}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe FirewallRules: [TCP Query User{7BF0938E-A704-40D0-B92B-45AF22C8EEBF}C:\program files (x86)\neverwinter_fr\neverwinter\live\gameclient.exe] => (Block) C:\program files (x86)\neverwinter_fr\neverwinter\live\gameclient.exe FirewallRules: [UDP Query User{9292DA51-89D3-46EB-8C8E-204721D3219F}C:\program files (x86)\neverwinter_fr\neverwinter\live\gameclient.exe] => (Block) C:\program files (x86)\neverwinter_fr\neverwinter\live\gameclient.exe FirewallRules: [TCP Query User{1E28FD6C-5B08-4CEC-9CEB-EE6F396DEDE2}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe FirewallRules: [UDP Query User{1ADF691E-824D-4BF8-9A73-80B9005BABD3}C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe] => (Allow) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe FirewallRules: [{AF52C805-37A6-42BD-AFFB-A1E81F613C70}] => (Block) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe FirewallRules: [{A728ED70-8803-4135-834C-BB89F8EFF2FC}] => (Block) C:\program files (x86)\surfeasy vpn\client\surfeasyvpn.exe FirewallRules: [{B75F01F5-2E16-45AF-A57E-3F66F7F41AE9}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.596\SZBrowser.exe FirewallRules: [{D79AC5BF-06C3-4344-913E-12CDFBAEFD65}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{B01A1916-B810-4A88-8C4C-5305529E9638}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe FirewallRules: [{E411345C-3A8A-4DD5-AB85-0D7A1E92081C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe FirewallRules: [{6B4E321F-2E40-4C6C-9DBC-2CFD4AD27B03}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{1336DA7B-7224-4DE3-8A29-CB5EE255F2B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{80CE9616-3A27-45EB-B732-D1DB0CBAEF37}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{FAA21A70-634B-4FF3-8BF4-E6009FB9E7BB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{3AFDB24D-FA86-444E-B841-C6B9749D69BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{6B8CB84F-90C1-40B9-A8F8-2F0E5CD96901}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{98352F01-17EB-45AE-B428-9041A5034994}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{C3A93E3D-44A9-4366-BB5C-165EC16C760E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{A20B6A08-9DA7-49E6-A871-81E61D137FB3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{DFBEDA6C-229C-4957-B728-AB2ABADAB125}C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe FirewallRules: [UDP Query User{F63A083F-1B60-43B5-B00B-036A0241E634}C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe] => (Allow) C:\program files (x86)\battle.net\battle.net.8657\battle.net.exe ==================== Restore Points ========================= 13-04-2017 23:59:28 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/14/2017 06:21:18 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program firefox.exe version 53.0.0.6311 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2960 Start Time: 01d2b5332b1eab69 Termination Time: 4294967295 Application Path: C:\Program Files\Mozilla Firefox\firefox.exe Report Id: 2cd44400-212a-11e7-ab09-acb57d31b11e Faulting package full name: Faulting package-relative application ID: Error: (04/14/2017 06:10:29 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected Error: (04/14/2017 06:05:20 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected Error: (04/14/2017 06:00:24 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {F6C29334-47DC-4397-9150-F549CF1D4861} was rejected Error: (04/14/2017 06:00:24 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {F6C29334-47DC-4397-9150-F549CF1D4861} was rejected Error: (04/14/2017 06:00:24 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {F6C29334-47DC-4397-9150-F549CF1D4861} was rejected Error: (04/14/2017 06:00:24 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {F6C29334-47DC-4397-9150-F549CF1D4861} was rejected Error: (04/14/2017 06:00:23 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {F6C29334-47DC-4397-9150-F549CF1D4861} was rejected Error: (04/14/2017 06:00:23 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {95CABCC9-BC57-4C12-B8DF-BA193232AA01} was rejected Error: (04/14/2017 05:50:19 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {2CD39202-3A2F-4935-9A86-65B919919A7F} was rejected System errors: ============= Error: (04/14/2017 06:28:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RPI8QGR) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (04/14/2017 05:29:23 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RPI8QGR) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (04/14/2017 04:43:37 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-RPI8QGR) Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout. Error: (04/14/2017 04:40:01 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/14/2017 04:39:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (04/14/2017 04:39:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the FontCache3.0.0.0 service to connect. Error: (04/14/2017 04:39:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Hamachi2Svc service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. Error: (04/14/2017 04:39:45 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Hamachi2Svc service to connect. Error: (04/14/2017 04:39:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (04/14/2017 04:39:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {6B3B8D23-FA8D-40B9-8DBD-B950333E2C52} and APPID {4839DDB7-58C2-48F5-8283-E1D1807D0D7D} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2016-12-29 11:41:19.992 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-4030U CPU @ 1.90GHz Percentage of memory in use: 73% Total physical RAM: 3978.91 MB Available physical RAM: 1051.2 MB Total Virtual: 6282.91 MB Available Virtual: 2587.63 MB ==================== Drives ================================ Drive c: (Data) (Fixed) (Total:542.03 GB) (Free:125.71 GB) NTFS Drive d: (OS) (Fixed) (Total:372.6 GB) (Free:191.37 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 07709914) Partition: GPT. ==================== End of Addition.txt ============================