Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016 Ran by samsung (08-09-2016 18:31:40) Running from C:\Users\samsung\Downloads Windows 10 Home Version 1511 (X64) (2016-01-08 15:42:06) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1285780863-4141913994-941100708-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1285780863-4141913994-941100708-503 - Limited - Disabled) Guest (S-1-5-21-1285780863-4141913994-941100708-501 - Limited - Disabled) samsung (S-1-5-21-1285780863-4141913994-941100708-1000 - Administrator - Enabled) => C:\Users\samsung ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) „Windows Live Essentials“ (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden „Windows Live Mail“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden „Windows Live Messenger“ (x32 Version: 16.4.3528.0331 - „Microsoft Corporation“) Hidden µTorrent (HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) ABBYY FineReader for ScanSnap (TM) 5.0 (HKLM-x32\...\{FB500000-0010-0000-0000-074957833700}) (Version: 11.0.234 - ABBYY) Action! (HKLM-x32\...\Mirillis Action!) (Version: 1.31.3 - Mirillis) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated) Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.232 - Adobe Systems Incorporated) Adobe Flash Professional CC (HKLM-x32\...\{B56B95BF-7161-4166-8288-DB1BA9F6C9B8}) (Version: 13.0 - Adobe Systems Incorporated) Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated) Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated) Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.1.151 - Adobe Systems, Inc.) Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.) Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) Android Studio (HKLM\...\Android Studio) (Version: 1.0 - Google Inc.) Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive) Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.126 - Atheros) Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros) AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - ) BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - ) BattlEye Uninstall (HKLM-x32\...\BattlEye for A1) (Version: - ) BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - ) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden bl (x32 Version: 1.0.0 - Your Company Name) Hidden Blender (HKLM\...\Blender) (Version: 2.70a - Blender Foundation) Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio) Camtasia Studio 8 (HKLM-x32\...\{BFA04EE0-8240-4667-8D53-45496A901C33}) (Version: 8.1.2.1327 - TechSmith Corporation) CardMinder (HKLM-x32\...\{D4F2AFD3-0167-4464-B92F-78AB6DA8A0AA}) (Version: V5.2L21 - PFU) CardMinder V4.1 (x32 Version: 4.1.50.1 - PFU) Hidden Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Citrio (HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\Citrio) (Version: 50.0.2661.272 - © Catalinagroup Ltd.) Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version: - Relic Entertainment) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CyberLink Media Suite 11 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 11.0 - CyberLink Corp.) CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.) CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2728.0 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.3.0.0152 - Disc Soft Ltd) Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.2 - DivX, Inc.) Easy File Share (HKLM-x32\...\{12F81925-F3C1-40DB-91F7-777817974319}) (Version: 1.3.1 - Samsung Electronics CO., LTD.) Easy Migration (HKLM-x32\...\{EDE7A262-DB20-4432-A630-2ACEE186C416}) (Version: 1.0 - Samsung Electronics CO., LTD.) Easy Support Center (HKLM\...\{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}) (Version: 1.2.23 - Samsung Electronics CO., LTD.) Emily is Away (HKLM-x32\...\Steam App 417860) (Version: - Kyle Seeley) Epic Games Launcher (HKLM-x32\...\{DC13677B-1214-409C-8127-41BBC4445C61}) (Version: 1.1.73.0 - Epic Games, Inc.) E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.) Epson User's Guide L110 Series (HKLM-x32\...\L110 Series Useg) (Version: - ) Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated) Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden Firewatch (HKLM-x32\...\Firewatch_is1) (Version: - ) Fotoattēlu galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogaléria (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Foto-galerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria de Fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerija fotografija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden GoToMeeting 5.4.0.1083 (HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\GoToMeeting) (Version: 5.4.0.1083 - CitrixOnline) HP Deskjet 2540 series Basic Device Software (HKLM\...\{6A79CD11-0C1C-4E24-A8C6-46A02F680346}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) HP Deskjet 2540 series Help (HKLM-x32\...\{4539575D-C09D-4E71-B207-0F2D6BD74DA2}) (Version: 30.0.0 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36279 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation) Intel® Hardware Accelerated Execution Manager (HKLM\...\{ECCB31F5-435D-4F37-A98D-5854D3C62718}) (Version: 1.1.1 - Intel Corporation) Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation) Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle) JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.422 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.422 - LogMeIn, Inc.) Hidden Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.) Macromedia Flash 8 Video Encoder (HKLM-x32\...\{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}) (Version: 1.00.0000 - Macromedia) Macromedia Flash Player 8 Plugin (HKLM-x32\...\{91057632-CA70-413C-B628-2D3CDBBB906B}) (Version: 8.0.22.0 - Macromedia) Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Minecraft version 1.5.1 (HKLM-x32\...\Minecraft_is1) (Version: 1.5.1 - ) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Multimedia POP (HKLM-x32\...\{CE3007FF-3E77-4B5B-8F94-662C9582C8A5}) (Version: 1.2 - Samsung Electronics CO., LTD.) Narcissu 1st & 2nd (HKLM\...\Steam App 264380) (Version: - stage-nana) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.23 - Black Tree Gaming) Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) OpenOffice 4.1.0 (HKLM-x32\...\{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation) paint.net (HKLM\...\{DD393E4D-76FA-4CCD-84F3-CD9D75C14862}) (Version: 4.0.10 - dotPDN LLC) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden ph (x32 Version: 1.0.0 - Your Company Name) Hidden Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden PlayerLiteHJ 1.0.2.2.LHJ (HKLM-x32\...\{B435433C-110A-4853-843A-7BD1EE59624E}_is1) (Version: 1.0.2.2.LHJ - AVTECH) Poczta usługi Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden Pošta Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software) Product Improvement Study for HP Deskjet 2540 series (HKLM\...\{DF34643B-A745-430C-B27B-A48F853C81E4}) (Version: 32.2.188.47710 - Hewlett-Packard Co.) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Python 2.7.11 (64-bit) (HKLM\...\{16E52445-1392-469F-9ADB-FC03AF00CD62}) (Version: 2.7.11150 - Python Software Foundation) Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Raptr (HKLM-x32\...\Raptr) (Version: 5.2.1-r113066-release - Raptr, Inc) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 7.5.7.57 - Razer Inc.) Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.19 - Razer Inc.) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.707 - Razer Inc.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.39025 - Realtek Semiconductor Corp.) Red Faction: Guerrilla Steam Edition (HKLM-x32\...\Steam App 20500) (Version: - Volition) Regeria Hope Episode 1 (HKLM\...\Steam App 447570) (Version: - Golden Game Barn) ROBLOX Player for samsung (HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - ROBLOX Corporation) ROBLOX Studio for samsung (HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Scanner Mouse (HKLM-x32\...\{F059270E-FFAA-4B9E-A06B-56CAAC1D6B61}) (Version: 2.5.0 - Dacuda) ScanSnap (x32 Version: 5.1.50.23 - PFU Limited) Hidden ScanSnap Manager (HKLM-x32\...\{DBCDB997-EEEB-4BE9-BAFF-26B4094DBDE6}) (Version: V6.3L24 - PFU) ScanSnap Manager (x32 Version: 6.2.24.1.1 - PFU) Hidden ScanSnap Organizer (HKLM-x32\...\{E58F3B88-3B3E-4F85-9323-04789D979C15}) (Version: V5.2L21 - PFU) ScanSnap Organizer (x32 Version: 4.1.50.8 - PFU LIMITED) Hidden ScanSnap Organizer (x32 Version: 5.2.20.1 - PFU LIMITED) Hidden Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Software Launcher (HKLM-x32\...\{B750B5C2-CC17-4967-905B-29F4EB986131}) (Version: 1.0.2 - Samsung Electronics CO., LTD.) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.1.0 - Synaptics Incorporated) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer) Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds) UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden Unity Web Player (HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS) Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton) User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.2 - Samsung Electronics CO., LTD.) Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) Warframe (HKLM\...\Steam App 230410) (Version: - Digital Extremes) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent) WildTangent ORB Game Console (x32 Version: - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 16.4.3528.0331 - Корпорация Майкрософт) Hidden Фотоальбом (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Фотогалерия (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Фотографии (общедоступная версия) (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden גלריית התמונות (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden معرض الصور (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden 사진 갤러리 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden 影像中心 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden 照片库 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1083\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.) CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll () CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{DEE03C2B-0C0C-41A9-9877-FD4B4D7B6EA3}\InprocServer32 -> C:\Users\samsung\AppData\Local\Roblox\Versions\version-a5eaf158bd544c4d\RobloxProxy64.dll (ROBLOX Corporation) CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File CustomCLSID: HKU\S-1-5-21-1285780863-4141913994-941100708-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\samsung\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {007D2050-31EE-4F7A-9695-2AEDC15CC3B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.) Task: {01350635-5B0A-4B9E-8D6B-AA6FCBE04AFF} - System32\Tasks\{956E98C6-0237-4EAC-A654-7C76032A5937} => pcalua.exe -a "E:\SteamLibrary\steamapps\common\PAYDAY 2\_CommonRedist\vcredist\2008\vcredist_x86.exe" -d "E:\SteamLibrary\steamapps\common\PAYDAY 2\_CommonRedist\vcredist\2008" Task: {05A930BD-7531-4971-AAB1-6ACF62D9E5BC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {0DE85BFE-0AA4-4A72-BCCC-A383DC114826} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-cork.hack12@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {1772F661-4ECF-4B65-8569-9DDD6A187ECA} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {1D9C4CC1-D652-44B3-8C71-9A36A3F0B004} - System32\Tasks\{CFEE3AAC-6B47-4655-852B-27AD64D241D4} => C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe [2013-07-19] (TechSmith Corporation) Task: {2988E62B-9891-401B-B4E5-800A4933177D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {2B0C4DA2-D331-44AE-8297-062A29B8D7F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-14] (Microsoft Corporation) Task: {32387ADB-8289-4BFC-A0A6-08917F977476} - System32\Tasks\{8FD8C6F8-EF25-43AC-B635-7C1830C0332B} => pcalua.exe -a "C:\Users\samsung\Desktop\My Folder\For Home\Games\Madness Interactive\madness.exe" -d "C:\Users\samsung\Desktop\My Folder\For Home\Games\Madness Interactive" Task: {35A89769-5964-4EDF-802A-F992BC5CA30C} - System32\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000Core => C:\Users\samsung\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2015-12-31] (Catalina Group Ltd.) Task: {3773138B-4927-434A-8AFC-DF4381E50C84} - System32\Tasks\{ECBC6F77-1BE0-4526-B581-2C93ABB251CA} => pcalua.exe -a "C:\Program Files (x86)\Roblox\Versions\version-3a1b3a29e18e4ba7\RobloxPlayerLauncher.exe" -c -uninstall -alluser Task: {4461A4A8-D2DD-4A26-8EA8-338642025DE6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Task: {478120D3-BDAF-4987-88CD-2B518708FA0F} - System32\Tasks\{CD4F8700-5088-4039-ADC4-81CD61939854} => C:\Program Files (x86)\Steam\Steam.exe [2016-08-24] (Valve Corporation) Task: {53A9B4AE-AB5C-45B1-AC70-2F138093576E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {58D0D050-96A3-4E2E-BB3E-92D47B1D9F7E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000UA => C:\Users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe Task: {7009ED92-D4C6-4BFE-B92F-F2324E8326A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated) Task: {728D1264-8668-48D2-82BC-7D03A67FBFC8} - System32\Tasks\HP AR Program Upload - 6f7d1bbbf8044b10820c2f3b8167a7397496d55bdace4654898a184df0541beb => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: ) Task: {73A34160-3CC5-400F-A88E-EF69E266D9FF} - \d95df9fc-8393-489c-a096-3cda9b784081-2 -> No File <==== ATTENTION Task: {753C47AE-EC5E-44B3-95A9-2C8E553F0E39} - System32\Tasks\Microsoft\Windows\Windows Media Sharing\UpdateLibrary => C:\Program Files\Windows Media Player\wmpnscfg.exe Task: {759E18AE-39B7-4CEB-96DA-0F354F119546} - System32\Tasks\{03E662FC-806F-4F97-AD52-798DB214B734} => C:\Users\samsung\AppData\Roaming\Allmyapps\Allmyapps.exe Task: {8550573A-EFA4-46B2-92F4-FBBAE722BEE1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {8A6392C7-BAFA-4D22-B90E-039021C984BA} - System32\Tasks\{B19741CC-7EF6-484E-9551-6F812B0A0BEB} => pcalua.exe -a "C:\Program Files\HitmanPro\HitmanPro.exe" -c /uninstall Task: {8AA0D976-4E45-427D-9915-97CCD87D1EA6} - System32\Tasks\HP AR Program Upload - 9d1981001cf745f58da4fc4e16ea71094a3439c2898d48d895da6125ba8b69cd => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: ) Task: {8FFEAB47-B68E-459A-803E-6B926A551365} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {99E57B86-D05B-4F75-88AE-D93FDEA33537} - System32\Tasks\{F5993D0E-7DD0-4868-A095-FBE4917CB99A} => C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe [2013-07-19] (TechSmith Corporation) Task: {A3F09B62-EF24-428E-9D79-6AF69EA0F5E3} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\MpCmdRun.exe Task: {A6543ABD-745E-4363-AEEF-FFB83460737E} - System32\Tasks\AdobeAAMUpdater-1.0-TEAMALPHA-samsung => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-03-21] (Adobe Systems Incorporated) Task: {A8254C5C-1EB7-4651-BD59-377E2B4C2D6D} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-03-21] (Advanced Micro Devices, Inc.) Task: {A8651089-D94F-4AD7-B246-4BCDB1897448} - \d95df9fc-8393-489c-a096-3cda9b784081-3 -> No File <==== ATTENTION Task: {B06CE88F-D333-4600-9281-63133DAB3F4F} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26] (Intel Corporation) Task: {B25C4859-71A7-4F22-9620-3C4D4C057A1B} - System32\Tasks\{959B72F8-4CD5-400B-AEC1-1DF921CB0F59} => C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe [2013-07-19] (TechSmith Corporation) Task: {B9EC03B2-520D-46EC-9F10-FF6426898D8A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {C126D933-7354-4EE4-96E6-0D0CBD56CD58} - System32\Tasks\AllmyappsUpdateTask => c:\users\samsung\appdata\roaming\allmyapps\allmyappsupdater.exe Task: {C8F9655F-E3CA-4A34-9AAD-E758A611BFCE} - System32\Tasks\HP AR Program Upload - 7d90ed9f96c04d4f883b18407b745c62f9793271708e427d97c60cbb79c87d35 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: ) Task: {D11C4C05-57E6-448D-878C-63A1EE2966A6} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {D92367B5-9568-4470-B772-EB30BD5EABAE} - System32\Tasks\HPCustParticipation HP Deskjet 2540 series => C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe [2014-03-06] (Hewlett-Packard Co.) Task: {DDBB0B92-8137-4F8A-A597-B83678827974} - System32\Tasks\{DDE5CB02-C740-4A7B-8886-C4A520C43073} => C:\Program Files (x86)\TechSmith\Camtasia Studio 8\CamtasiaStudio.exe [2013-07-19] (TechSmith Corporation) Task: {E0B9FC29-ACB7-415D-812E-C4C9BDE86B6E} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {E14DDC7F-F4F5-4874-9963-57B902EFCCD6} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-21] (Adobe Systems Incorporated) Task: {E45357BB-D2E2-4A10-B4AC-01FBFE014853} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-12] (Google Inc.) Task: {E4DB714E-492C-4FB7-8300-53777A0FFC47} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000Core => C:\Users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe Task: {E69328EA-A2BC-48C5-ADCE-FEDEDC4FE449} - System32\Tasks\HP AR Program Upload - 88702a7d980145599ebd226dc3bca64e0e61b359a7b04a77acfbcf04e138e188 => C:\Program Files\HP\HP Deskjet 2540 series\bin\HPRewards.exe [2014-03-06] (TODO: ) Task: {EE22EAF9-ABC9-4FD1-BDC4-FAE08479381C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {EEA7D3CA-CFC5-4023-9CF8-2A46531B9781} - System32\Tasks\EasySupportCenter => C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe [2012-04-19] (Samsung Electronics CO., LTD.) Task: {EF8041A5-7F5F-4FFA-AAE3-3A72C0194CD0} - System32\Tasks\{03218F49-DEC4-46FF-B7C8-20F2EBE55CF8} => pcalua.exe -a "E:\video editing programs\VEGAS VIDEO\Setup.exe" -d "E:\video editing programs\VEGAS VIDEO" Task: {F7AF2770-086C-4B17-9D34-5B0A8FE889A5} - System32\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000UA => C:\Users\samsung\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe [2015-12-31] (Catalina Group Ltd.) Task: {F9E1F6C2-2150-4823-A7F5-B18A40179A7F} - System32\Tasks\{D4720712-E4B5-4F10-A402-4F0C271D000C} => pcalua.exe -a "E:\SteamLibrary\steamapps\common\PAYDAY 2\_CommonRedist\vcredist\2008\vcredist_x64.exe" -d "E:\SteamLibrary\steamapps\common\PAYDAY 2\_CommonRedist\vcredist\2008" Task: {FB40C1F7-212D-4159-8407-83BF46635524} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26] (Intel Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\AllmyappsUpdateTask.job => C:\Users\samsung\AppData\Roaming\Allmyapps\AllmyappsUpdater.exe Task: C:\WINDOWS\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000Core.job => C:\Users\samsung\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe Task: C:\WINDOWS\Tasks\CatalinaGroupUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000UA.job => C:\Users\samsung\AppData\Local\CatalinaGroup\Update\CatalinaUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000Core.job => C:\Users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1285780863-4141913994-941100708-1000UA.job => C:\Users\samsung\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe Task: C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\samsung\AppData\Local\Microsoft\Windows\GameExplorer\{858832fa-2921-4f05-ab02-1e13a842ae39}\SupportTasks\0\More Games.lnk -> hxxp://www.wildgames.com/?dp=samsung&mc=gameexplorer_support Shortcut: C:\Users\samsung\AppData\Local\Microsoft\Windows\GameExplorer\{7ad64128-be81-4f69-9356-9934f0d3c5b8}\SupportTasks\0\More Games.lnk -> hxxp://www.wildgames.com/?dp=samsung&mc=gameexplorer_support ShortcutWithArgument: C:\Users\samsung\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> ShortcutWithArgument: C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> ShortcutWithArgument: C:\Users\samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> ShortcutWithArgument: C:\Users\samsung\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> ==================== Loaded Modules (Whitelisted) ============== 2015-10-30 15:18 - 2015-10-30 15:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-07-20 08:10 - 2016-07-20 08:11 - 00187824 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2016-04-14 14:53 - 2016-04-14 14:53 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2012-05-22 17:49 - 2012-04-18 18:49 - 00127320 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 2016-07-13 20:10 - 2016-07-01 12:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-07-13 20:10 - 2016-07-01 12:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-05-19 09:57 - 2016-05-07 00:41 - 00235008 _____ () C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayError.dll 2016-05-19 09:57 - 2016-05-07 00:41 - 00235008 _____ () C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySynced.dll 2016-05-19 09:57 - 2016-05-07 00:41 - 00235008 _____ () C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayReadOnly.dll 2016-05-19 09:57 - 2016-05-07 00:41 - 00235008 _____ () C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlayLock.dll 2016-05-19 09:57 - 2016-05-07 00:41 - 00235008 _____ () C:\Users\samsung\AppData\Local\MediaFire Desktop\x64\MFShellIconOverlaySyncing.dll 2016-05-24 11:10 - 2016-05-24 11:10 - 00959168 _____ () C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-05-19 09:58 - 2016-05-07 00:41 - 00312832 _____ () C:\Program Files (x86)\MediaFire Desktop\bin\MFDesktopShellExtx64.dll 2015-04-16 04:13 - 2015-04-16 04:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2016-07-13 20:10 - 2016-07-01 11:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-09 14:50 - 2016-01-09 14:50 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-07-13 20:14 - 2016-07-01 11:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-06-15 10:39 - 2016-06-15 10:39 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe 2016-07-13 20:10 - 2016-07-01 11:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-07-13 20:10 - 2016-07-01 11:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-07-13 20:10 - 2016-07-01 11:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-08-18 18:13 - 2016-08-18 18:15 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe 2016-08-18 18:13 - 2016-08-18 18:15 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll 2016-06-03 15:51 - 2016-06-03 15:53 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll 2016-03-04 16:16 - 2016-03-04 17:13 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll 2012-05-22 17:48 - 2011-11-29 19:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-05-22 17:49 - 2012-04-18 18:50 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2015-11-08 12:37 - 2016-08-09 07:27 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-11-08 12:37 - 2015-07-02 06:06 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-11-08 12:37 - 2016-08-24 03:33 - 02321184 _____ () C:\Program Files (x86)\Steam\video.dll 2015-11-08 12:37 - 2016-01-27 15:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-11-08 12:37 - 2016-01-27 15:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-11-08 12:37 - 2016-01-27 15:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-11-08 12:37 - 2016-01-27 15:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-11-08 12:37 - 2016-01-27 15:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-11-08 12:37 - 2015-07-02 06:06 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-11-08 12:37 - 2015-07-02 06:06 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-11-08 12:37 - 2016-08-24 03:33 - 00835360 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-03-09 19:34 - 2016-07-05 06:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2015-04-11 13:02 - 2012-06-25 16:54 - 00599419 _____ () C:\Users\samsung\Desktop\ScanSnap Files\PFU\ScanSnap\CardMinder\sqlite3.dll 2016-06-23 10:34 - 2016-06-23 10:34 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2016-09-05 09:19 - 2016-08-11 00:41 - 50663696 _____ () C:\Users\samsung\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2015-11-08 12:37 - 2016-08-05 04:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-09-05 09:19 - 2016-08-11 00:41 - 01881880 _____ () C:\Users\samsung\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2016-09-05 09:19 - 2016-08-11 00:41 - 00082200 _____ () C:\Users\samsung\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2016-05-24 11:10 - 2016-05-24 11:10 - 00679624 _____ () C:\Users\samsung\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2015-11-08 12:37 - 2015-09-25 07:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll 2016-09-07 19:37 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\samsung\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll 2016-09-07 19:37 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\samsung\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\samsung\Cookies:2AvvZcN0ucNj3D486cbO7gY4 [2018] AlternateDataStreams: C:\Users\samsung\AppData\Local\xNNOgvjbn:PSH68b1JgvoXeRjlpihDaLC4pTnr [2192] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 10:34 - 2016-06-09 11:31 - 00001059 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 activation.cloud.techsmith.com 127.0.0.1 65.52.240.48 127.0.0.1 oscount.techsmith.com 127.0.0.1 69.167.144.18 127.0.0.1 www.mirillis.com 127.0.0.1 s0ft4pc.com 127.0.0.1 serwer2.paka-service.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-1285780863-4141913994-941100708-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\samsung\Pictures\CSGO Background.jpg DNS Servers: 210.4.2.61 - 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: BEService => 3 MSCONFIG\Services: BstHdAndroidSvc => 3 MSCONFIG\Services: BstHdLogRotatorSvc => 3 MSCONFIG\Services: BstHdUpdaterSvc => 3 MSCONFIG\Services: Disc Soft Lite Bus Service => 3 MSCONFIG\Services: GameConsoleService => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: Hamachi2Svc => 2 MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2 MSCONFIG\Services: LMIGuardianSvc => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: MediaFire Desktop Updater Service => 3 MSCONFIG\Services: MF NTFS Monitor => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Razer Game Scanner Service => 2 MSCONFIG\Services: RichVideo => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: ss_conn_service => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: wwSecSvc => 2 MSCONFIG\Services: ZAtheros Bt&Wlan Coex Agent => 2 HKLM\...\StartupApproved\StartupFolder: => "Conversion to PDF with ScanSnap Organizer.lnk" HKLM\...\StartupApproved\StartupFolder: => "ScanSnap Manager.lnk" HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run: => "AthBtTray" HKLM\...\StartupApproved\Run: => "AtherosBtStack" HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager" HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "BlueStacks Agent" HKLM\...\StartupApproved\Run32: => "CLMLServer" HKLM\...\StartupApproved\Run32: => "YouCam Service6" HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "PowerDVD13Agent" HKLM\...\StartupApproved\Run32: => "20131121" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "ScanSnap OnlineUpdate Watcher" HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\StartupApproved\StartupFolder: => "Zcan+.lnk" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\StartupApproved\Run: => "MediaFire Tray" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\StartupApproved\Run: => "EvolveClient" HKU\S-1-5-21-1285780863-4141913994-941100708-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{6FAFBC53-9571-4BE2-9CB1-598170DA170B}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe FirewallRules: [{88B88728-668B-4760-9457-12BA26E79028}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe FirewallRules: [{51E36464-0324-413D-9DCC-27846A95752A}] => (Allow) E:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{ACBA64A6-1A1A-48C8-AA98-8A9D7AD802D5}] => (Allow) E:\SteamLibrary\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{5B2C80BA-AD70-42C1-9169-5FE69FE1B9FE}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{2984FDFF-2441-41EC-B1CC-80F801D10D3D}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect.exe FirewallRules: [{C48ABF86-3325-497A-A120-1311EA5F4110}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{AF93AC6C-AB7E-437D-980A-1A1F375CE17B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{E1A665BF-9268-48E6-AA4A-40F5F02FB7D8}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{8218D43A-0413-43DD-8981-4883FD2F732A}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [UDP Query User{B83BE547-1F6B-493E-AA4B-C8FD66C72B75}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => (Block) E:\steamlibrary\steamapps\common\aftermath\aftermath.exe FirewallRules: [TCP Query User{3D6695EF-1830-4FFE-AECA-34CB4C95715C}E:\steamlibrary\steamapps\common\aftermath\aftermath.exe] => (Block) E:\steamlibrary\steamapps\common\aftermath\aftermath.exe FirewallRules: [{B3B68258-AD65-48B6-8A23-6C01C93EC5FB}] => (Block) E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe FirewallRules: [{B616076A-8617-4FE7-8DF5-CC6737494F75}] => (Block) E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe FirewallRules: [UDP Query User{2F5F3180-B50D-447A-B416-84CFF708973D}E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe FirewallRules: [TCP Query User{56A67C15-BF05-47BF-B746-66752F670B4B}E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe] => (Allow) E:\steamlibrary\steamapps\common\aftermath\amlauncher.exe.new.exe FirewallRules: [{BDA20696-B2B2-4B58-AAC8-2CAED8F456A1}] => (Allow) E:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{A1D30CE9-C200-4DDF-860E-BF9208E9F59A}] => (Allow) E:\SteamLibrary\steamapps\common\Trove\GlyphClient.exe FirewallRules: [{C78BB815-A68C-4B9B-BAAD-B9BF6987A4A1}] => (Allow) C:\Users\samsung\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{093D3D52-B18B-4ECE-B9F6-646DA5CABF95}] => (Allow) C:\Users\samsung\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{64A4ABAF-6CAD-4899-9982-2187CAA96B0A}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [TCP Query User{E2C438FF-53AC-400F-8FDA-A76B9D4E8906}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{493F9F85-B3B8-4B84-9EF2-1516C273C713}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe FirewallRules: [{00264F58-5B4B-4977-B8D4-2EA0D99065FA}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe FirewallRules: [{84518905-61D1-43B9-A239-98E81F25F8AE}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe FirewallRules: [{BFE3FB98-C61A-4AC2-8ADF-973E52CF3127}] => (Allow) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe FirewallRules: [TCP Query User{611B5570-5F7A-481F-BD1B-67F186B3D3F2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{130BF870-4DDB-403E-9C57-F0BCCA3B6005}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{1AAE3CE4-461F-42DD-A26B-86A4CD6E65B7}C:\Program Files (x86)\Skype\Phone\Skype.exe] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{8ED023A4-08B1-43E0-A027-DC6C7D2FB2B5}C:\Program Files (x86)\Skype\Phone\Skype.exe] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{CE47BDC2-DFE4-4A26-997E-86F160AEB656}C:\users\samsung\appdata\roaming\allmyapps\allmyapps.exe] => (Allow) C:\users\samsung\appdata\roaming\allmyapps\allmyapps.exe FirewallRules: [UDP Query User{ACC4D298-7B5A-4338-869A-DDA448C3FF09}C:\users\samsung\appdata\roaming\allmyapps\allmyapps.exe] => (Allow) C:\users\samsung\appdata\roaming\allmyapps\allmyapps.exe FirewallRules: [TCP Query User{F6A7329B-56B0-4E6C-8EAE-989542299861}C:\users\samsung\appdata\roaming\allmyapps\allmyapps.exe] => (Block) C:\users\samsung\appdata\roaming\allmyapps\allmyapps.exe FirewallRules: [UDP Query User{2E9124B0-3706-41C2-9011-D11D973D6380}C:\users\samsung\appdata\roaming\allmyapps\allmyapps.exe] => (Block) C:\users\samsung\appdata\roaming\allmyapps\allmyapps.exe FirewallRules: [TCP Query User{5792B258-FF1A-48CC-9102-01BE7C7AE5FF}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{8B281ECB-ABD0-4AF7-9A9F-6BEF85285416}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{3875A7D7-9BE2-4210-8418-2E558F08E5B2}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{ABF2A1B7-31D4-49CD-A0DC-70B2E70334CE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{C1A6A802-1D05-4024-BCDB-08A2F1ABBDB9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{B8A883DE-9BB6-4246-86E2-D88744287131}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [UDP Query User{83F3A220-41D0-40FF-9A81-24F1BF703239}C:\windows\system32\java.exe] => (Allow) C:\windows\system32\java.exe FirewallRules: [TCP Query User{802F8BD3-2766-47B7-AD36-852BA6C6EB74}C:\program files (x86)\sugarsync\sugarsyncmanager.exe] => (Allow) C:\program files (x86)\sugarsync\sugarsyncmanager.exe FirewallRules: [UDP Query User{5A299A38-E7BB-4EDA-A124-F1D64F5201C3}C:\program files (x86)\sugarsync\sugarsyncmanager.exe] => (Allow) C:\program files (x86)\sugarsync\sugarsyncmanager.exe FirewallRules: [{F2C0EBFB-171D-4AB5-9B26-3E024A8FE798}] => (Block) C:\program files (x86)\sugarsync\sugarsyncmanager.exe FirewallRules: [{16AA7722-4DC7-4FE0-B709-2B423A696002}] => (Block) C:\program files (x86)\sugarsync\sugarsyncmanager.exe FirewallRules: [TCP Query User{5CC713B8-722E-4A4D-AC67-387A62C1024E}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{C7332AB7-BA54-41A8-918C-7838B6C9177E}C:\program files\java\jre7\bin\javaw.exe] => (Block) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{E92AC35F-D994-43AD-96BF-BFE2B29557D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{6184B122-38FF-4EAE-86E2-5E265EF9C5B6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{3CBC73E6-3BAD-41CC-BB56-236DB60AC18C}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe FirewallRules: [UDP Query User{165CB21A-A62C-43C7-98EF-5DE1C3822C49}C:\program files (x86)\videoviewer\videoviewer.exe] => (Allow) C:\program files (x86)\videoviewer\videoviewer.exe FirewallRules: [{F61C9D5F-6C9E-489D-9312-9957658BBB2C}] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe FirewallRules: [{CEAB0644-FDAF-42EA-9BEF-2FBF664CFFBE}] => (Block) C:\program files (x86)\videoviewer\videoviewer.exe FirewallRules: [{CB96B3CB-1F19-42FB-B1F7-B37CCF61A8BF}] => (Allow) C:\Users\samsung\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe FirewallRules: [{755DC5FE-CF58-4DBD-9591-D95D7881D765}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13.exe FirewallRules: [{010A7552-CD5B-4AD7-9909-E3EA89F2A73B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMR\PowerDVD13DMREngine.exe FirewallRules: [{005C01FC-3951-4A8C-B00D-D89FBDFAAB64}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe FirewallRules: [{6648DEB2-FDC0-4C50-A41B-57E8836EB0C1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13Agent.exe FirewallRules: [{7A96C3FD-60B1-4862-96BF-99CC2C8292EA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13ML.exe FirewallRules: [{7DF59D8E-202E-40C2-B621-94249F37550B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD13\Movie\PowerDVD.exe FirewallRules: [{D1BA587E-8FB5-4B81-B3D6-D6142D2444C6}] => (Allow) C:\Program Files (x86)\Minecraft\Minecraft.exe FirewallRules: [{1F20B64E-FDF3-480B-AC3E-4A8E188960C7}] => (Allow) C:\Program Files (x86)\Minecraft\Minecraft.exe FirewallRules: [{90D9CBE1-9745-486D-BD7F-F4AC5769B788}] => (Allow) C:\Program Files (x86)\Minecraft\Minecraft.exe FirewallRules: [{90DDA488-A940-4FF0-B52E-E9BF4555F413}] => (Allow) C:\Program Files (x86)\Minecraft\Minecraft.exe FirewallRules: [{BCE4A40B-555F-4C80-889B-8F394463E028}] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{80951187-889C-404F-8533-814EA6077F96}] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{2DAF9BCA-E4B2-4016-A9C7-782638EC6566}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector11\PDR10.EXE FirewallRules: [TCP Query User{089E2941-77C3-4C7D-A418-28DFED8F483C}C:\smartpixel\bin\smartpixel.exe] => (Allow) C:\smartpixel\bin\smartpixel.exe FirewallRules: [UDP Query User{E74E75BF-DD58-4891-BD5D-621F0C846F20}C:\smartpixel\bin\smartpixel.exe] => (Allow) C:\smartpixel\bin\smartpixel.exe FirewallRules: [{924D4E14-1DA1-4BDB-BA82-CC00BFA6E014}] => (Block) C:\smartpixel\bin\smartpixel.exe FirewallRules: [{79164D08-D913-4850-A75E-EE94F4CE28F4}] => (Block) C:\smartpixel\bin\smartpixel.exe FirewallRules: [{81D0736E-B9D5-4218-9A9F-DA1FB5D01A92}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{1003DFC4-038F-479B-B1B6-804C0D1C3E3B}] => (Allow) LPort=2869 FirewallRules: [{3B0AA27D-6CE8-4057-9EC1-988FF0FB0D44}] => (Allow) LPort=1900 FirewallRules: [{E867DE4E-6D7E-47EF-9401-F942FA3B0DE7}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{19370ED5-3B5F-497A-A7CE-969E43B00643}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{D98294F8-CA73-4374-98A3-84A590DE89A4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{E2523B5A-8B3A-417B-8CAE-0BB6507AD603}] => (Allow) C:\Program Files\Valve\Garry's Mod\hl2.exe FirewallRules: [{3B5DD46B-5CC0-4A94-AE1B-D0FD8F8C7D67}] => (Allow) C:\Program Files\Valve\Garry's Mod\hl2.exe FirewallRules: [{8222C14F-A2BF-47B6-B27B-0A321BCDA4B8}] => (Allow) C:\Program Files\Valve\Garry's Mod\hl2.exe FirewallRules: [{BEC4655F-3D05-40B3-9A90-50670FAB95F8}] => (Allow) C:\Program Files\Valve\Garry's Mod\hl2.exe FirewallRules: [{34C3502E-DAE1-4731-AD25-D8415DB9FDD0}] => (Allow) C:\Program Files\Valve\Garry's Mod\srcds.exe FirewallRules: [{053A0D38-08A4-4D2B-B2E0-8C96A6FD95B7}] => (Allow) C:\Program Files\Valve\Garry's Mod\srcds.exe FirewallRules: [{35FF3DD7-62DD-4F19-B3F3-D830F973CBE5}] => (Allow) C:\Program Files\Valve\Garry's Mod\srcds.exe FirewallRules: [{8891AAFE-88DA-4114-808E-C2CA2AF9C391}] => (Allow) C:\Program Files\Valve\Garry's Mod\srcds.exe FirewallRules: [TCP Query User{6538317C-F576-47F4-BD9B-D8E143E722E8}C:\users\samsung\appdata\local\temp\rar$exa0.039\counter-strike 1.6\hl.exe] => (Allow) C:\users\samsung\appdata\local\temp\rar$exa0.039\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{C25A08B1-7F00-4E26-8FDC-D66C40966A4B}C:\users\samsung\appdata\local\temp\rar$exa0.039\counter-strike 1.6\hl.exe] => (Allow) C:\users\samsung\appdata\local\temp\rar$exa0.039\counter-strike 1.6\hl.exe FirewallRules: [{7F19BC10-B3E9-4CA2-AE75-805E853D12BC}] => (Block) C:\users\samsung\appdata\local\temp\rar$exa0.039\counter-strike 1.6\hl.exe FirewallRules: [{ADFA70A1-5DE2-4A32-B026-47A12F36FCB0}] => (Block) C:\users\samsung\appdata\local\temp\rar$exa0.039\counter-strike 1.6\hl.exe FirewallRules: [TCP Query User{9DDCA9E1-D54B-4BCF-A8D7-CDAB2E1D8040}C:\users\samsung\desktop\counter-strike 1.6\hl.exe] => (Allow) C:\users\samsung\desktop\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{09163F62-7B41-4635-8CCC-D74A89E579F8}C:\users\samsung\desktop\counter-strike 1.6\hl.exe] => (Allow) C:\users\samsung\desktop\counter-strike 1.6\hl.exe FirewallRules: [{CA81818D-0552-4742-A607-B2F468F596D5}] => (Block) C:\users\samsung\desktop\counter-strike 1.6\hl.exe FirewallRules: [{DA2908A0-CD64-47CD-874C-65EDE96F9AE5}] => (Block) C:\users\samsung\desktop\counter-strike 1.6\hl.exe FirewallRules: [TCP Query User{A68426B0-B20F-446C-8BA2-202A3B18F811}C:\program files (x86)\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe] => (Allow) C:\program files (x86)\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe FirewallRules: [UDP Query User{BE2033B4-A0B3-4C8C-989E-F80790F82EC8}C:\program files (x86)\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe] => (Allow) C:\program files (x86)\bohemia interactive\arma 2 operation arrowhead\arma2oa.exe FirewallRules: [TCP Query User{4B158AEC-A4B4-480B-B5AD-5339D74E17D0}C:\users\samsung\desktop\my folder\counter-strike 1.6\hl.exe] => (Allow) C:\users\samsung\desktop\my folder\counter-strike 1.6\hl.exe FirewallRules: [UDP Query User{A6CE714A-37EF-4A45-AF3F-7596380B1199}C:\users\samsung\desktop\my folder\counter-strike 1.6\hl.exe] => (Allow) C:\users\samsung\desktop\my folder\counter-strike 1.6\hl.exe FirewallRules: [{6ECB18BC-8BB9-45A5-BC8B-D9FEB55CED73}] => (Block) C:\users\samsung\desktop\my folder\counter-strike 1.6\hl.exe FirewallRules: [{E46C1414-FA59-4E50-A6C6-570CD45A3207}] => (Block) C:\users\samsung\desktop\my folder\counter-strike 1.6\hl.exe FirewallRules: [TCP Query User{23ED0A98-2631-409E-8100-A2C64E4846A2}C:\program files\java\jdk1.7.0_71\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_71\bin\java.exe FirewallRules: [UDP Query User{21DCE575-CF80-417D-B61E-5C4F8E5E3FE5}C:\program files\java\jdk1.7.0_71\bin\java.exe] => (Allow) C:\program files\java\jdk1.7.0_71\bin\java.exe FirewallRules: [{6872D5FB-44AF-4F62-94BF-A6DF9312A053}] => (Block) C:\program files\java\jdk1.7.0_71\bin\java.exe FirewallRules: [{A9C02D2F-6218-4101-9C21-CB8D9661BB6B}] => (Block) C:\program files\java\jdk1.7.0_71\bin\java.exe FirewallRules: [TCP Query User{773DE775-1D49-4F28-8A56-65F0E976D719}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe FirewallRules: [UDP Query User{A40622D9-D2E6-48BA-B9F4-4262267F037D}C:\program files\android\android studio\bin\studio64.exe] => (Allow) C:\program files\android\android studio\bin\studio64.exe FirewallRules: [{A546C632-9275-40FC-856E-A6471AD8A38D}] => (Block) C:\program files\android\android studio\bin\studio64.exe FirewallRules: [{777B9E11-EA63-4408-B2EB-C99AA6CA3513}] => (Block) C:\program files\android\android studio\bin\studio64.exe FirewallRules: [TCP Query User{5F97A926-678C-478A-AFD4-E2CC2FED59B1}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{0D600C58-67CD-40C1-8B0B-D790F0B1D914}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [{A269FAC1-9571-491B-869C-B9235AC04366}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [{1AE80115-686A-4CBA-88C8-653007EEF33B}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [TCP Query User{9B3597A7-AC9C-4238-B1DE-3972A311A6F8}C:\users\samsung\appdata\local\temp\rar$exa0.115\killcraft2.exe] => (Allow) C:\users\samsung\appdata\local\temp\rar$exa0.115\killcraft2.exe FirewallRules: [UDP Query User{3DC8A164-BEB7-4543-BDA7-4E73FBA65AE3}C:\users\samsung\appdata\local\temp\rar$exa0.115\killcraft2.exe] => (Allow) C:\users\samsung\appdata\local\temp\rar$exa0.115\killcraft2.exe FirewallRules: [TCP Query User{44B57AE1-A29B-4C7D-BA78-67E6BD67886A}C:\users\samsung\downloads\withsix-play.exe] => (Allow) C:\users\samsung\downloads\withsix-play.exe FirewallRules: [UDP Query User{1155D398-0CEC-4FE7-AE43-6126BB750C75}C:\users\samsung\downloads\withsix-play.exe] => (Allow) C:\users\samsung\downloads\withsix-play.exe FirewallRules: [{72446386-C4AB-473F-9F30-15509B33371D}] => (Block) C:\users\samsung\downloads\withsix-play.exe FirewallRules: [{3A32C881-EE69-4CFD-B3FF-6EEB204D7359}] => (Block) C:\users\samsung\downloads\withsix-play.exe FirewallRules: [TCP Query User{11F02661-78DC-4E8D-ABD5-BE5634669552}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe FirewallRules: [UDP Query User{DF7A9913-2950-437D-BE44-B52EB2F30950}C:\program files\java\jre1.8.0_31\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\java.exe FirewallRules: [{84AC3D2C-D25B-4693-99D2-7C80724948D3}] => (Block) C:\program files\java\jre1.8.0_31\bin\java.exe FirewallRules: [{28F2A17E-65A0-4BD6-9965-98E340318995}] => (Block) C:\program files\java\jre1.8.0_31\bin\java.exe FirewallRules: [TCP Query User{B5CBACB2-CBF0-41ED-9754-6156F1C3F227}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe FirewallRules: [UDP Query User{7CED4242-9D1E-4B7B-9398-E46866A5205D}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe FirewallRules: [TCP Query User{CBA6C6DE-F877-4276-B901-B756702696CE}C:\users\samsung\appdata\local\playwithsix\app-1.66.1184.1\play.exe] => (Allow) C:\users\samsung\appdata\local\playwithsix\app-1.66.1184.1\play.exe FirewallRules: [UDP Query User{12BA7968-5BE6-443C-94E8-1D4382216435}C:\users\samsung\appdata\local\playwithsix\app-1.66.1184.1\play.exe] => (Allow) C:\users\samsung\appdata\local\playwithsix\app-1.66.1184.1\play.exe FirewallRules: [{8E450057-70E5-432A-A8CA-7A107B293A9F}] => (Block) C:\users\samsung\appdata\local\playwithsix\app-1.66.1184.1\play.exe FirewallRules: [{0D2870EE-15A2-46CC-92BF-C00A99F42D74}] => (Block) C:\users\samsung\appdata\local\playwithsix\app-1.66.1184.1\play.exe FirewallRules: [TCP Query User{50672088-53E9-425E-B164-7A14D0349F7B}C:\users\samsung\documents\arma 2\beta_oa\arma2oa.exe] => (Allow) C:\users\samsung\documents\arma 2\beta_oa\arma2oa.exe FirewallRules: [UDP Query User{A96EFDAF-2CFA-4D51-8FF6-DC5DB09DCD2F}C:\users\samsung\documents\arma 2\beta_oa\arma2oa.exe] => (Allow) C:\users\samsung\documents\arma 2\beta_oa\arma2oa.exe FirewallRules: [{8CB90FF4-59AE-4231-9289-DC602E3F3177}] => (Block) C:\users\samsung\documents\arma 2\beta_oa\arma2oa.exe FirewallRules: [{82BB3664-72C8-425E-8B92-6830656E7143}] => (Block) C:\users\samsung\documents\arma 2\beta_oa\arma2oa.exe FirewallRules: [TCP Query User{7FF0039F-594A-4F5C-9164-9423D188F616}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe FirewallRules: [UDP Query User{0ECD5910-260C-4B53-9C8D-989DB9D2C07F}C:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) C:\program files (x86)\secondlifeviewer\slvoice.exe FirewallRules: [{73720C16-6650-439C-B8D7-47FA419FCACD}] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe FirewallRules: [{438BDD3F-6B39-4DF7-867E-A4F35B3062EB}] => (Block) C:\program files (x86)\secondlifeviewer\slvoice.exe FirewallRules: [{0EC6EB3E-6ABD-4EAA-BD06-F719DEEAC8D5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe FirewallRules: [{A61EEE83-AB53-4B3F-8A5F-F47559953818}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe FirewallRules: [TCP Query User{188A0086-28B4-44C2-872D-B96E4A00AEBC}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [UDP Query User{141BD021-EB1A-4E57-AECF-3D32E4B4DDDB}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [{8044DA24-080F-4740-929F-11610C6E62CF}] => (Block) C:\program files\unity\editor\unity.exe FirewallRules: [{259DD5F5-67FC-4116-956D-AE64BEE6D864}] => (Block) C:\program files\unity\editor\unity.exe FirewallRules: [TCP Query User{5FCA50D4-83F2-42C6-9F0C-82D8EACF8C26}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{A0CABCBD-85EB-4340-BA8D-3E7573E18B8B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{E4BDFCFF-8DB6-485C-9C80-423E70021427}] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{428D918A-FAF7-4E4E-97C9-5A26997E828E}] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{8BE48404-42EA-467F-8866-4EAD0607105E}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\DeviceSetup.exe FirewallRules: [{C5E65440-ED1D-4408-A778-82E00586CB50}] => (Allow) LPort=5357 FirewallRules: [{7ADC0664-E219-4330-B248-E6FBA677BCDD}] => (Allow) C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{013880CF-FD2F-45AB-AF4B-EA4F3BF836CB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{5198D2BC-3757-489F-9A49-F72677A05144}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{1EB32C1A-BD0B-4510-BE21-BF22C7B9BBBB}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{50F25886-A004-43CD-AA05-25E0C1E13645}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{6A365D46-9C35-4217-8767-23AFF53C631B}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{C3C8040C-336B-4F70-8273-00CCAECB87E8}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [TCP Query User{207A15AC-E9EE-4966-AE6A-68C54DD2FBD6}C:\users\samsung\desktop\my folder\for home\games\terraria 1.3.0.4\terraria.exe] => (Allow) C:\users\samsung\desktop\my folder\for home\games\terraria 1.3.0.4\terraria.exe FirewallRules: [UDP Query User{780EBC32-ECB1-4F01-BD1A-AA5863DF8C8D}C:\users\samsung\desktop\my folder\for home\games\terraria 1.3.0.4\terraria.exe] => (Allow) C:\users\samsung\desktop\my folder\for home\games\terraria 1.3.0.4\terraria.exe FirewallRules: [{DBD3FA22-5B03-4E8E-9147-103C721AF3F9}] => (Block) C:\users\samsung\desktop\my folder\for home\games\terraria 1.3.0.4\terraria.exe FirewallRules: [{AC6F50B6-0894-468A-925E-A3A9CDB0FB9E}] => (Block) C:\users\samsung\desktop\my folder\for home\games\terraria 1.3.0.4\terraria.exe FirewallRules: [TCP Query User{FCEBF7F3-DD44-4EF5-A348-0C5BA237035A}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{723E9E86-E900-4400-981E-E7765FDE01E0}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [{0C0BE134-BF4C-4C1A-A177-435A758E4558}] => (Allow) C:\windows\SysWOW64\rundll32.exe FirewallRules: [{F37AAC3A-D66A-4ABE-802D-1B8AC27EEEFC}] => (Allow) C:\Users\samsung\Downloads\LoLInstaller.exe FirewallRules: [{3FE5CE8A-074C-42E6-9B82-8E8A23775400}] => (Allow) C:\Users\samsung\Downloads\LoLInstaller.exe FirewallRules: [{52ACD763-0785-4878-A092-A630AD2E0D93}] => (Allow) C:\Program Files (x86)\Garena Plus\ggdllhost.exe FirewallRules: [{7472D313-CE8D-4DB7-AA5A-7EAB676AC31F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{7F83B61C-1BCC-4D87-B35F-D015173F04F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{8E84A558-D520-479F-883E-8BC2424A2E02}] => (Allow) E:\SteamLibrary\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [{F4F628C0-190B-4AB7-99D3-53E361538B51}] => (Allow) E:\SteamLibrary\steamapps\common\Company of Heroes 2\RelicCoH2.exe FirewallRules: [TCP Query User{98556ADE-F087-45BA-8DB0-B120FB31E681}C:\users\samsung\appdata\local\playwithsix\app-1.68.1153.2\play.exe] => (Allow) C:\users\samsung\appdata\local\playwithsix\app-1.68.1153.2\play.exe FirewallRules: [UDP Query User{7F98375F-2938-4BFE-9A1A-2C526CD2C50A}C:\users\samsung\appdata\local\playwithsix\app-1.68.1153.2\play.exe] => (Allow) C:\users\samsung\appdata\local\playwithsix\app-1.68.1153.2\play.exe FirewallRules: [{141E4845-51E7-43AC-A625-0A33D8EAD246}] => (Block) C:\users\samsung\appdata\local\playwithsix\app-1.68.1153.2\play.exe FirewallRules: [{9FF34ED5-33F1-4475-8227-09FCADD0CFE8}] => (Block) C:\users\samsung\appdata\local\playwithsix\app-1.68.1153.2\play.exe FirewallRules: [{F302B5D5-AD88-4373-977B-F6F1BB5850A1}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{C04B6B0D-0513-4A77-A649-22C8F12AB836}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{72A64671-17F6-4389-AC12-9F8497C92F69}] => (Allow) E:\SteamLibrary\steamapps\common\Emily is Away\emily is away.exe FirewallRules: [{9ECDD887-A7F9-412D-8EC6-CD4DA78DB8F8}] => (Allow) E:\SteamLibrary\steamapps\common\Emily is Away\emily is away.exe FirewallRules: [{31A1BCB3-E5D1-4506-A7E7-F2BC5E2D9D6C}] => (Allow) E:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB.exe FirewallRules: [{A1A056A2-4552-4ADF-8838-A9A383DD8331}] => (Allow) E:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\APB.exe FirewallRules: [{382D43C0-8518-450E-A174-664CFBC7424D}] => (Allow) E:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe FirewallRules: [{A35AFCAD-99F3-4E1B-95E2-F35859A7A649}] => (Allow) E:\SteamLibrary\steamapps\common\APB Reloaded\Binaries\VivoxVoiceService.exe FirewallRules: [{A096C7DA-5469-41B5-88DC-90FC6E4D192D}] => (Allow) E:\SteamLibrary\steamapps\common\Red Faction Guerrilla\rfg_launcher.exe FirewallRules: [{BE1EFE60-3D8D-4EAC-AFC2-7B897500CD24}] => (Allow) E:\SteamLibrary\steamapps\common\Red Faction Guerrilla\rfg_launcher.exe FirewallRules: [{2B13D3D7-239E-441B-90FB-1DC1F4394883}] => (Allow) E:\SteamLibrary\steamapps\common\Red Faction Guerrilla\rfg.exe FirewallRules: [{33C960E8-E16C-47EE-8834-13184CF0E211}] => (Allow) E:\SteamLibrary\steamapps\common\Red Faction Guerrilla\rfg.exe FirewallRules: [TCP Query User{B2D514D4-5A28-4A97-BFF5-1FAE5343351C}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe FirewallRules: [UDP Query User{EDD3E199-117E-4FCB-94D4-D5F59577C999}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe FirewallRules: [{456F8B83-3340-4C9D-8BBE-C6C3E07E9EC5}] => (Block) C:\program files\java\jre1.8.0_71\bin\javaw.exe FirewallRules: [{E816CF4F-18B3-4501-A320-039E2BB1EA3C}] => (Block) C:\program files\java\jre1.8.0_71\bin\javaw.exe FirewallRules: [{7B9FBF37-2642-4024-AE53-02C4FCCA5D6F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{969FDB8D-96C3-4CF9-8237-AB293E71A743}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{F6C5BE2A-FF26-4829-95F0-1701CA286653}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{E323EB31-621F-47A9-A07B-71E8824E3C2C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{2114C567-752A-49FE-AA3A-D6EEEBBECE20}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe FirewallRules: [{A96D3396-634E-48B4-90A9-A534EC7C768A}] => (Allow) E:\SteamLibrary\steamapps\common\Prison Architect\Prison Architect Safe Mode.exe FirewallRules: [{8C3725A4-B3B6-4815-9C26-B8687A2A1869}] => (Allow) C:\Users\samsung\AppData\Local\CatalinaGroup\Citrio\Application\citrio.exe FirewallRules: [{FDAE61D9-8303-420C-AE66-EAB3E9CF324D}] => (Allow) C:\Users\samsung\AppData\Local\CatalinaGroup\Citrio\Application\citrio.exe FirewallRules: [{8F4B85FF-D6F8-4CCB-9087-25158522FEEC}] => (Allow) E:\SteamLibrary\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe FirewallRules: [{ECA97A1F-A43C-4087-A277-CBBD34E8B1A3}] => (Allow) E:\SteamLibrary\steamapps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe FirewallRules: [{2C12CBED-19B4-4DD3-A27D-39782B66AED4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{8378AAC8-7878-451E-9798-BE63B30A5719}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{961ACD67-FAC5-4520-B59D-B0CFAE30FA65}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{792CAE3D-0A1B-430A-9D39-DD9D798F23C5}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{7107836E-3B0D-4392-85F7-8592C61A1364}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [UDP Query User{C6214D6F-9B7C-4D29-98DE-1E1D62574A2F}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [{23C02B08-F602-493B-9B2D-D66B92BEF80A}] => (Block) C:\program files\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [{4751A218-A7E4-45FC-A163-D3070F7603A3}] => (Block) C:\program files\java\jre1.8.0_77\bin\javaw.exe FirewallRules: [TCP Query User{DF63459C-19B9-455C-82D1-100E5A1E4288}E:\games\firewatch\firewatch.exe] => (Block) E:\games\firewatch\firewatch.exe FirewallRules: [UDP Query User{9320DBC4-23A1-4038-B97B-92D77D2F6F1B}E:\games\firewatch\firewatch.exe] => (Block) E:\games\firewatch\firewatch.exe FirewallRules: [TCP Query User{17139FA4-D380-4CE7-8628-A3111BD0E644}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{7CF44ABC-7771-41AA-974D-2A6540F4294C}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{323A4006-0DCF-40A3-88EF-A9A591857DA0}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{C19A59C3-B6E0-4E1E-B6F5-6E07DE4E0FC1}] => (Block) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{2791AA17-048D-4DCB-A7DE-C25EB0EEFAB9}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{C2A2A97B-2E93-4256-BBF7-5158C3910822}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [TCP Query User{03BE9A99-8A62-43CF-8591-6336E3844D26}C:\program files (x86)\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.12\engine\binaries\win64\ue4editor.exe FirewallRules: [UDP Query User{F31FAEBF-1CE0-4B7E-82BB-4E3713342DE3}C:\program files (x86)\epic games\4.12\engine\binaries\win64\ue4editor.exe] => (Allow) C:\program files (x86)\epic games\4.12\engine\binaries\win64\ue4editor.exe FirewallRules: [{583C14F7-F8F5-4132-9ED1-1A062269D9D6}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{2AEC5F2B-C171-4EBB-BDE7-0048A80B459B}] => (Allow) E:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{90EA3BF1-B6B0-4581-BC58-326599460364}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{821A00DC-E896-4478-987E-8197B7701714}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe FirewallRules: [{12533DF5-6998-49D3-8AD6-7BADAE00E21B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [{1B787E85-96E4-4D98-AF8C-6AFD5C7666F7}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe FirewallRules: [TCP Query User{E366A55A-64A6-4B2B-A06F-1118A350B34C}E:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\arma3.exe FirewallRules: [UDP Query User{9D4742E7-6A9E-49D8-AC09-A71FF0394C73}E:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Allow) E:\steamlibrary\steamapps\common\arma 3\arma3.exe FirewallRules: [{B7C75324-36DB-4DF5-84B8-FA0E7DD4D38F}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{1BF3AFE7-612F-41FA-BEA3-7D7DD3C999B5}] => (Allow) E:\SteamLibrary\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe FirewallRules: [{0A289607-E5B5-4F9C-8C32-3C3589DA12FC}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [{FC5F16D0-1422-451B-B12D-2D8E047E4CB9}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe FirewallRules: [TCP Query User{8D1B1800-8B19-4199-BC75-944AF98F6374}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe FirewallRules: [UDP Query User{A08A0C14-21AE-4B2B-970D-788730F763D2}C:\program files\java\jre1.8.0_101\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_101\bin\javaw.exe FirewallRules: [{17EF9A95-9099-4B32-AB59-76A4B2D4418D}] => (Allow) E:\SteamLibrary\steamapps\common\RegeriaHope\RegeriaHopeEp1Steam.exe FirewallRules: [{E3514672-6A2A-4A2F-A11B-44E681E54220}] => (Allow) E:\SteamLibrary\steamapps\common\RegeriaHope\RegeriaHopeEp1Steam.exe FirewallRules: [{3C316694-CED5-49ED-87AC-5007AC5C2F50}] => (Allow) E:\SteamLibrary\steamapps\common\narcissu2\narci2.exe FirewallRules: [{B42BD974-5CEA-42BF-9AA4-695630110851}] => (Allow) E:\SteamLibrary\steamapps\common\narcissu2\narci2.exe FirewallRules: [{40265321-033F-4A76-BBD3-9FFBF5D80196}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{830C7F4A-6993-49BE-BD04-01D256BB5FE6}] => (Allow) C:\Program Files (x86)\Zcan+\Scanner Mouse.exe FirewallRules: [{4CE513C2-21F0-4CAE-BE94-45E27C54F4F9}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{4EC3ACE4-EC30-4E99-BC16-30621EFF859C}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{C6A317C3-28F9-4F78-BF55-3EFC190FBCB2}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{D21ACC92-0EDB-4693-87E1-7D2DB1B17C80}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{802FFB07-5C44-4754-8D59-758A65BD142F}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{B221BBE3-0830-4D65-989E-62A1CA086A79}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{D050BA3A-BFE9-41AE-9309-2DC85514AA87}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{F78C790B-26C8-43C5-B1AE-B1B921A89FF5}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{181986CD-8845-4047-9E23-460113B36F0E}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.exe FirewallRules: [{678811B1-66A6-44AD-A2F9-8138C7BE2F88}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{0427EB86-18A7-4BDC-938C-718100B94BA4}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{7CB5AEE0-1866-4757-887D-372FA2E0601F}] => (Allow) E:\SteamLibrary\steamapps\common\Warframe\Tools\RemoteCrashSender.exe ==================== Restore Points ========================= 14-08-2016 19:07:06 Windows Update 27-08-2016 15:45:48 Scheduled Checkpoint 03-09-2016 13:07:51 Windows Update ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/08/2016 06:24:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: atieclxx.exe, version: 6.14.11.1199, time stamp: 0x563a76a9 Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb Exception code: 0xc0000374 Fault offset: 0x00000000000ee6fc Faulting process id: 0x51c Faulting application start time: 0x01d207e65fe778dd Faulting application path: C:\WINDOWS\system32\atieclxx.exe Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll Report Id: a98483ed-1fa9-4594-bd77-40a87ff21d65 Faulting package full name: Faulting package-relative application ID: Error: (09/05/2016 10:15:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.10586.494, time stamp: 0x5775e94c Faulting module name: StartUI.dll, version: 10.0.10586.494, time stamp: 0x5775e851 Exception code: 0xc000041d Fault offset: 0x00000000002990c8 Faulting process id: 0x14a8 Faulting application start time: 0x01d2077fa76f381a Faulting application path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Faulting module path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\StartUI.dll Report Id: e59ec211-364a-4ae6-9848-b118b3225cbd Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (09/05/2016 10:15:08 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.10586.494, time stamp: 0x5775e94c Faulting module name: StartUI.dll, version: 10.0.10586.494, time stamp: 0x5775e851 Exception code: 0xc0000005 Fault offset: 0x00000000002990c8 Faulting process id: 0x14a8 Faulting application start time: 0x01d2077fa76f381a Faulting application path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe Faulting module path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\StartUI.dll Report Id: 81961aed-dc7f-4cc1-bd1f-e192881dd08e Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (09/05/2016 09:42:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: WINWORDC.EXE, version: 14.0.7172.5000, time stamp: 0x5785a8a7 Faulting module name: combase.dll, version: 10.0.10586.103, time stamp: 0x56a84cbb Exception code: 0xc0000005 Fault offset: 0x00016b98 Faulting process id: 0x2b40 Faulting application start time: 0x01d207760527d4b2 Faulting application path: Q:\140066.enu\Office14\WINWORDC.EXE Faulting module path: C:\WINDOWS\SYSTEM32\combase.dll Report Id: 89ffafa2-736e-11e6-8d98-b888e33e4763 Faulting package full name: Faulting package-relative application ID: Error: (09/05/2016 09:10:33 PM) (Source: Perflib) (EventID: 1010) (User: ) Description: The Collect Procedure for the "C:\Windows\System32\winspool.drv" service in DLL "Spooler" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code. Error: (09/05/2016 09:18:16 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe_MapsBroker, version: 10.0.10586.0, time stamp: 0x5632d7ba Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0x8400000e Fault offset: 0x0000000000000000 Faulting process id: 0x1a9c Faulting application start time: 0x01d2071346e00cee Faulting application path: C:\WINDOWS\System32\svchost.exe Faulting module path: unknown Report Id: 9844f1a3-bf2e-456e-bc9c-dd3dd6e7f618 Faulting package full name: Faulting package-relative application ID: Error: (09/05/2016 09:11:43 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: MicrosoftEdge.exe, version: 11.0.10586.545, time stamp: 0x57a1ba07 Faulting module name: CoreUIComponents.dll, version: 0.0.0.0, time stamp: 0x5775df1f Exception code: 0xc0000005 Fault offset: 0x00000000000782c7 Faulting process id: 0x39c0 Faulting application start time: 0x01d207123bf86875 Faulting application path: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe Faulting module path: C:\WINDOWS\system32\CoreUIComponents.dll Report Id: 846819d4-ec25-4233-ba63-bf8222e1a332 Faulting package full name: Microsoft.MicrosoftEdge_25.10586.0.0_neutral__8wekyb3d8bbwe Faulting package-relative application ID: MicrosoftEdge Error: (09/05/2016 09:04:53 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 10.0.10586.494 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 3a4 Start Time: 01d202b0cc371252 Termination Time: 0 Application Path: C:\Windows\explorer.exe Report Id: 91a2cf7f-7303-11e6-8d97-b888e33e4763 Faulting package full name: Faulting package-relative application ID: Error: (09/04/2016 07:03:00 PM) (Source: Windows Backup) (EventID: 4103) (User: ) Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006). Error: (09/03/2016 09:09:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TEAMALPHA) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (09/06/2016 10:28:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: The NetTcpActivator service depends on the NetTcpPortSharing service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. Error: (09/06/2016 10:28:34 AM) (Source: NetBT) (EventID: 4311) (User: ) Description: Initialization failed because the driver device could not be created. Use the string "B888E33E4763" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither the MAC address nor the GUID were available, the string represents a cluster device name. Error: (09/06/2016 10:28:34 AM) (Source: NetBT) (EventID: 4311) (User: ) Description: Initialization failed because the driver device could not be created. Use the string "B888E33E4763" to identify the interface for which initialization failed. It represents the MAC address of the failed interface or the Globally Unique Interface Identifier (GUID) if NetBT was unable to map from GUID to MAC address. If neither the MAC address nor the GUID were available, the string represents a cluster device name. Error: (09/06/2016 10:27:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_394be service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (09/06/2016 10:27:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_394be service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (09/06/2016 10:27:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_394be service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (09/06/2016 10:27:51 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_394be service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (09/06/2016 10:27:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). Error: (09/06/2016 10:27:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Application Virtualization Client service terminated unexpectedly. It has done this 1 time(s). Error: (09/06/2016 10:27:47 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2016-09-06 10:43:14.249 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdhdl64.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:06.849 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:06.833 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:06.815 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:05.729 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:05.663 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:05.524 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:05.405 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:05.237 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-09-05 22:09:05.170 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz Percentage of memory in use: 82% Total physical RAM: 3991.21 MB Available physical RAM: 702.59 MB Total Virtual: 8343.21 MB Available Virtual: 4359.99 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:235.19 GB) (Free:94.97 GB) NTFS Drive e: (New Volume) (Fixed) (Total:209.41 GB) (Free:82.15 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: 1A352AB6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=235.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=209.4 GB) - (Type=OF Extended) Partition 4: (Not Active) - (Size=21.1 GB) - (Type=27) ==================== End of Addition.txt ============================