Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2017 Ran by Clem (24-05-2017 14:36:32) Running from C:\Users\Clem\Downloads Windows 10 Home Version 1607 (X64) (2017-01-04 16:07:04) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2797358354-675690363-1071357138-500 - Administrator - Enabled) => C:\Users\Administrator Clem (S-1-5-21-2797358354-675690363-1071357138-1001 - Administrator - Enabled) => C:\Users\Clem DefaultAccount (S-1-5-21-2797358354-675690363-1071357138-503 - Limited - Disabled) defaultuser0 (S-1-5-21-2797358354-675690363-1071357138-1000 - Limited - Disabled) => C:\Users\defaultuser0 Guest (S-1-5-21-2797358354-675690363-1071357138-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.) Ansel (Version: 376.33 - NVIDIA Corporation) Hidden Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.) Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.) Applen ohjelmatuki (32-bittinen) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.) Applen ohjelmatuki (64-bittinen) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.14731 - Electronic Arts) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Dishonored 2 (HKLM\...\Steam App 403640) (Version: - Arkane Studios) ForHonor (HKLM-x32\...\Uplay Install 569) (Version: - Ubisoft) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.) Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.) Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel Extreme Tuning Utility (HKLM-x32\...\{fde8aa07-3912-4bdf-ad35-ff1231bfd00d}) (Version: 6.2.0.17 - Intel Corporation) Intel Extreme Tuning Utility (x32 Version: 6.2.0.17 - Intel Corporation) Hidden Intel(R) Chipset Device Software (x32 Version: 10.1.1.38 - Intel(R) Corporation) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation) Intel(R) Online Connect Software Asset Manager (x32 Version: 3.4.2072 - Intel Corporation) Hidden Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation) Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) Intel® Small Business Advantage (HKLM-x32\...\{C7A82877-2365-4A03-B23F-DFDD629B7F3A}) (Version: 4.0.44 - Intel Corporation) iTunes (HKLM\...\{643531B8-09B1-4AEE-9FEE-8E0477957D25}) (Version: 12.6.0.95 - Apple Inc.) League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games) League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden Life Is Strange™ (HKLM\...\Steam App 319630) (Version: - DONTNOD Entertainment) Mad Max (HKLM\...\Steam App 234140) (Version: - Avalanche Studios) Max Payne 3 (HKLM\...\Steam App 204100) (Version: - Rockstar Studios) MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) Microsoft OneDrive (HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-2797358354-675690363-1071357138-500\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 53.0.3 (x86 fr) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 fr)) (Version: 53.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3 - Mozilla) MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.8 - MSI) MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.07 - MSI) MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.22 - MSI) MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.08 - MSI) MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.12 - MSI) MSI USB Speed Up (HKLM-x32\...\{79D5FA63-7003-4398-B882-C70ED18778D1}_is1) (Version: 1.0.0.10 - MSI) MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.05 - MSI) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation) NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation) NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.4.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project) Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.104.210.0 - Overwolf Ltd.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8034 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.0 - Rockstar Games) Ryse: Son of Rome (HKLM\...\Steam App 302510) (Version: - Crytek) SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden South Park™: The Stick of Truth™ (HKLM\...\Steam App 213670) (Version: - Obsidian Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) This War of Mine (HKLM\...\Steam App 282070) (Version: - 11 bit studios) Total War: WARHAMMER (HKLM\...\Steam App 364360) (Version: - Creative Assembly) Uplay (HKLM-x32\...\Uplay) (Version: 30.0 - Ubisoft) Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {06AD29FB-B2AC-4060-832D-1783126C61AB} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation) Task: {1B840622-5103-4651-A737-E10EF8F0194E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {25FFEC27-6090-4AED-AEA2-75307CB66ACB} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation) Task: {39A6D880-A946-4937-9E30-FFACEB724E50} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {45114245-8090-4D81-A97F-1698AA239B68} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation) Task: {59B389B4-7A86-4AAD-9EAB-627680D3CA7F} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation) Task: {5E60F744-DF19-45B5-8C9C-F56D6DAABD89} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation) Task: {70574CBD-020D-4D89-B0D6-275D292687B9} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation) Task: {70A78517-86B2-437B-A2B8-0FB6B7249238} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation) Task: {739E2CAB-CE20-4A23-82C1-A44F50E86E20} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {935B1A1B-7C58-4530-A782-8BA48BB478CA} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-05-14] (Overwolf LTD) Task: {987F564B-9EF2-4F97-9184-50C0DAF0D84A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.) Task: {C234E4D1-871F-4C55-9519-D4B08E461E4B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-04] (Google Inc.) Task: {D1DA25A8-38BB-46FF-9D61-24E60A29ED5B} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation) Task: {D941B456-0479-4665-9F47-46FA98CCE6D5} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation) Task: {DFA98CD2-9DCF-44EE-9199-CB3D7D5B14DA} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation) Task: {E6EFCF47-C527-4B50-A4A0-657F1A8F2343} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation) Task: {EE324961-F755-427D-A91F-02B59AEC9525} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation) Task: {FC5D4DE9-88FC-4C1C-A658-3E5C4D01F6A6} - System32\Tasks\SorarCharts => Rundll32.exe "C:\Program Files\SorarCharts\SorarCharts.dll",DXGsOtns (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 14:42 - 2016-07-16 14:42 - 00231424 _____ () C:\Windows\SYSTEM32\ism32k.dll 2017-05-11 12:25 - 2017-04-28 03:49 - 02681200 _____ () C:\Windows\system32\CoreUIComponents.dll 2017-05-19 11:45 - 2015-06-01 22:26 - 02706944 _____ () C:\Program Files\SorarCharts\SorarCharts.dll 2017-01-04 19:30 - 2016-12-29 15:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-03-16 16:08 - 2017-03-16 16:08 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-10-05 13:15 - 2016-10-05 13:15 - 00107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll 2016-10-05 13:15 - 2016-10-05 13:15 - 00412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll 2017-01-15 13:42 - 2017-05-03 23:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-05-11 12:25 - 2017-04-28 03:49 - 02681200 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll 2017-05-24 13:23 - 2017-05-24 13:36 - 00335872 _____ () C:\Windows\TEMP\gEB0.tmp.exe 2017-01-04 22:35 - 2016-09-07 07:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 19:30 - 2017-03-04 09:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-15 19:30 - 2017-03-04 09:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 19:30 - 2017-03-04 09:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-15 19:30 - 2017-03-04 09:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-05-11 12:25 - 2017-04-28 02:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-05-11 12:25 - 2017-04-28 02:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-05-24 13:24 - 2017-05-24 13:36 - 00475648 _____ () C:\Windows\TEMP\g307E.tmp.exe 2016-10-04 18:09 - 2016-10-04 18:09 - 00253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll 2017-02-13 13:52 - 2005-07-18 14:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll 2017-03-20 19:41 - 2017-03-20 19:40 - 02493440 _____ () D:\Origin\libGLESv2.dll 2017-01-15 13:42 - 2017-05-03 23:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-03-23 17:23 - 2017-03-10 03:13 - 00674592 _____ () D:\Steam\SDL2.dll 2017-01-04 20:04 - 2016-09-01 04:02 - 04969248 _____ () D:\Steam\v8.dll 2017-04-27 12:17 - 2017-04-26 02:55 - 02465056 _____ () D:\Steam\video.dll 2017-01-04 20:04 - 2016-01-27 10:49 - 02549760 _____ () D:\Steam\libavcodec-56.dll 2017-01-04 20:04 - 2016-01-27 10:49 - 00491008 _____ () D:\Steam\libavformat-56.dll 2017-01-04 20:04 - 2016-01-27 10:49 - 00332800 _____ () D:\Steam\libavresample-2.dll 2017-01-04 20:04 - 2016-01-27 10:49 - 00442880 _____ () D:\Steam\libavutil-54.dll 2017-01-04 20:04 - 2016-01-27 10:49 - 00485888 _____ () D:\Steam\libswscale-3.dll 2017-01-04 20:04 - 2016-09-01 04:02 - 01563936 _____ () D:\Steam\icui18n.dll 2017-01-04 20:04 - 2016-09-01 04:02 - 01195296 _____ () D:\Steam\icuuc.dll 2017-04-27 12:17 - 2017-04-26 02:55 - 00848672 _____ () D:\Steam\bin\chromehtml.DLL 2017-01-04 20:04 - 2016-07-05 01:17 - 00266560 _____ () D:\Steam\openvr_api.dll 2017-03-10 13:12 - 2017-01-31 00:41 - 68875552 _____ () D:\Steam\bin\cef\cef.win7\libcef.dll 2017-04-27 12:17 - 2017-04-26 02:55 - 00383776 _____ () D:\Steam\steam.dll 2016-10-20 02:28 - 2016-10-20 02:28 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-07-16 14:47 - 2016-07-16 14:45 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2797358354-675690363-1071357138-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Clem\Downloads\cork_oak_trees_along_road-wallpaper-1920x1200.jpg HKU\S-1-5-21-2797358354-675690363-1071357138-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 172.20.10.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run32: => "Live Update" HKLM\...\StartupApproved\Run32: => "MSIRegister" HKLM\...\StartupApproved\Run32: => "USB_Speed_Up" HKLM\...\StartupApproved\Run32: => "IMSS" HKLM\...\StartupApproved\Run32: => "Fast Boot" HKLM\...\StartupApproved\Run32: => "Super Charger" HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-2797358354-675690363-1071357138-1001\...\StartupApproved\Run: => "Overwolf" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{30F5E106-957D-49BF-BBB2-F5EFE8705465}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{9C17D530-33A8-47C0-85F7-B2791F3A5A92}] => (Allow) D:\Steam\Steam.exe FirewallRules: [{BA42EF8C-22C7-4BF3-836D-BA82C6DC11B2}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{99317B35-D6DE-4F82-9C1D-92BC48E37A11}] => (Allow) D:\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{8719F845-5506-47E0-9E18-47C2BF5FA7CA}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{9997F182-99CC-4586-87F7-2591B2FA0102}D:\hearthstone\hearthstone.exe] => (Allow) D:\hearthstone\hearthstone.exe FirewallRules: [{10A15896-B4D9-4D9D-B88E-9BAB9943315F}] => (Allow) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\Sba.exe FirewallRules: [{068241C4-2A02-421D-8189-A1A2B3FBF3A2}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{A8BB5A83-B9B8-4624-BF80-E8E640DAECCF}] => (Allow) D:\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{CA69528C-C46D-4ADF-930B-49A30F4C2052}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4FCE7503-9B5E-4538-94FA-64DBEDA70DFD}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{413C563F-98D1-483E-8E01-3DD52A1F9222}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{4C53E652-26F4-4A43-96B8-271028D25A4A}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{B0E382BD-C525-41E3-9BA2-61C0876224C1}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{456453DF-2AC2-412B-8D49-4F8EEAF1172F}] => (Allow) C:\Users\Clem\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{A19C51E7-7885-4B20-9D37-D768BC8BD39C}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{D56B69B2-CC41-41D2-A104-340903B3AE14}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe FirewallRules: [{DD50DB83-F22E-4833-A702-DFF026704762}] => (Allow) D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe FirewallRules: [{D3184A7E-A20D-4C32-86F2-3F746FF5FEAA}] => (Allow) D:\Steam\steamapps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe FirewallRules: [{0CCF8593-BC56-4077-B35A-6B9F13B5E42F}] => (Allow) D:\Steam\steamapps\common\Mad Max\MadMax.exe FirewallRules: [{706B6DE1-B4D2-430B-9FC0-4E41D0486E33}] => (Allow) D:\Steam\steamapps\common\Mad Max\MadMax.exe FirewallRules: [TCP Query User{5333C8B7-7919-4C9F-9A96-8BD4AA9A63FA}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{29100A4A-3B1F-4CC0-9088-EEC289F5F9AD}D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{2778E781-6830-47BA-8C96-497BD090B41A}] => (Allow) D:\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe FirewallRules: [{0199D4CD-33DC-45ED-AC3C-48B720B2E47C}] => (Allow) D:\Steam\steamapps\common\Max Payne 3\Max Payne 3\MaxPayne3.exe FirewallRules: [{DDDCD8B4-4E82-47E0-87FE-FB5BCB21138B}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{0F901F81-FA19-4945-BB0C-35C0382C03E6}] => (Allow) D:\Steam\steamapps\common\DayZ\DayZ_BE.exe FirewallRules: [{D77148F0-C425-426C-95CB-DE8A3430DC96}] => (Allow) D:\Steam\steamapps\common\Dishonored2\Dishonored2.exe FirewallRules: [{4CED32FD-FF9A-461D-844F-3506BDE9FBC6}] => (Allow) D:\Steam\steamapps\common\Dishonored2\Dishonored2.exe FirewallRules: [TCP Query User{73F53A7B-AC60-4FA7-98CF-BE884BF06023}D:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [UDP Query User{EEC74BC9-6DC8-4799-BAB5-F98B26EA3AF7}D:\steam\steamapps\common\total war warhammer\warhammer.exe] => (Allow) D:\steam\steamapps\common\total war warhammer\warhammer.exe FirewallRules: [{7E34422D-89A7-40D9-A1BE-4B04E6F90541}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{F6698E9E-6F6F-4134-85D0-C6B1CB0F0625}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{5F4E971F-BDCB-49E2-BB64-EEB4792A22E2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{F8A8F51B-9CC2-4EF8-9D5F-3F08005B81B9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{636C77A4-0F17-4660-9A03-6E3B41B212A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{624BC44B-39CC-4A9B-A873-47BC736101F8}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe FirewallRules: [UDP Query User{60A6B9E5-BFF5-4268-A959-6D40535C240F}D:\diablo iii\x64\diablo iii64.exe] => (Allow) D:\diablo iii\x64\diablo iii64.exe FirewallRules: [{981ECD8E-0B58-4E57-8183-DA14C96E8D5A}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{6CCF43DA-17BC-4D01-A401-F83E439FFAB9}] => (Allow) D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{F5517ABC-EEC9-4C3A-8D46-30A03363A985}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{6B99019B-1E3A-4EE3-98AD-54FA1D098638}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{4E627FD0-C9CD-4E81-A788-3CF261AAB578}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{C97552AC-4BD1-4674-B411-DF5813225430}] => (Allow) D:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{55596054-5247-410D-9F06-FEF19D013B65}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{CD19B57A-DC76-46C9-8CA0-673D76C59C51}] => (Allow) D:\Steam\steamapps\common\This War of Mine\This War of Mine.exe FirewallRules: [{146263A3-393E-450D-B1A0-ECAEFCB5F40F}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe FirewallRules: [{327A58D0-F630-4E9B-95CC-33039998A380}] => (Allow) D:\Steam\steamapps\common\This War of Mine\Storyteller.exe FirewallRules: [TCP Query User{52D7E126-BAF5-41B1-8FBE-C1F1398DF897}D:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz_x64.exe FirewallRules: [UDP Query User{9377DC2E-A36F-4060-98F0-6FB9FFE39966}D:\steam\steamapps\common\dayz\dayz_x64.exe] => (Allow) D:\steam\steamapps\common\dayz\dayz_x64.exe FirewallRules: [{4668D0FC-4E72-4FC7-8C3A-66536E160DA3}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe FirewallRules: [{8581CE2F-1952-4231-BAA7-465AD315BFA8}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe FirewallRules: [{D4904CBF-7D6D-49A6-9A1E-AD4EB909C5CB}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe FirewallRules: [{921E1BC9-058D-4104-A6C1-7975C54D0537}] => (Allow) D:\MediaMonkey\MediaMonkey (non-skinned).exe FirewallRules: [{1BBB3A6A-F7A1-4342-9967-EFD89EE4041E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6843E90C-BD1E-4AD9-91C4-0A0E3FC825B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{99757395-7767-4DD9-9DB6-3C0078C1F913}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0D544655-4A1E-42AB-9B8A-3DF145CBA027}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{46A49568-FCDD-4018-96F1-6D8D651CA676}D:\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) D:\ubisoft game launcher\games\forhonor\forhonor.exe FirewallRules: [UDP Query User{699089D2-FFC8-4960-B104-A16314F73E52}D:\ubisoft game launcher\games\forhonor\forhonor.exe] => (Allow) D:\ubisoft game launcher\games\forhonor\forhonor.exe FirewallRules: [{6AA91ED0-0F3A-4471-BE0B-8B66EDA89677}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{97B308F7-7D41-4BA3-BEBF-58581243C971}] => (Allow) D:\Steam\steamapps\common\Total War WARHAMMER\launcher\launcher.exe FirewallRules: [{0B62D7A1-48FC-44F4-821C-45564EDDEFFE}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{563F632A-C41A-4D4C-909F-FF631CBAE9CB}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [{CEB13741-93C0-4C16-A094-4627CC008BDF}] => (Allow) D:\Steam\steamapps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [TCP Query User{58D40597-2142-4079-997A-8633EACEDAB8}D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{7D0A13B1-3B2F-4EA5-AB81-A14534B96C1D}D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe] => (Allow) D:\heroes of the storm\versions\base52860\heroesofthestorm_x64.exe FirewallRules: [{3F037BD8-5F09-4951-AB8D-F0E02354AB04}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{BAD2FEB6-F042-4CA1-9EFF-BA109BAF1E65}] => (Allow) C:\Windows\system32\rundll32.exe FirewallRules: [{FE2BADCC-0DE6-4C1E-9332-45BC8D5BC32C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3A4A4F70-D9BF-4CA8-9E22-9CFBDDE5E755}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{23A29960-EC1A-486A-8AD2-1EBB403F9233}] => (Allow) C:\Windows\System32\rundll32.exe FirewallRules: [{BA0A084D-7A43-4B82-899B-2169B80ADDA6}] => (Allow) C:\Windows\System32\rundll32.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= Name: Standard PS/2 Keyboard Description: Standard PS/2 Keyboard Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard keyboards) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft PS/2 Mouse Description: Microsoft PS/2 Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (05/24/2017 01:37:16 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-M9SLN4S) Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (05/24/2017 01:30:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-M9SLN4S) Description: Activation of app Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe:MicrosoftEdge.AppX9zvsr9qeth9e9a03yr0g7rpdrcrwgn5r.mca failed with error: -2144927149 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (05/24/2017 12:56:56 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 40943907 Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 40943907 Error: (05/24/2017 11:13:08 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (05/23/2017 09:29:29 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code. Error: (05/23/2017 04:32:25 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "WmiApRpl" in DLL "C:\Windows\system32\wbem\wmiaprpl.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (05/23/2017 04:32:25 PM) (Source: PerfNet) (EventID: 2004) (User: ) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (05/23/2017 04:32:25 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "Lsa" in DLL "C:\Windows\System32\Secur32.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. System errors: ============= Error: (05/24/2017 01:38:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/24/2017 01:37:26 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel(R) Online Connect Helper service. Error: (05/24/2017 01:36:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/24/2017 01:36:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Intel(R) Online Connect Helper service. Error: (05/24/2017 01:36:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} and APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/24/2017 01:36:05 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 13.22.32 on ‎24.‎5.‎2017 was unexpected. Error: (05/24/2017 01:34:43 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/24/2017 01:31:07 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/24/2017 01:30:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (05/24/2017 01:29:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. CodeIntegrity: =================================== Date: 2017-05-08 11:57:06.900 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-05-08 11:57:06.892 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-05-08 11:55:34.458 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-05-08 11:55:17.947 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. Date: 2017-05-08 11:55:17.885 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2017-05-08 11:55:17.663 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files (x86)\Overwolf\0.103.233.0\x64\OWExplorer.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz Percentage of memory in use: 26% Total physical RAM: 8138.69 MB Available physical RAM: 5965.64 MB Total Virtual: 14282.69 MB Available Virtual: 11611.16 MB ==================== Drives ================================ Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT Drive c: () (Fixed) (Total:111.24 GB) (Free:71.64 GB) NTFS Drive d: (WD) (Fixed) (Total:931.51 GB) (Free:549.45 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6E17AF57) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================