Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

15 svchost runnin? win10 weird stuff going on laptop(not a pc noob)


  • This topic is locked This topic is locked
2 replies to this topic

#1 juggalotus420000

juggalotus420000

  • Members
  • 4 posts
  • OFFLINE
  •  

Posted 11 November 2016 - 01:50 PM

==================== Accounts: =============================
 
Administrator (S-1-5-21-3720515146-3048848675-1458964446-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3720515146-3048848675-1458964446-503 - Limited - Disabled)
Guest (S-1-5-21-3720515146-3048848675-1458964446-501 - Limited - Disabled)
hatch (S-1-5-21-3720515146-3048848675-1458964446-1002 - Administrator - Enabled)
J (S-1-5-21-3720515146-3048848675-1458964446-1001 - Administrator - Enabled) => C:\Users\J
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Alien - Isolation (HKLM-x32\...\Alien - Isolation_is1) (Version:  - )
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
AnySend (HKLM-x32\...\ASPackage) (Version:  - CMI Limited) <==== ATTENTION
Avadon 3 - The Warborn (HKLM-x32\...\1130879425_is1) (Version: 2.0.0.1 - GOG.com)
Batman - The Telltale Series (HKLM-x32\...\2140144872_is1) (Version: 2.2.0.5 - GOG.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blameless (HKLM\...\Steam App 530330) (Version:  - Vaclav Hudec)
Call of Cthulhu - The Wasted Land (HKLM-x32\...\Call of Cthulhu - The Wasted Landv1.4) (Version: v1.4 - Red Wasp Design Ltd)
CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version:  - Progdigy Software S.A.R.L.)
Consumer Input Update Helper (x32 Version: 1.3.25.309 - Compete Inc.) Hidden <==== ATTENTION
Crea v1.1.4 (HKLM-x32\...\vsetop.com Crea v1.1.4_is1) (Version: 1.1.4 - VseTop.Com)
CyberLink YouCam (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.1.4301 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Dark Souls 3 (HKLM-x32\...\Dark Souls 3_is1) (Version:  - )
Darkstone (HKLM-x32\...\Darkstone_is1) (Version:  - GOG.com)
Day of the Tentacle Remastered (HKLM-x32\...\1456922969_is1) (Version: 2.0.0.4 - GOG.com)
Dead Age (HKLM-x32\...\Dead Age_is1) (Version:  - )
Dead Rising 3 v.1.0 (HKLM-x32\...\Dead Rising 3_is1) (Version:  - )
Deluge 1.3.13 (HKLM-x32\...\Deluge) (Version:  - )
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Disturbed (HKLM\...\Steam App 529780) (Version:  - Brad Moore)
Divinity - Original Sin Enhanced Edition (HKLM-x32\...\1445516929_is1) (Version: 2.5.0.12 - GOG.com)
Doom (HKLM-x32\...\{B6A2B3BA-C93E-4AEE-BBCF-BE91DDC84962}_is1) (Version:  - id Software)
DRAGON QUEST HEROES Slime Edition (HKLM\...\ZHJhZ29ucXVlc3RoZXJvZXNzbGltZWVkaXRpb24_is1) (Version: 1 - )
Duke Nukem 3D Twentieth Anniversary World Tour (HKLM-x32\...\Duke Nukem 3D Twentieth Anniversary World Tour_is1) (Version:  - )
Duke Nukem Forever (HKLM-x32\...\Duke Nukem Forever_is1) (Version: 1.10 - 2K Games)
Dying Light - Crash Test Skin Pack (HKLM-x32\...\Dying Light: Crash Test Skin Pack_is1) (Version: 2.1.0.9 - GOG.com)
Dying Light - Gun Psycho Bundle (HKLM-x32\...\Dying Light: Gun Psycho Bundle_is1) (Version: 2.1.0.9 - GOG.com)
Dying Light - Harran Ranger Bundle (HKLM-x32\...\Dying Light: Harran Ranger Bundle_is1) (Version: 2.1.0.9 - GOG.com)
Dying Light - Volatile Hunter Bundle (HKLM-x32\...\Dying Light: Volatile Hunter Bundle_is1) (Version: 2.1.0.9 - GOG.com)
Dying Light (HKLM-x32\...\1448452156_is1) (Version: 2.4.0.13 - GOG.com)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout New Vegas Ultimate Edition version 1.4.0.525 (HKLM-x32\...\Fallout New Vegas Ultimate Edition_is1) (Version: 1.4.0.525 - Mr DJ)
FINAL FANTASY V (HKLM\...\RklOQUxGQU5UQVNZVg==_is1) (Version: 1 - )
Foxit Reader (HKLM-x32\...\Foxit Reader) (Version:  - )
GameRanger (HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\GameRanger) (Version:  - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grim Dawn (HKLM\...\Steam App 219990) (Version:  - Crate Entertainment)
Herolike (HKLM\...\aGVyb2xpa2U_is1) (Version: 1 - )
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.12.253 - SurfRight B.V.)
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.34.7 - HP)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.5.32.37 - HP Inc.)
HP Wireless Button Driver (HKLM-x32\...\{1BDD178E-43DC-4063-B480-BA2BAE03E2A0}) (Version: 1.1.15.1 - HP)
Hunger Dungeon (HKLM\...\Steam App 513560) (Version:  - Buka Game Studio)
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel® Virtual Buttons (HKLM-x32\...\1992736F-C90A-481C-B21B-EE34CAD07387) (Version: 1.1.0.21 - Intel Corporation)
Intel® Wireless Bluetooth® (HKLM-x32\...\{5068B0F8-CE24-4B61-9C2F-301B411FFB9C}) (Version: 18.1.1611.3223 - Intel Corporation)
InterStat (HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\InterStat) (Version: 1.0 - InterStat)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden <==== ATTENTION
Kingdom - New Lands (HKLM-x32\...\1473737130_is1) (Version: 2.1.0.3 - GOG.com)
Lost Castle (HKLM-x32\...\Lost Castle_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Mafia II (HKLM-x32\...\Mafia II_is1) (Version:  - )
Mafia III (HKLM-x32\...\Mafia III_is1) (Version:  - )
Marvel Ultimate Alliance 2 (HKLM-x32\...\Marvel Ultimate Alliance 2_is1) (Version:  - )
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Max Payne 3 (HKLM-x32\...\{C52F31B3-82AE-4C9D-BEAE-D484736F3FA1}) (Version: 1.0.0.144 - Rockstar Games)
Max Payne 3 DLC (HKLM-x32\...\Max Payne 3 DLC) (Version: 1.0.0.0 - Rockstar Games)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{c6870a89-ef30-4f22-bbd1-49cd2516bc56}) (Version: 12.0.40649.5 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40649 (HKLM-x32\...\{78142960-066b-4581-b984-0bdcf560c4be}) (Version: 12.0.40649.5 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{7c3d0734-5e24-446b-85ae-c610ee8eb53d}) (Version: 14.0.23918.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{a15bc95a-8359-40e6-b4bc-5a219bcc492a}) (Version: 14.0.23918.0 - Корпорация Майкрософт)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MiniTool Partition Wizard Free 9.1 (HKLM\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Mother Russia Bleeds (HKLM-x32\...\Mother Russia Bleeds_is1) (Version:  - )
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
No Man's Sky (HKLM-x32\...\1446213994_is1) (Version: 2.3.0.5 - GOG.com)
No Man's Sky Pre-order DLC (HKLM-x32\...\2022706229_is1) (Version: 2.0.0.2 - GOG.com)
NVIDIA GeForce Experience 3.1.0.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.0.52 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 1.2.0.0 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Opera Stable 41.0.2353.59 (HKLM-x32\...\Opera 41.0.2353.59) (Version: 41.0.2353.59 - Opera Software)
Owlboy (HKLM-x32\...\1159880091_is1) (Version: 2.0.0.3 - GOG.com)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.11.0 - )
Planet Explorers (HKLM-x32\...\Planet Explorers_is1) (Version:  - )
Process Hacker 2.39 (r124) (HKLM\...\Process_Hacker2_is1) (Version: 2.39.0.124 - wj32)
qBittorrent 3.3.7 (HKLM-x32\...\qBittorrent) (Version: 3.3.7 - The qBittorrent project)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
RESIDENT EVIL REVELATIONS 2, âåðñèÿ 1.0.0.0 (HKLM-x32\...\RESIDENT EVIL REVELATIONS 2_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Risen 3 - Titan Lords Complete (HKLM-x32\...\Risen 3 - Titan Lords Complete_is1) (Version: 2.0.0.3 - GOG.com)
Risen 3 - Titan Lords Enhanced Edition (HKLM-x32\...\1454068042_is1) (Version: 2.0.0.3 - GOG.com)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.1 - Rockstar Games)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Shadow Warrior 2 (HKLM-x32\...\1434021265_is1) (Version: 2.0.0.4 - GOG.com)
Shadow Warrior 2 Pre-order Exclusive (HKLM-x32\...\1267008497_is1) (Version: 2.0.0.1 - GOG.com)
Shadow Warrior Classic Redux (HKLM-x32\...\1618073558_is1) (Version: 2.0.0.2 - GOG.com)
Sheltered (HKLM-x32\...\1454930864_is1) (Version: 2.1.0.3 - GOG.com)
SHIELD Streaming (Version: 7.1.0330 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.0.52 - NVIDIA Corporation) Hidden
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.107 - Synaptics Incorporated)
Syndrome (HKLM-x32\...\Syndrome_is1) (Version:  - )
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
The Elder Scrolls V Skyrim Special Edition (HKLM-x32\...\The Elder Scrolls V Skyrim Special Edition_is1) (Version:  - )
The Evil Within (HKLM-x32\...\The Evil Within_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
The Witcher 3 Wild Hunt Complete version 1.22.0.0 (HKLM-x32\...\The Witcher 3 Wild Hunt Complete_is1) (Version: 1.22.0.0 - Mr DJ)
Titan Quest - Anniversary Edition (HKLM-x32\...\1196955511_is1) (Version: 2.3.0.5 - GOG.com)
UnHackMe 8.30 (HKLM-x32\...\UnHackMe_is1) (Version:  - Greatis Software, LLC.)
Unity Web Player (HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
War for the Overworld Heart of Gold (HKLM-x32\...\War for the Overworld Heart of Gold_is1) (Version:  - )
Wasteland 2 - Director's Cut (HKLM-x32\...\1444386007_is1) (Version: 2.0.0.1 - GOG.com)
WBFS Manager 3.0 (HKLM-x32\...\WBFS Manager 3.0) (Version: 3.0 - AlexDP)
XCOM 2 (HKLM-x32\...\XCOM 2_is1) (Version:  - )
Ys Origin (HKLM\...\Steam App 207350) (Version:  - Nihon Falcom)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3720515146-3048848675-1458964446-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\InprocServer32 -> C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3720515146-3048848675-1458964446-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\FileCoAuth.exe (Microsoft Corporation)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {02F29BC4-2C2C-4E5A-A09F-603BFB59BA39} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-07-04] (HP Inc.)
Task: {07E89ADA-4B11-4C86-BEF7-6928C30ED777} - \TechUtilities -> No File <==== ATTENTION
Task: {0BC4E9D5-5391-4756-AE13-F4C8F7C0BE9C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-10-25] (NVIDIA Corporation)
Task: {308AA503-C48D-463E-9BF6-8335E17517BA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {33B6DC7B-7468-486E-B904-5B8848307C38} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
Task: {410F2310-0218-42D0-9465-5BC3B65F8FE9} - \YCMServiceAgent -> No File <==== ATTENTION
Task: {4130AF0F-C350-450C-9CDE-264BB52A4F7D} - System32\Tasks\HPCeeScheduleForJ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {4747B0A0-49F2-4917-BC68-BE6B48971DB4} - \OneDrive Standalone Update Task -> No File <==== ATTENTION
Task: {5109B376-FFCC-42A8-ACFF-ECBE826518D0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {54D23305-E2B0-44E4-AFEB-4D43D2DC9A59} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {5692915C-AFB7-4BE8-97BF-0767B4C60869} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-10-25] (NVIDIA Corporation)
Task: {590D1658-1669-4E3F-B3DE-4A42B194CF91} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-12] (HP Inc.)
Task: {5A4B4818-779F-4E80-9F89-035CDD457827} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {87FAF2C1-1400-47F0-B269-147FF40D329D} - \{C95F9CBA-ACBA-467F-88A3-9D32F1BE7B46} -> No File <==== ATTENTION
Task: {9F67F01F-DA73-4F73-B285-8A6045740614} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-09] (Adobe Systems Incorporated)
Task: {B2F33C71-DBB8-46E0-B926-287FB71E4417} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B4243D16-7C51-4534-8C5E-8E53DE5A59CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-10-12] (HP Inc.)
Task: {BBBBB180-BBB6-457E-98C3-FE557594CE77} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {C1DE71DF-6A02-451D-B541-69C066160C3E} - \UnHackMe Task Scheduler -> No File <==== ATTENTION
Task: {C6E45D35-FE4A-42B3-901B-C7754B2818DE} - \Da4667203446672034 -> No File <==== ATTENTION
Task: {CA6C4345-0236-4744-B612-35FB2DF50779} - System32\Tasks\Opera scheduled Autoupdate 1478884451 => C:\Program Files (x86)\Opera\launcher.exe [2016-11-09] (Opera Software)
Task: {CE81C796-627A-4137-B32E-42710A6E8BAD} - \46672034 -> No File <==== ATTENTION
Task: {CF5D13B0-62E3-4A9F-AB09-D7D9C76EC296} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-10-25] (NVIDIA Corporation)
Task: {DAFD37A7-D8E9-4435-BB7D-D612DB3AD708} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E01516E2-F1B5-4F1F-838F-A9DC34E744F8} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {E9A1E885-B4FD-4110-9731-A339531ECE48} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {EBAE056A-FE5D-445C-9651-35F9285EB28A} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {F14CCF63-4E72-48CB-A6CE-0E389DEBFA2B} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-10-25] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForJ.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TechUtilities.job => C:\Program Files\TechUtilities\TechUtilities.exe-t C:\Program Files\TechUtilities\TechUtilities.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
Shortcut: C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Intеrnеt Ехplоrеr.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat ()
Shortcut: C:\Users\J\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (No File)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-07-16 03:42 - 2016-07-16 03:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 10:26 - 2016-09-15 09:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-29 10:26 - 2016-09-15 09:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-24 07:45 - 2016-09-24 07:45 - 01864384 _____ () C:\Users\J\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-11-08 16:39 - 2016-11-02 02:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-08 16:39 - 2016-11-02 02:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-08 16:39 - 2016-11-02 02:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-08 16:39 - 2016-11-02 02:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-08 16:39 - 2016-11-02 02:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-08 16:39 - 2016-11-02 02:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-09-09 17:13 - 2016-10-25 12:21 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-09 17:13 - 2016-10-25 12:21 - 04490808 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-09 17:14 - 2016-10-25 12:21 - 00420408 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-24 03:08 - 2016-10-25 12:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-24 12:30 - 2016-09-06 20:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-08 16:40 - 2016-11-02 02:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 03:42 - 2016-07-16 03:42 - 00025088 _____ () C:\Windows\System32\GamePanelExternalHook.dll
2016-09-29 10:27 - 2016-09-15 09:29 - 03388256 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-09-24 12:30 - 2016-09-06 21:36 - 02263904 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
2016-09-09 17:13 - 2016-10-25 12:21 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-09 17:13 - 2016-10-25 11:57 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-09 17:13 - 2016-10-25 11:57 - 00255936 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-09 17:13 - 2016-10-25 11:57 - 02808256 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-09 17:13 - 2016-10-25 12:21 - 00901688 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-09 17:13 - 2016-10-25 12:21 - 03776056 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-09 17:13 - 2016-10-25 11:57 - 00246840 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-09 17:13 - 2016-10-25 11:57 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-09 17:13 - 2016-10-25 11:57 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-09 17:13 - 2016-10-25 11:57 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2016-11-11 09:14 - 2016-11-09 01:18 - 66023120 _____ () C:\Program Files (x86)\Opera\41.0.2353.59\opera.dll
2016-11-11 09:14 - 2016-11-09 01:18 - 01888464 _____ () C:\Program Files (x86)\Opera\41.0.2353.59\libglesv2.dll
2016-11-11 09:14 - 2016-11-09 01:18 - 00094416 _____ () C:\Program Files (x86)\Opera\41.0.2353.59\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\WINDOWS\Logs:Defender.log [0]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\30165912.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\30165912.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{0CBD4F48-3751-475D-BE88-4F271385B672} => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2016-10-17 13:50 - 2016-10-18 20:49 - 00000822 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
::1             localhost
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\J\Downloads\Dying.Light.The.Following.Enhanced.v2.4.0.13.GOG.Inclu.ALL.DLC\dying_light_tf_posters\dying_light_tf_posters\hunter_fin_layers.png
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKLM\...\StartupApproved\Run32: => "HPRadioMgr"
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\StartupApproved\Run: => "Advanced SystemCare 9"
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\StartupApproved\Run: => "Yahoo Messenger Updater"
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\StartupApproved\Run: => "InterStat"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0EA400FC-CBD5-4F76-9423-2ECEC9E494D8}] => (Allow) C:\Program Files (x86)\War for the Overworld Heart of Gold\WFTOGame.exe
FirewallRules: [{F6C003F6-5FAD-4CF8-8831-6ECD25E103F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{A4E6BCB7-6FFA-49E2-94FB-5B50A42E995D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{4C6359E0-1EF9-41CF-B6B1-29DBAC785897}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{3C3B7A51-129C-492C-9FEA-AD08C9561DB4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{AC366D58-62AB-4D94-A6C0-06BC87E8BF62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{00F2753A-00F7-45D6-A969-83B610B27DC4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{D18DDD63-78D7-47C9-9F0F-1A0D81906080}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{309A28C1-32C3-411B-BD8F-3134F7C179BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{2A9DD628-E6D8-477D-AFCE-AC543322C118}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys Origin\config.exe
FirewallRules: [{F7263E8E-510C-484D-BCCA-2FF9E9A9997B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys Origin\config.exe
FirewallRules: [{336F3AF2-7FC7-4DDF-8C1E-FE01F1A5A6A7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys Origin\yso_win.exe
FirewallRules: [{638A9D40-B5E7-4A81-B6B8-88C5547F4894}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys Origin\yso_win.exe
FirewallRules: [UDP Query User{8DE44EFA-8CAD-40A7-8298-6CCE3957CD39}C:\gog games\titan quest - anniversary edition\tq.exe] => (Allow) C:\gog games\titan quest - anniversary edition\tq.exe
FirewallRules: [TCP Query User{78E91AD2-4B76-472D-9361-FC8BEDAD040A}C:\gog games\titan quest - anniversary edition\tq.exe] => (Allow) C:\gog games\titan quest - anniversary edition\tq.exe
FirewallRules: [{C67F7B44-0571-44E8-B304-021916B3015E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{393CC072-B105-48CC-B9E0-D97848D09956}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [UDP Query User{28F92CCF-7C21-4BD9-9A43-E126FC2E8839}C:\program files (x86)\titan quest anniversary edition\tq.exe] => (Allow) C:\program files (x86)\titan quest anniversary edition\tq.exe
FirewallRules: [TCP Query User{E1CF48A6-7FD0-4B53-B437-B0B3EB7CC674}C:\program files (x86)\titan quest anniversary edition\tq.exe] => (Allow) C:\program files (x86)\titan quest anniversary edition\tq.exe
FirewallRules: [{84852479-BAEB-4560-B555-CAA322176F00}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{F416CEC6-36CF-49E9-BA52-DAF14572D601}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [UDP Query User{D52023BA-C7D6-42E7-97C9-DDDBA9DED52D}C:\games\fatal.theory\fatal theory.exe] => (Block) C:\games\fatal.theory\fatal theory.exe
FirewallRules: [TCP Query User{6C2A2AB3-D686-4AAF-9EF6-AFE501CD325D}C:\games\fatal.theory\fatal theory.exe] => (Block) C:\games\fatal.theory\fatal theory.exe
FirewallRules: [{A4324142-76D8-49C4-81E2-88D862013390}] => (Block) %ProgramFiles% (x86)\Max Payne 3\MaxPayne3.exe
FirewallRules: [{C2633E45-CFF5-415E-A3F1-42AC6DF9A528}] => (Block) %ProgramFiles% (x86)\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{743349F5-54F7-423B-9C7A-32834498AA68}] => (Block) %ProgramFiles% (x86)\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{891FE874-D54A-4077-AE0B-9735B5726E4C}] => (Block) %ProgramFiles% (x86)\Max Payne 3\MaxPayne3.exe
FirewallRules: [{C0D0B045-7A8D-4CF7-9CE9-B778F450D605}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{2F29F4BD-D518-47B2-8EE2-FFEFBE8E60F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7dLauncher.exe
FirewallRules: [{E0EECFD5-0196-46FA-AC02-A7A72D548506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{5DBAB036-5877-452E-93E6-132AE1ACA4F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{B6583A55-8541-4ACA-A01D-CBAE32D9F9CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{A2C63519-F53E-4141-A0D8-3AA2E4788A9F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [UDP Query User{265CBCEA-DC07-47D6-A7AD-F7902D86F171}C:\users\j\downloads\fragmented.v16.9.1.x64-kortal\fragmented\binaries\win64\fragmented.exe] => (Block) C:\users\j\downloads\fragmented.v16.9.1.x64-kortal\fragmented\binaries\win64\fragmented.exe
FirewallRules: [TCP Query User{CB2F4C2A-CA26-40EF-A1D7-03E6F1255346}C:\users\j\downloads\fragmented.v16.9.1.x64-kortal\fragmented\binaries\win64\fragmented.exe] => (Block) C:\users\j\downloads\fragmented.v16.9.1.x64-kortal\fragmented\binaries\win64\fragmented.exe
FirewallRules: [UDP Query User{7AF25823-5C14-4A44-A4A9-DB0849CE62AF}C:\games\lost castle\win64\lost_castle.exe] => (Block) C:\games\lost castle\win64\lost_castle.exe
FirewallRules: [TCP Query User{950B91B7-C8AE-4C45-8514-EB725122BABE}C:\games\lost castle\win64\lost_castle.exe] => (Block) C:\games\lost castle\win64\lost_castle.exe
FirewallRules: [UDP Query User{F44EBCB8-8814-48DD-879B-B443DE5DDD59}C:\program files (x86)\doom\doomx64vk.exe] => (Block) C:\program files (x86)\doom\doomx64vk.exe
FirewallRules: [TCP Query User{B551750B-8DA3-4D47-9258-CC9F57B2134C}C:\program files (x86)\doom\doomx64vk.exe] => (Block) C:\program files (x86)\doom\doomx64vk.exe
FirewallRules: [{A1570C15-76E2-4A7E-BD35-2D8C583E16DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F78D7499-DF54-4895-86C5-E3624B36963E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3F06E9F9-30D8-4EEC-B227-C733B2488C66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{18A24A02-4BD8-42FF-87F3-3F89DC020EDE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{F5D6F575-A400-448C-9A94-DB4A693DE2EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [UDP Query User{52A6F145-969E-44FF-8737-394C4297E097}C:\program files (x86)\doom\doomx64.exe] => (Block) C:\program files (x86)\doom\doomx64.exe
FirewallRules: [TCP Query User{F5A6309C-3C30-4CE5-9CB6-5ED65235135E}C:\program files (x86)\doom\doomx64.exe] => (Block) C:\program files (x86)\doom\doomx64.exe
FirewallRules: [{CFF502D7-3017-4A74-90DB-321E55D09983}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ED99F48A-ACB7-4659-9444-47E1DDD3D069}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8184EFA2-628C-4C6D-A8A0-8068E38371DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{776DC012-EEF1-46BC-8695-55563A27AED8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [UDP Query User{CD4ED1DD-CE2C-4E3D-B240-B883F2F99A14}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{BC7AF5FE-4A0C-4CF8-824F-BA353BFABDEA}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [{A0E1225A-5C88-41F8-B211-E9AD4B5A0328}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B98D2658-3BB3-42E4-B27A-678F1DC14512}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A15D444F-8C70-4C69-A93C-F1D6C044245C}] => (Allow) C:\games\Mr DJ\The Witcher 3 Wild Hunt Complete\bin\x64\witcher3.exe
FirewallRules: [{711D8BC4-2A98-4674-8AB4-2D53CC1DBD13}] => (Allow) C:\games\Mr DJ\The Witcher 3 Wild Hunt Complete\bin\x64\witcher3.exe
FirewallRules: [{7158954D-5FEC-4C6F-A28E-343C87437A91}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{239FC09B-676C-4B46-BA1C-852089D20201}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{87C4E1B9-F6F9-4DB3-B94B-D81FBEF4FD9B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior Original\bin\launcher.exe
FirewallRules: [{1A5E8187-04F4-4185-98C2-7A5FFBD947F6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Shadow Warrior Original\bin\launcher.exe
FirewallRules: [{3B2081E2-809A-4D35-9640-324F49BA7EB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{176FE28C-FEE8-4D14-B4F2-6DFA0ED728EC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grim Dawn\Grim Dawn.exe
FirewallRules: [{481F16D8-D593-4CDB-B691-FC16981DC422}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{A2291A2F-59F0-4889-9F33-139E4905EEE4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disturbed\Disturbed.exe
FirewallRules: [{33909C4C-D76C-4331-9B58-AF91CFA8C467}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Disturbed\Disturbed.exe
FirewallRules: [{2C54F66C-B382-40F3-8BAA-C9FA1CE948D4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blameless\Blameless.exe
FirewallRules: [{65022545-EE7B-4346-83F2-5B3CF27C0756}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Blameless\Blameless.exe
FirewallRules: [{3D7443F6-B577-4EBF-9B6C-B2BF05B57C73}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BFF1625E-CF91-49C4-9B8A-95A904240EE1}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{57AF060B-F737-439A-A9A5-4FFBDE580A1B}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3640D578-69C3-4499-AE63-CECEBDC35D1A}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{36179F18-8A0F-4799-A8BB-882FAB0CA413}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0318DCF4-7049-4837-88F1-7DAA0E5F3DF1}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{644DF50D-994B-479D-A170-C182207EA580}] => (Allow) C:\Program Files (x86)\Emsisoft Anti-Malware\a2HiJackFree.exe
FirewallRules: [{4EEAF887-35CB-49ED-9298-FE9667B695B0}] => (Allow) C:\Program Files (x86)\Emsisoft Anti-Malware\a2HiJackFree.exe
FirewallRules: [{993FBA54-261E-42E4-9234-818EFD8FBD89}] => (Allow) C:\Program Files (x86)\Emsisoft Anti-Malware\a2HiJackFree.exe
FirewallRules: [{98E9F6D3-FFA3-4F3E-83E2-EB3CB3F23D4C}] => (Allow) C:\Program Files (x86)\Emsisoft Anti-Malware\a2HiJackFree.exe
FirewallRules: [{F75CE7C4-C52D-41FB-B6D2-9BB04C031357}] => (Block) %ProgramFiles% (x86)\Max Payne 3\MaxPayne3.exe
FirewallRules: [{D93E20FB-D2B4-4C59-BA9B-405536C590C4}] => (Block) %ProgramFiles% (x86)\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{B15ECB6C-4F96-41E1-8668-A9C819D083D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F83D977-8EE7-4DDC-9345-77ABE6AD7377}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1CD601DE-3166-4D1F-A8DD-304DDB8C9CA0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{3106B198-E884-499B-BFCF-D1C3DE994718}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{C458024B-259B-45B6-A46F-6C128D19FCE1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AF8EABC6-F168-41E0-B366-E56D911B551A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D302C963-C9E7-49D7-A229-9AC675AB30CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5AE38BD4-0CE1-4170-9E77-0B6177AC226F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F0AD557F-3A80-4100-8C30-535D5C7EC6C1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{12F53898-9AA6-44FB-AA63-9ADE59C14393}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{97A206A5-2408-462D-B116-0EBA857BA67D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{71061691-581F-41AC-A420-22EA00D4B9B4}] => (Allow) C:\Program Files (x86)\War for the Overworld Heart of Gold\WFTOGame.exe
FirewallRules: [{A50C4890-ECB4-487F-815B-9E383220CEB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys Origin\config.exe
FirewallRules: [{DED1073B-5DE1-4A6A-94D4-78C2E51B6401}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys Origin\config.exe
FirewallRules: [{5E447C35-D30E-41FF-91BC-4C2D0E8D44CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys Origin\yso_win.exe
FirewallRules: [{9D4188CA-9974-40E8-8F96-1642A4824B6B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ys Origin\yso_win.exe
FirewallRules: [{7B1FA84C-5CB2-41F2-9D2E-A8646847E747}] => (Allow) C:\Users\J\AppData\Local\Temp\installer1.exe
FirewallRules: [{15296B71-B292-41EF-8A24-DB3E124434A7}] => (Allow) C:\Users\J\AppData\Local\70411280.exe
FirewallRules: [{37A91AD8-0D45-435E-9851-AB88859DABB7}] => (Allow) C:\Program Files (x86)\recalculations\spasms.exe
FirewallRules: [{44CF2AF8-55BD-4B3A-A1A4-9C245CF8150B}] => (Allow) C:\Program Files (x86)\Mr DJ\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe
FirewallRules: [{56E0E587-239A-48C9-9671-E48B6183B568}] => (Allow) C:\Program Files (x86)\Mr DJ\Fallout New Vegas Ultimate Edition\FalloutNVLauncher.exe
FirewallRules: [{ECF1E3F8-ADB0-4A5C-B936-95F01FB758B7}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E64E3408-A1AE-4068-AD9C-F5B68CC79AAD}] => (Allow) C:\Users\J\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D9E2AAC0-5615-44D4-B036-2235D1AA812E}] => (Block) %ProgramFiles% (x86)\Max Payne 3\MaxPayne3.exe
FirewallRules: [{7C8580DA-4EF8-42D9-9B38-354931C76D56}] => (Block) %ProgramFiles% (x86)\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [TCP Query User{3702C055-C0B9-4BC9-A845-D00D7D3998EC}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{38DAC58C-2A2E-4F32-A0B0-8AE06C68559B}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{038D61BC-ADD8-423D-AAB9-8C94C7A006DD}C:\users\j\downloads\stellar.overload.v0.8.5.0\stellaroverloadea1\binaries\win64\planets3udk-win64-shipping.exe] => (Block) C:\users\j\downloads\stellar.overload.v0.8.5.0\stellaroverloadea1\binaries\win64\planets3udk-win64-shipping.exe
FirewallRules: [UDP Query User{0FD88B2E-CC28-4A6C-8940-2A6E493D61D6}C:\users\j\downloads\stellar.overload.v0.8.5.0\stellaroverloadea1\binaries\win64\planets3udk-win64-shipping.exe] => (Block) C:\users\j\downloads\stellar.overload.v0.8.5.0\stellaroverloadea1\binaries\win64\planets3udk-win64-shipping.exe
FirewallRules: [TCP Query User{EE06BBE2-DA0C-4EFD-9130-FDE91D442A88}C:\users\j\appdata\local\temp\ixp001.tmp\breathing fear.exe] => (Block) C:\users\j\appdata\local\temp\ixp001.tmp\breathing fear.exe
FirewallRules: [UDP Query User{78C22204-F758-48F9-818C-3650787B09FD}C:\users\j\appdata\local\temp\ixp001.tmp\breathing fear.exe] => (Block) C:\users\j\appdata\local\temp\ixp001.tmp\breathing fear.exe
FirewallRules: [TCP Query User{7E571D27-E734-4657-9AC3-8271B3F43046}C:\program files (x86)\doom\doomx64.exe] => (Block) C:\program files (x86)\doom\doomx64.exe
FirewallRules: [UDP Query User{F97A9595-2366-4399-8BBB-9D2DC6E916D5}C:\program files (x86)\doom\doomx64.exe] => (Block) C:\program files (x86)\doom\doomx64.exe
FirewallRules: [TCP Query User{816E64F7-AB92-43FB-9609-EDB7715B9C09}C:\program files (x86)\xcom 2\binaries\win64\xcom2.exe] => (Block) C:\program files (x86)\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [UDP Query User{079AF739-05A4-4098-AD37-E436029BA750}C:\program files (x86)\xcom 2\binaries\win64\xcom2.exe] => (Block) C:\program files (x86)\xcom 2\binaries\win64\xcom2.exe
FirewallRules: [{42E6F9ED-9F35-4BEC-850D-31C9B2E053AC}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{B1080130-7D6A-4701-A689-FC99656C3BE4}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{336C9576-98AA-4C4C-A77C-FC835489DF9D}C:\program files (x86)\dead age\deadage.exe] => (Block) C:\program files (x86)\dead age\deadage.exe
FirewallRules: [UDP Query User{8D548436-C525-4CAA-9D43-7333D0A65C9B}C:\program files (x86)\dead age\deadage.exe] => (Block) C:\program files (x86)\dead age\deadage.exe
FirewallRules: [TCP Query User{09DD7935-5DB5-422B-9D08-588F0E764530}C:\program files (x86)\diablo iii public test\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii public test\x64\diablo iii64.exe
FirewallRules: [UDP Query User{B1F94CF6-7B87-464E-B9BF-AF3F42E8F477}C:\program files (x86)\diablo iii public test\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii public test\x64\diablo iii64.exe
FirewallRules: [TCP Query User{F18C40AA-67B9-45C5-B98F-DD8FA824CEE3}C:\games\lost castle\win64\lost_castle.exe] => (Block) C:\games\lost castle\win64\lost_castle.exe
FirewallRules: [UDP Query User{3B81CEE4-7075-4377-A6BA-0B9D61926A8F}C:\games\lost castle\win64\lost_castle.exe] => (Block) C:\games\lost castle\win64\lost_castle.exe
FirewallRules: [{6847B5A3-BD1B-4B52-9240-96DDAA66F6FA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [TCP Query User{75F4B9D9-A613-4E8A-8CF2-D2133E58FC44}C:\program files (x86)\planet explorers\pe_client.exe] => (Block) C:\program files (x86)\planet explorers\pe_client.exe
FirewallRules: [UDP Query User{6120C0E3-FAA7-4184-88C8-2AFF598FC9BA}C:\program files (x86)\planet explorers\pe_client.exe] => (Block) C:\program files (x86)\planet explorers\pe_client.exe
FirewallRules: [TCP Query User{5A96B4A0-5424-4E24-8E54-F28829F840AB}C:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) C:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe
FirewallRules: [UDP Query User{2C554568-4E67-43D0-A2CB-94D2D4D715B6}C:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe] => (Allow) C:\gog games\divinity - original sin enhanced edition\shipping\eocapp.exe
 
==================== Restore Points =========================
 
26-10-2016 08:41:54 Scheduled Checkpoint
04-11-2016 04:37:00 Scheduled Checkpoint
09-11-2016 06:07:36 Windows Update
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/11/2016 09:33:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mmc.exe version 10.0.14393.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 174c
 
Start Time: 01d23c41a2e650bd
 
Termination Time: 4294967295
 
Application Path: C:\Windows\System32\mmc.exe
 
Report Id: 007e56a6-a835-11e6-9c1c-da8924bce02d
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/11/2016 09:20:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-H9CBHEV)
Description: Activation of app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/11/2016 09:12:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program ShellExperienceHost.exe version 10.0.14393.447 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
 
Process ID: 2894
 
Start Time: 01d23c1d587a939e
 
Termination Time: 4294967295
 
Application Path: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
 
Report Id: eaf19e04-a831-11e6-9c1c-da8924bce02d
 
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.447_neutral_neutral_cw5n1h2txyewy
 
Faulting package-relative application ID: App
 
Error: (11/11/2016 09:11:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-H9CBHEV)
Description: App Microsoft.Windows.ShellExperienceHost_10.0.14393.447_neutral_neutral_cw5n1h2txyewy+App did not launch within its allotted time.
 
Error: (11/11/2016 06:49:46 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyrimSE.exe, version: 1.0.0.0, time stamp: 0x57f856e4
Faulting module name: XAudio2_7.dll_unloaded, version: 9.29.1962.0, time stamp: 0x4c0643cc
Exception code: 0xc0000005
Fault offset: 0x0000000000032891
Faulting process id: 0x1358
Faulting application start time: 0x01d23c28a37d14b0
Faulting application path: C:\Program Files (x86)\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe
Faulting module path: XAudio2_7.dll
Report Id: 3871534a-0549-4426-9d50-bf9396d164d4
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/11/2016 02:19:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-H9CBHEV)
Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (11/11/2016 02:19:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-H9CBHEV)
Description: App Microsoft.Windows.ShellExperienceHost_10.0.14393.447_neutral_neutral_cw5n1h2txyewy+App did not launch within its allotted time.
 
Error: (11/11/2016 01:55:31 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
Error: (11/11/2016 01:50:37 AM) (Source: Steam Client Service) (EventID: 1) (User: )
Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
Error: (11/11/2016 01:32:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SkyrimSE.exe, version: 1.0.0.0, time stamp: 0x57f856e4
Faulting module name: XAudio2_7.dll_unloaded, version: 9.29.1962.0, time stamp: 0x4c0643cc
Exception code: 0xc0000005
Fault offset: 0x0000000000032891
Faulting process id: 0x2c0
Faulting application start time: 0x01d23bfc60253cf2
Faulting application path: C:\Program Files (x86)\The Elder Scrolls V Skyrim Special Edition\SkyrimSE.exe
Faulting module path: XAudio2_7.dll
Report Id: fc0a964b-f01f-4935-adeb-b4b41bbe7ebb
Faulting package full name: 
Faulting package-relative application ID:
 
 
System errors:
=============
Error: (11/11/2016 09:21:01 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9CBHEV)
Description: The server Windows.Security.Authentication.Web.Core.BackgroundGetTokenTask.ClassId.WebAccountProvider did not register with DCOM within the required timeout.
 
Error: (11/11/2016 09:00:46 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9CBHEV)
Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout.
 
Error: (11/11/2016 08:58:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
Unspecified error
 
Error: (11/11/2016 06:18:41 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 8 0x0 0x0
 
Error: (11/11/2016 06:18:40 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 2 0xdeaddeed 0xeeec
 
Error: (11/11/2016 06:18:40 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT AUTHORITY)
Description: WLAN AutoConfig detected limit connectivity, performing Reset/Recover.adapter.
 
 Code: 1 0xc 0x4
 
Error: (11/11/2016 02:42:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
 
Error: (11/11/2016 02:19:44 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9CBHEV)
Description: The server App did not register with DCOM within the required timeout.
 
Error: (11/11/2016 01:29:20 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-H9CBHEV)
Description: The server {37998346-3765-45B1-8C66-AA88CA6B20B8} did not register with DCOM within the required timeout.
 
Error: (11/11/2016 01:27:20 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Connected Devices Platform Service service terminated with the following error: 
Unspecified error
 
 
CodeIntegrity:
===================================
  Date: 2016-11-10 13:02:24.459
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-09 06:07:21.230
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-08 05:45:22.423
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-07 06:25:22.037
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-05 10:18:15.160
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-11-03 14:56:41.363
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-30 07:57:42.647
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-29 08:33:44.613
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-27 07:51:15.957
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2016-10-26 07:35:52.282
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\DriverStore\FileRepository\nvhmi.inf_amd64_7e80ed32cd8298f6\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-6500U CPU @ 2.50GHz
Percentage of memory in use: 48%
Total physical RAM: 8112.5 MB
Available physical RAM: 4141.91 MB
Total Virtual: 16715.53 MB
Available Virtual: 12520.19 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:930.24 GB) (Free:113.53 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E5107EE8)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=930.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=799 MB) - (Type=27)
 
==================== End of Addition.txt ============================

Attached Files


Edited by hamluis, 11 November 2016 - 02:07 PM.
Deleted 2 dupes, Hamluis.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:53 PM

Posted 13 November 2016 - 11:05 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Remove these programs via the Control Panel > Programs > Programs and Features.
AnySend (HKLM-x32\...\ASPackage) (Version: - CMI Limited) <==== ATTENTION
Consumer Input Update Helper (x32 Version: 1.3.25.309 - Compete Inc.) Hidden <==== ATTENTION
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden <==== ATTENTION

===

Press the windows key Windows_Logo_key.gif+ r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\Run: [InterStat] => C:\Users\J\AppData\Roaming\InterStat\interstat.exe
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
FF user.js: detected! => C:\Users\J\AppData\Roaming\Mozilla\Firefox\Profiles\zhr21ekr.default\user.js [2016-09-15]
FF HKU\S-1-5-21-3720515146-3048848675-1458964446-1001\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12308.xpi => not found
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [No File]
CHR Extension: (Chrome Web Store Payments) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-04]
CHR Extension: (Chrome Media Router) - C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-04]
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
Task: {07E89ADA-4B11-4C86-BEF7-6928C30ED777} - \TechUtilities -> No File <==== ATTENTION
Task: {410F2310-0218-42D0-9465-5BC3B65F8FE9} - \YCMServiceAgent -> No File <==== ATTENTION
Task: {4747B0A0-49F2-4917-BC68-BE6B48971DB4} - \OneDrive Standalone Update Task -> No File <==== ATTENTION
Task: {87FAF2C1-1400-47F0-B269-147FF40D329D} - \{C95F9CBA-ACBA-467F-88A3-9D32F1BE7B46} -> No File <==== ATTENTION
Task: {C1DE71DF-6A02-451D-B541-69C066160C3E} - \UnHackMe Task Scheduler -> No File <==== ATTENTION
Task: {C6E45D35-FE4A-42B3-901B-C7754B2818DE} - \Da4667203446672034 -> No File <==== ATTENTION
Task: {CE81C796-627A-4137-B32E-42710A6E8BAD} - \46672034 -> No File <==== ATTENTION
Shortcut: C:\Users\J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Int?rn?t ??pl?r?r.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.bat ()
Shortcut: C:\Users\J\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\??zill? Fir?f??.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\??zill? Fir?f??.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.bat (No File)
C:\Users\J\AppData\Roaming\InterStat
C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
C:\Users\J\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the LogFile button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleanerCx.txt (x is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.

Click the Add reply button.
===

Please Post the logs and let me know what problem persists with this computer.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,512 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:07:53 PM

Posted 19 November 2016 - 10:14 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users