Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015 Ran by John (2015-09-18 15:11:00) Running from E:\Pobierane Windows 7 Home Premium Service Pack 1 (X64) (2015-07-03 05:51:12) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3246966307-621913710-3015266008-500 - Administrator - Disabled) Guest (S-1-5-21-3246966307-621913710-3015266008-501 - Limited - Disabled) John (S-1-5-21-3246966307-621913710-3015266008-1000 - Administrator - Enabled) => C:\Users\John ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-3246966307-621913710-3015266008-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.) 404Sight (HKLM-x32\...\Steam App 361630) (Version: - Retro Yeti Games) Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.14.2 - Mirillis) Adobe Acrobat Reader DC - Polish (HKLM-x32\...\{AC76BA86-7AD7-1045-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated) Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated) Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated) AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games) Alien Swarm (HKLM-x32\...\Steam App 630) (Version: - Valve) Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version: - Frictional Games) AOMEI Partition Assistant Standard Edition 5.6 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version: - AOMEI Technology Co., Ltd.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6140 - AVG Technologies) AVG 2015 (Version: 15.0.4419 - AVG Technologies) Hidden AVG 2015 (Version: 15.0.6140 - AVG Technologies) Hidden Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Blood of Old (HKLM-x32\...\Steam App 382240) (Version: - AndrewWatt96) CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform) ChessBase 13 64-bit (HKLM\...\{DC2A2AB5-1DFB-4DFA-889A-2735543DC636}) (Version: 13.1.0.0 - ChessBase) Chicken Invaders 5 - Cluck of the Dark Side (HKLM-x32\...\Chicken Invaders 5 - Cluck of the Dark Side1.1) (Version: 1.1 - Foxy Games) Commander: Conquest of the Americas Gold (HKLM-x32\...\Steam App 254020) (Version: - ) Commando Jack (HKLM-x32\...\Steam App 299260) (Version: - Colossal Games) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Earth 2150: Lost Souls (HKLM-x32\...\Steam App 259300) (Version: - ) Earth 2150: The Moon Project (HKLM-x32\...\Steam App 259280) (Version: - ) Epic Pen (HKLM-x32\...\Epic Pen_is1) (Version: - Brian Hoary) Epigenesis (HKLM-x32\...\Steam App 244590) (Version: - Dead Shark Triplepunch) Everlasting Summer (HKLM-x32\...\Steam App 331470) (Version: - Soviet Games) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Geometry Dash (HKLM-x32\...\Steam App 322170) (Version: - RobTop Games) Google Chrome (HKU\S-1-5-21-3246966307-621913710-3015266008-1000\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Humanity Asset (HKLM-x32\...\Steam App 271640) (Version: - Browny Application) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Jet Gunner (HKLM-x32\...\Steam App 314250) (Version: - Sinclair Strange) Junior 10 (HKLM-x32\...\{06C74EED-C39D-4468-94DE-AD8418ED38AC}) (Version: 9.17 - ChessBase) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games) League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden Mainland (HKLM-x32\...\Steam App 366800) (Version: - ) Malwarebytes Anti-Malware wersja 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) MK LOL (HKU\S-1-5-21-3246966307-621913710-3015266008-1000\...\MK LOL) (Version: - ) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 40.0.3 (x86 pl) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 pl)) (Version: 40.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla) MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team) Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM-x32\...\{90150000-001F-0415-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) NVIDIA 3D Vision Driver 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.81 - NVIDIA Corporation) NVIDIA Graphics Driver 341.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.81 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) OBS Multiplatform (HKLM-x32\...\OBS Multiplatform) (Version: 0.11.4 - OBS Project) Obsługa programów Apple (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.1 (HKLM-x32\...\{B5373BA3-BAD7-4EAC-A9D2-B66B41B82C57}) (Version: 4.11.9775 - Apache Software Foundation) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden Overcast - Walden and the Werewolf (HKLM-x32\...\Steam App 293180) (Version: - Microblast Games) Passing Pineview Forest (HKLM-x32\...\Steam App 331120) (Version: - VIS - Visual Imagination Software) PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden Pid (HKLM-x32\...\Steam App 218740) (Version: - Might and Delight) Pirates of Black Cove Gold (HKLM-x32\...\Steam App 254040) (Version: - ) <==== ATTENTION ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH) QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.) Race The Sun (HKLM-x32\...\Steam App 253030) (Version: - Flippfly LLC) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.) Risen (HKLM-x32\...\Steam App 40300) (Version: - Piranha – Bytes) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Skyborn (HKLM-x32\...\Steam App 278460) (Version: - Dancing Dragon Games) Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.) Stealth Inc 2 (HKLM-x32\...\Steam App 329380) (Version: - Carbon) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steel & Steam: Episode 1 (HKLM-x32\...\Steam App 310450) (Version: - Red Meat Games) Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh) TeamSpeak 3 Client (HKU\S-1-5-21-3246966307-621913710-3015266008-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) The 39 Steps (HKLM-x32\...\Steam App 234940) (Version: - The Story Mechanics) The Old Tree (HKLM-x32\...\Steam App 346250) (Version: - Red Dwarf Games) Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{40930C8E-A677-414C-A72F-DFDEB10738FB}) (Version: - Microsoft) UsbFix (HKLM-x32\...\Usbfix) (Version: 8.108 - El Desaparecido - www.usbfix.net - www.sosvirus.net) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Voicemeeter, The Virtual Mixing Console (HKLM-x32\...\VB:Voicemeeter {17359A74-1236-5467}) (Version: - VB-Audio Software) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.01 (64-bitowy) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Wise Care 365 3.85 (HKLM-x32\...\Wise Care 365_is1) (Version: 3.85 - WiseCleaner.com, Inc.) Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.4) (Version: 1.3.4 - Xvid Team) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3246966307-621913710-3015266008-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> F:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3246966307-621913710-3015266008-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> F:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3246966307-621913710-3015266008-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> F:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3246966307-621913710-3015266008-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> F:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3246966307-621913710-3015266008-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> F:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3246966307-621913710-3015266008-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> F:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) CustomCLSID: HKU\S-1-5-21-3246966307-621913710-3015266008-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\John\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3246966307-621913710-3015266008-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\John\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 31-08-2015 14:49:51 Scheduled Checkpoint 02-09-2015 18:54:03 Removed XSplit Broadcaster 17-09-2015 13:56:03 Scheduled Checkpoint 17-09-2015 21:12:59 Created by Wise Care 365 ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2015-09-01 16:17 - 00000851 ___RA C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 ssl.bandisoft.com ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0E8ADFFD-0E2B-48CC-9BBD-7A9B29F4705B} - System32\Tasks\Wise Care 365 => F:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2015-08-18] (WiseCleaner.com) Task: {1AAE83CD-3191-4E12-8D04-DE01AC14FDBA} - System32\Tasks\AdobeAAMUpdater-1.0-John-PC-John => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated) Task: {519A3E20-75BA-4C1A-9A08-F11786EE8796} - System32\Tasks\Wise Turbo Checker => F:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2015-08-06] (WiseCleaner.COM) Task: {5A177749-7CE9-4A24-B6C7-FA6952E8C88D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-13] (Adobe Systems Incorporated) Task: {5ED3B102-40E8-4C95-9F30-C2F922AEF94F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3246966307-621913710-3015266008-1000Core => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-23] (Google Inc.) Task: {6A392AA9-33C0-4287-BC99-2C532770C837} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {8612125E-24D3-4A75-9BB2-F2343CCB2CFA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {8ECE92A7-BE34-4A35-B2A7-369E2BBD750B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [2015-08-13] (Adobe Systems Incorporated) Task: {CD1F105E-6E88-40EB-AFFD-9D929A2C2B30} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser Task: {D02C0699-201F-4FCB-A34C-97D948C33A66} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd) Task: {E51B7EDE-E49F-45A5-A956-84EC7A163DD9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3246966307-621913710-3015266008-1000UA => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-23] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3246966307-621913710-3015266008-1000Core.job => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3246966307-621913710-3015266008-1000UA.job => C:\Users\John\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Wise Care 365.job => F:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe Task: C:\Windows\Tasks\Wise Turbo Checker.job => F:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe ==================== Loaded Modules (Whitelisted) ============== 2015-07-03 10:11 - 2015-08-18 02:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-05-13 18:30 - 2015-05-13 18:30 - 08898720 _____ () F:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-05-13 18:31 - 2015-05-13 18:31 - 08898720 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2015-09-16 14:01 - 2015-09-12 02:22 - 01501512 _____ () C:\Users\John\AppData\Local\Google\Chrome\Application\45.0.2454.93\libglesv2.dll 2015-09-16 14:01 - 2015-09-12 02:22 - 00081224 _____ () C:\Users\John\AppData\Local\Google\Chrome\Application\45.0.2454.93\libegl.dll 2015-09-16 14:01 - 2015-09-12 02:22 - 16393032 _____ () C:\Users\John\AppData\Local\Google\Chrome\Application\45.0.2454.93\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\John\AppData\Local\Temp:I4Al7qOiJUS0sANJfaCOaCi9B AlternateDataStreams: C:\Users\John\AppData\Local\Temp:mhiNszCZ4WayaZYbsys1RTH ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3246966307-621913710-3015266008-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\John\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 62.179.1.62 - 62.179.1.63 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2 MSCONFIG\Services: jhi_service => 2 MSCONFIG\Services: LMS => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: TorchCrashHandler => 2 MSCONFIG\Services: UNS => 2 MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeBridge => MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe" MSCONFIG\startupreg: QuickTime Task => "F:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: VX1000 => C:\Windows\vVX1000.exe ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{FCB0F826-CF80-4040-B3FF-6C8AE0D76262}] => (Allow) F:\Program Files\Steam\Steam.exe FirewallRules: [{27E6BC71-0ABA-406B-90EB-41C12781D0DD}] => (Allow) F:\Program Files\Steam\Steam.exe FirewallRules: [{2E1F071F-4055-4289-86D2-5CB2358C422D}] => (Allow) F:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{0674DE86-3181-4C1C-A055-0543A420ECD9}] => (Allow) F:\Program Files\Steam\bin\steamwebhelper.exe FirewallRules: [{BED6C58D-1ADA-4A41-B038-E26BBBB6EFE4}] => (Allow) C:\Users\John\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{684397E2-B600-4FCA-8B42-A4AB68D98C5B}] => (Allow) C:\Users\John\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{8330C350-4E26-435A-BEFD-FA10BB315577}] => (Allow) F:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{11E1C439-00DA-4F1D-BB8A-F7E1815FE913}] => (Allow) F:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{0D048DAC-CD69-4747-86D2-0E2CAACBA3AC}] => (Allow) F:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{2670F540-2150-4A58-B65A-5DEF8A856CBF}] => (Allow) F:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{F3B172DE-CF08-44A1-BDF1-811BB658D7C0}] => (Allow) F:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{7123B295-E8B0-46A4-ABA9-E7D68C7284F3}] => (Allow) F:\Program Files\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{DA34A16E-ACCA-44AD-817E-8E68F1BDC2F4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{BB3673EE-9605-48A1-8D81-04D189D630D7}] => (Allow) F:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{C9958C94-616B-49D2-AB87-9A243B76FCC3}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{D9DAE104-0BB8-436F-BB17-7A01F723144A}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{354B4E52-1A77-426C-9A88-6B5F42B152F9}] => (Allow) F:\Program Files\Steam\steamapps\common\Epigenesis\Binaries\Win32\Epigenesis.exe FirewallRules: [{B26051BC-80D0-4C79-B464-831CC67CD7CB}] => (Allow) F:\Program Files\Steam\steamapps\common\Epigenesis\Binaries\Win32\Epigenesis.exe FirewallRules: [TCP Query User{5AC25982-554F-4C47-B8D6-F9289A13DCF0}F:\program files\steam\steamapps\common\epigenesis\binaries\win32\lochgame.exe] => (Allow) F:\program files\steam\steamapps\common\epigenesis\binaries\win32\lochgame.exe FirewallRules: [UDP Query User{627B323F-7638-4F59-B49A-1CAC009D2111}F:\program files\steam\steamapps\common\epigenesis\binaries\win32\lochgame.exe] => (Allow) F:\program files\steam\steamapps\common\epigenesis\binaries\win32\lochgame.exe FirewallRules: [{AB0A8CAD-A718-4BCF-8FE4-F05AFC7F14B0}] => (Allow) F:\Program Files\Steam\steamapps\common\Steel & Steam Episode 1\Game.exe FirewallRules: [{1604F8FB-17CA-44C3-85C2-989EF715C16D}] => (Allow) F:\Program Files\Steam\steamapps\common\Steel & Steam Episode 1\Game.exe FirewallRules: [{A5DCEF2C-CB19-4D06-9019-9EFF1512FCA1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{F8B264BB-269D-4649-AE23-FBE59AEDD9DF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe FirewallRules: [{58A871B8-9921-4118-AE99-900012A93F53}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{054C8D29-4B2D-44BB-9539-2586134CDEA0}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe FirewallRules: [{48A34BB4-5EF1-47F5-B28C-B3E6B2A2499B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{BBBE9D66-61C7-4E9E-B31C-AF47B8F4E9C1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe FirewallRules: [{8AA3A59A-9812-4791-A609-C65E6C1C8E6E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{6E8D6314-6E3A-4DF1-BCA4-C5506FCB416D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe FirewallRules: [{E947BAE4-7BEB-45D1-99DB-24772C27C3F9}] => (Allow) F:\Program Files\Steam\steamapps\common\Commander Jack\CommandoJackWindows64.exe FirewallRules: [{C7832247-A0E7-4796-943C-1F83135EF486}] => (Allow) F:\Program Files\Steam\steamapps\common\Commander Jack\CommandoJackWindows64.exe FirewallRules: [{A67B67D9-E3FE-4C1D-968C-1AB030A30A25}] => (Allow) F:\Program Files\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe FirewallRules: [{83F70AC5-A6D9-4B77-B3D8-F5E7CF2B4DDA}] => (Allow) F:\Program Files\Steam\steamapps\common\RaceTheSun\RaceTheSun.exe FirewallRules: [{B09E3BFB-5FCC-45E0-975B-D760909A0DAA}] => (Allow) F:\Program Files\Steam\steamapps\common\Super Hexagon\superhexagon.exe FirewallRules: [{0748A75B-9893-4F2B-8C45-F8C9AA6DA87C}] => (Allow) F:\Program Files\Steam\steamapps\common\Super Hexagon\superhexagon.exe FirewallRules: [{2398B843-572C-4549-9FA1-F709AD421D89}] => (Allow) F:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{D0D0ACDB-0F55-4830-B017-6134C0CCB50F}] => (Allow) F:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{5B4C540C-BF3D-49E5-9629-1CFAFD5EB7BA}] => (Allow) F:\Program Files (x86)\Battle.net\Hearthstone\Hearthstone.exe FirewallRules: [{0369C05E-9174-4E3F-95DA-C3DF3D14BEA1}] => (Allow) F:\Program Files (x86)\Battle.net\Hearthstone\Hearthstone.exe FirewallRules: [{BAB98D5C-D094-489A-A439-A1B96E1F9FA5}] => (Allow) F:\Program Files\AVG\AVG2015\avgmfapx.exe FirewallRules: [{24D0C81F-CE76-4C40-91BD-DDB1D792367F}] => (Allow) F:\Program Files\AVG\AVG2015\avgmfapx.exe FirewallRules: [{7A04DD26-7637-4879-B427-56C0DF0A42DF}] => (Allow) F:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{3669AD42-AC79-4DAB-85C7-09693C396179}] => (Allow) F:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{BBAE850F-2B30-4A93-8D74-E1704B6B8B2D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{7F3A8A1D-5F4F-4E69-929F-17A490BAA502}] => (Allow) LPort=2869 FirewallRules: [{BA679864-395E-4D3A-B31A-5EB53FC4863B}] => (Allow) LPort=1900 FirewallRules: [{711A18A7-B7EE-45C4-AFE6-58B912450468}] => (Allow) F:\Program Files\Steam\steamapps\common\Earth 2150 The Moon Project\TheMoonProject.exe FirewallRules: [{3A6323EC-74DC-48A6-B490-E6693AAB64F3}] => (Allow) F:\Program Files\Steam\steamapps\common\Earth 2150 The Moon Project\TheMoonProject.exe FirewallRules: [{7D6FF13A-6F91-4B94-A135-8F6D2FFA0039}] => (Allow) F:\Program Files\Steam\steamapps\common\Earth 2150 The Moon Project\Setup.exe FirewallRules: [{E3592240-E7C9-4D43-AF7A-E06D56549C54}] => (Allow) F:\Program Files\Steam\steamapps\common\Earth 2150 The Moon Project\Setup.exe FirewallRules: [{D5E624B2-E346-476E-A5E8-59D1999709A0}] => (Allow) F:\Program Files\Steam\steamapps\common\Overcast - Walden and the Werewolf\Overcast - Walden and the Werewolf.exe FirewallRules: [{B63CB543-DC1D-43C9-AAD5-28FC1922FBCF}] => (Allow) F:\Program Files\Steam\steamapps\common\Overcast - Walden and the Werewolf\Overcast - Walden and the Werewolf.exe FirewallRules: [{40229E01-114A-433A-9D78-AB15FB2DA1A9}] => (Block) F:\Program Files (x86)\Photshop\Adobe Photoshop CC 2014\Photoshop.exe FirewallRules: [{6CFAEB33-3679-444F-BC4B-A22E333C261A}] => (Block) F:\Program Files (x86)\Photshop\Adobe Photoshop CC 2014\Photoshop.exe FirewallRules: [{CF71C9AE-8C33-4769-A949-659F3589F0B8}] => (Block) F:\Program Files (x86)\Premier Pro\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe FirewallRules: [{BDEF4123-C44A-4EC1-84B4-29E0CC1B7A32}] => (Block) F:\Program Files (x86)\Premier Pro\Adobe Premiere Pro CS6\Adobe Premiere Pro.exe FirewallRules: [{7DDA89E0-FE21-4187-9444-5F0768FC85A4}] => (Allow) F:\Program Files\Steam\steamapps\common\Pid\Pid.exe FirewallRules: [{66448F1E-B36D-4992-89B4-AC5E63887F63}] => (Allow) F:\Program Files\Steam\steamapps\common\Pid\Pid.exe FirewallRules: [{798964DC-FB8C-4B02-8DF7-54014D175BC9}] => (Allow) F:\Program Files\Steam\steamapps\common\Risen\bin\Risen.exe FirewallRules: [{18FA6FC6-045D-4CAD-85D2-A993FF875B87}] => (Allow) F:\Program Files\Steam\steamapps\common\Risen\bin\Risen.exe FirewallRules: [{BF9EFC9D-297D-4856-847F-C25F8CB15769}] => (Allow) F:\Program Files\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe FirewallRules: [{E8F66449-6BBE-49D5-9730-45A7C347EF36}] => (Allow) F:\Program Files\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe FirewallRules: [{77D46CA4-EACF-4324-905B-EE766687EC2E}] => (Allow) F:\Program Files\Steam\steamapps\common\Mainland\instead-mainland.exe FirewallRules: [{E5E08179-375C-4302-9069-4FE0E58998B9}] => (Allow) F:\Program Files\Steam\steamapps\common\Mainland\instead-mainland.exe FirewallRules: [{5FB4EB1B-3BA5-48E3-8E64-BED9088156AA}] => (Allow) F:\Program Files\Steam\steamapps\common\The Old Tree\TheOldTree.exe FirewallRules: [{42F36625-29E0-4F57-AD2C-1875347F95A2}] => (Allow) F:\Program Files\Steam\steamapps\common\The Old Tree\TheOldTree.exe FirewallRules: [{A9CD16EA-89D7-4C48-A9AE-2B2DD9352A86}] => (Allow) F:\Program Files\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [{375156D8-B4A0-4437-9DC6-1C58BED666BE}] => (Allow) F:\Program Files\Steam\steamapps\common\Unturned\Unturned.exe FirewallRules: [TCP Query User{F452A70C-1AEB-4033-A453-6FF1D44EF4C8}F:\program files\steam\steamapps\common\404sight\404sight\binaries\win32\netneutrality-win32-shipping.exe] => (Allow) F:\program files\steam\steamapps\common\404sight\404sight\binaries\win32\netneutrality-win32-shipping.exe FirewallRules: [UDP Query User{B28B500C-B100-44D5-8936-6C0FFF53A5CE}F:\program files\steam\steamapps\common\404sight\404sight\binaries\win32\netneutrality-win32-shipping.exe] => (Allow) F:\program files\steam\steamapps\common\404sight\404sight\binaries\win32\netneutrality-win32-shipping.exe FirewallRules: [{85241FDA-86A5-4376-AE3A-9DCA807DE0C9}] => (Allow) F:\Program Files\Steam\steamapps\common\Humanity Asset\HumanityAsset.exe FirewallRules: [{530A9DBE-D42B-488F-978D-95B159C7D6E0}] => (Allow) F:\Program Files\Steam\steamapps\common\Humanity Asset\HumanityAsset.exe FirewallRules: [{B9026533-B2FF-4C86-82D9-CCF753475136}] => (Allow) F:\Program Files\Steam\steamapps\common\Passing Pineview Forest\.autorun\autorun.exe FirewallRules: [{CD52141E-5E24-4FFC-9362-8281F888D370}] => (Allow) F:\Program Files\Steam\steamapps\common\Passing Pineview Forest\.autorun\autorun.exe FirewallRules: [{AD437436-07F9-451A-A30F-D19737C9305D}] => (Allow) F:\Program Files\Steam\steamapps\common\Everlasting Summer\Everlasting Summer.exe FirewallRules: [{E4B1DF29-4DCC-46DF-831D-EC8790D37AB7}] => (Allow) F:\Program Files\Steam\steamapps\common\Everlasting Summer\Everlasting Summer.exe FirewallRules: [{6D0EE013-4A49-4A3D-B7FC-DA5D126D96ED}] => (Allow) F:\Program Files\Steam\steamapps\common\Geometry Dash\GeometryDash.exe FirewallRules: [{221AB2D5-038D-4E8A-A3AB-124788D20C56}] => (Allow) F:\Program Files\Steam\steamapps\common\Geometry Dash\GeometryDash.exe FirewallRules: [{79F9D482-57A9-4DDE-9E74-0B65FEA40421}] => (Allow) F:\Program Files\Steam\steamapps\common\Stealth Inc 2\settings\settings.exe FirewallRules: [{DCEDCEA9-A66A-4BF4-981A-60A87BAD2729}] => (Allow) F:\Program Files\Steam\steamapps\common\Stealth Inc 2\settings\settings.exe FirewallRules: [{F49073E8-D865-4374-A784-1F159BA2F4B9}] => (Allow) F:\Program Files\Steam\steamapps\common\Alien Swarm\swarm.exe FirewallRules: [{E8F17B07-CAD0-4214-93F6-F9D2573C0EAE}] => (Allow) F:\Program Files\Steam\steamapps\common\Alien Swarm\swarm.exe FirewallRules: [{0FA60D18-A9CC-4377-806F-B0296FF9746B}] => (Allow) F:\Program Files\Steam\steamapps\common\The39Steps\39steps.exe FirewallRules: [{EE81E946-6D3A-4BB8-B33F-AB5066C6306C}] => (Allow) F:\Program Files\Steam\steamapps\common\The39Steps\39steps.exe FirewallRules: [{34D2D27C-1A7D-4FBE-88F9-5E10AC003121}] => (Allow) F:\Program Files\Steam\steamapps\common\Jet Force\jetgunner.exe FirewallRules: [{A8BFFA25-ACAA-46EE-9506-71CD6A954839}] => (Allow) F:\Program Files\Steam\steamapps\common\Jet Force\jetgunner.exe FirewallRules: [{2593A2EF-3819-44BC-A70E-DF5EB4D7B46E}] => (Allow) F:\Program Files\Steam\steamapps\common\Total War Arena\launcher\launcher.exe FirewallRules: [{A756316A-B992-409C-948E-F39E173E9E69}] => (Allow) F:\Program Files\Steam\steamapps\common\Total War Arena\launcher\launcher.exe FirewallRules: [{5718C2D5-46BE-411C-B93E-0F122A07A5C8}] => (Allow) F:\Program Files\Steam\steamapps\common\Commander Conquest of the Americas Gold\Commander.exe FirewallRules: [{64F58CC7-F760-4E0E-AF8E-3163CD558030}] => (Allow) F:\Program Files\Steam\steamapps\common\Commander Conquest of the Americas Gold\Commander.exe FirewallRules: [{882779D7-8C23-46F9-9256-F00BF661AFA8}] => (Allow) F:\Program Files\Steam\steamapps\common\Pirates of Black Cove Gold\bin\x86\dx9\BlackCove.exe FirewallRules: [{E00B60F7-EACF-4229-A27A-6E0B324B7394}] => (Allow) F:\Program Files\Steam\steamapps\common\Pirates of Black Cove Gold\bin\x86\dx9\BlackCove.exe FirewallRules: [{408B5675-75A7-43A4-84E9-83D3CFA6B270}] => (Allow) F:\Program Files\Steam\steamapps\common\Earth 2150 Lost Souls\LostSouls.exe FirewallRules: [{5A34B9CE-ACC6-4971-8C87-CB53C6119615}] => (Allow) F:\Program Files\Steam\steamapps\common\Earth 2150 Lost Souls\LostSouls.exe FirewallRules: [{C4288F4C-7880-4878-9F43-70259E0052A7}] => (Allow) F:\Program Files\Steam\steamapps\common\Earth 2150 Lost Souls\Setup.exe FirewallRules: [{6A47D794-F720-4F62-A711-D5164F6AAE5F}] => (Allow) F:\Program Files\Steam\steamapps\common\Earth 2150 Lost Souls\Setup.exe FirewallRules: [{547AE87F-3D00-46AC-B868-58A5FF9AF6F2}] => (Allow) F:\Program Files\Steam\steamapps\common\Skyborn\Game.exe FirewallRules: [{830E18E1-6A6B-4C0B-9C9D-209B0FA41576}] => (Allow) F:\Program Files\Steam\steamapps\common\Skyborn\Game.exe FirewallRules: [{528E16D2-2263-4FE3-9278-444EC293D6E9}] => (Allow) F:\Program Files\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{2FD1E949-06CB-4AEE-951C-2527C19BF0B0}] => (Allow) F:\Program Files\Steam\steamapps\common\Amnesia The Dark Descent\Amnesia.exe FirewallRules: [{B1698772-61E6-4949-99F0-4F12297BAF1D}] => (Allow) F:\Program Files\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{A5FEA687-5017-4A0A-B35B-3BB00F9944FF}] => (Allow) F:\Program Files\Steam\steamapps\common\Amnesia The Dark Descent\Launcher.exe FirewallRules: [{B6C5F9FC-52FD-4421-AC4E-91198DD4A020}] => (Allow) F:\Program Files\AVG\AVG2015\avgnsa.exe FirewallRules: [{2B1B938A-C163-4E0D-8B79-124C663AB11D}] => (Allow) F:\Program Files\AVG\AVG2015\avgnsa.exe FirewallRules: [{A2ED1ABF-66D7-4E50-8C69-9E27273DFD29}] => (Allow) F:\Program Files\AVG\AVG2015\avgdiagex.exe FirewallRules: [{BC023712-6382-467C-AA05-52B58186382D}] => (Allow) F:\Program Files\AVG\AVG2015\avgdiagex.exe FirewallRules: [{61B75770-B9D1-433A-B500-FB6D6DA22DFD}] => (Allow) F:\Program Files\AVG\AVG2015\avgemca.exe FirewallRules: [{E3949A68-5AED-4EC7-B5EC-9CCE5B8A1875}] => (Allow) F:\Program Files\AVG\AVG2015\avgemca.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/18/2015 02:37:41 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (09/18/2015 01:50:56 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/18/2015 01:50:43 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (09/17/2015 09:42:24 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (09/17/2015 08:57:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (09/17/2015 08:56:58 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (09/17/2015 08:26:14 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (09/17/2015 07:26:14 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (09/17/2015 06:26:14 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 Error: (09/17/2015 05:26:14 PM) (Source: Software Protection Platform Service) (EventID: 8193) (User: ) Description: License Activation Scheduler (sppuinotify.dll) failed with the following error code: 0x80070005 System errors: ============= Error: (09/18/2015 02:37:41 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (09/17/2015 09:42:24 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (09/17/2015 09:10:04 PM) (Source: Service Control Manager) (EventID: 7030) (User: ) Description: The Wise Boot Assistant service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. Error: (09/17/2015 01:26:14 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (09/17/2015 12:45:10 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Windows Update service hung on starting. Error: (09/16/2015 02:31:02 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (09/15/2015 07:25:48 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (09/15/2015 03:15:58 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (09/14/2015 03:16:20 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} Error: (09/13/2015 07:52:41 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-3220 CPU @ 3.30GHz Percentage of memory in use: 54% Total physical RAM: 4059.72 MB Available physical RAM: 1844.14 MB Total Virtual: 8117.65 MB Available Virtual: 5606.74 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:87.22 GB) (Free:40.67 GB) NTFS Drive d: () (Fixed) (Total:48.83 GB) (Free:39.69 GB) NTFS ==>[system with boot components (obtained from reading drive)] Drive e: () (Fixed) (Total:27.27 GB) (Free:18.76 GB) NTFS Drive f: (Nowy) (Fixed) (Total:249.25 GB) (Free:142.61 GB) NTFS Drive g: (MULTIMEDIALNY_ATLAS_ANATOMICZNY) (CDROM) (Total:0.86 GB) (Free:0 GB) UDF Drive h: (KINGSTON) (Removable) (Total:3.77 GB) (Free:3.17 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 114.5 GB) (Disk ID: 85FB85FB) Partition 1: (Active) - (Size=87.2 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=27.3 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: EC0AEC0A) Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=249.3 GB) - (Type=OF Extended) ======================================================== Disk: 2 (Size: 3.8 GB) (Disk ID: 00000000) Partition: GPT. ==================== End of Addition.txt ============================