Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Right-mouse click acting up


  • This topic is locked This topic is locked
3 replies to this topic

#1 user001

user001

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:40 PM

Posted 13 November 2016 - 12:17 AM

Hi,

   My mouse was working fine this morning after playing 2 matches of Heroes of The Storm. I had to temporarily disabled my firewall to update Blizzard and the game client. That was the only change afaik.

 After the game, my right-click button refuses to work. I noticed it may 'randomly' work when I hold the right button long enough. I restarted pc/reinstalled the mouse driver but the issue still linger. I scanned the 2 mouse driver in virustotal and it found nothing.

Any assistance on this is appreciated. Thank you. 

 

 

FRST LOG:

 Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2016

Ran by user01 (administrator) on LABTOP01 (12-11-2016 23:29:03)
Running from C:\Program Files (x86)\br\tdsskiller
Loaded Profiles: user01 (Available Profiles: user01 & user02)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
 
========================================================
 
C:\FRST\FRST64(1).exe => Win32/Suweezy? - moved successfully
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe
() C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 5.2\EMET_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Program Files (x86)\EMET 5.2\EMET_Agent.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(UltimateOutsider) C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
() C:\Windows\SoftwarePolicy\softwarepolicystart.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Farbar) C:\Program Files (x86)\br\tdsskiller\FRST64(1).exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7634288 2014-06-13] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1386712 2014-06-12] (Realtek Semiconductor)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-25] (Realtek Semiconductor Corporation)
HKLM\...\Run: [GwxControlPanelMonitor] => C:\Program Files (x86)\UltimateOutsider\GWX Control Panel\GWX_control_panel.exe [4559944 2016-01-24] (UltimateOutsider)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2015-01-15] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-08-19] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [916072 2016-11-05] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: C:\Program Files (x86) <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\ProgramData\Battle.net <====== ATTENTION
HKLM Group Policy restriction on software: C:\Program Files <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\SysWOW64 <====== ATTENTION
HKLM Group Policy restriction on software: C:\ProgramData\Avira <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\SysWOW64\*.exe <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows <====== ATTENTION
HKLM Group Policy restriction on software: C:\ProgramData\Blizzard Entertainment <====== ATTENTION
HKLM Group Policy restriction on software: C:\Windows\SoftwarePolicy\softwarepolicy.exe <====== ATTENTION
HKU\S-1-5-21-3426533655-1647404870-3214638991-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-3426533655-1647404870-3214638991-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-12] (Valve Corporation)
HKU\S-1-5-21-3426533655-1647404870-3214638991-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-10-22] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3426533655-1647404870-3214638991-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-10-28] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MLSoftwarePolicyTrayApplet.lnk [2015-11-29]
ShortcutTarget: MLSoftwarePolicyTrayApplet.lnk -> C:\Windows\SoftwarePolicy\softwarepolicystart.exe ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{DF04DCAC-3397-4A87-B912-4E8C9C29B9A7}: [DhcpNameServer] 209.18.47.61 209.18.47.62
 
Internet Explorer:
==================
HKU\S-1-5-21-3426533655-1647404870-3214638991-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://duckduckgo.com/
HKU\S-1-5-21-3426533655-1647404870-3214638991-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
 
FireFox:
========
FF ProfilePath: C:\Users\user01\AppData\Roaming\Mozilla\Firefox\Profiles\y5o41sRu.default [2016-09-22]
FF Extension: (Avira Browser Safety) - C:\Users\user01\AppData\Roaming\Mozilla\Firefox\Profiles\y5o41sRu.default\Extensions\abs@avira.com [2016-07-14]
FF Extension: (NoScript) - C:\Users\user01\AppData\Roaming\Mozilla\Firefox\Profiles\y5o41sRu.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-05-24]
FF Extension: (WOT) - C:\Users\user01\AppData\Roaming\Mozilla\Firefox\Profiles\y5o41sRu.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-05-24]
FF Extension: (Adblock Plus) - C:\Users\user01\AppData\Roaming\Mozilla\Firefox\Profiles\y5o41sRu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-24]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
 
Chrome: 
=======
CHR Profile: C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default [2016-09-22]
CHR Extension: (Google Slides) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-16]
CHR Extension: (Google Docs) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-16]
CHR Extension: (Google Drive) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-16]
CHR Extension: (YouTube) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-16]
CHR Extension: (Google Sheets) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-16]
CHR Extension: (Avira Browser Safety) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-05-24]
CHR Extension: (Google Docs Offline) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-16]
CHR Extension: (Gmail) - C:\Users\user01\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1089088 2016-11-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [475232 2016-11-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [475232 2016-11-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1488240 2016-11-05] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [324304 2016-08-19] (Avira Operations GmbH & Co. KG)
R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [File not signed]
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [File not signed]
R2 EMET_Service; C:\Program Files (x86)\EMET 5.2\EMET_Service.exe [22680 2015-03-11] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-28] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [654528 2015-05-26] (Wacom Technology, Corp.)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [151352 2016-11-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [153392 2016-10-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation)
S3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3759320 2014-12-01] (Realtek Semiconductor Corporation                           )
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WacHidRouterPro; C:\Windows\System32\drivers\wachidrouter.sys [102864 2016-03-02] (Wacom Technology)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-12 23:29 - 2016-09-15 06:44 - 00000000 ____D C:\FRST
2016-11-12 23:25 - 2016-04-16 09:24 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-12 23:25 - 2015-11-30 20:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-11-12 23:22 - 2015-11-29 16:02 - 00005060 _____ C:\Windows\Sandboxie.ini
2016-11-12 22:33 - 2015-11-29 08:02 - 00000000 ____D C:\Users\user01\AppData\Local\ElevatedDiagnostics
2016-11-12 22:32 - 2016-04-16 09:24 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-12 22:21 - 2015-11-29 14:29 - 00000000 ____D C:\Users\user02\AppData\Local\Battle.net
2016-11-12 22:18 - 2015-11-29 14:16 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2016-11-12 22:15 - 2015-11-29 14:12 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-11-12 22:05 - 2013-08-22 08:36 - 00000000 ____D C:\Windows\Inf
2016-11-12 22:03 - 2013-08-22 09:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-12 18:55 - 2016-09-14 20:41 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-11-12 18:54 - 2015-11-29 09:09 - 00000000 ____D C:\Users\user02\AppData\Roaming\Foxit Software
2016-11-12 18:40 - 2016-09-14 20:41 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-12 18:40 - 2016-09-14 20:38 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-12 11:11 - 2016-05-02 17:52 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2016-11-09 20:39 - 2015-11-28 20:33 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3426533655-1647404870-3214638991-1002
2016-11-08 14:32 - 2016-04-16 09:24 - 00002222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-08 14:32 - 2016-04-16 09:24 - 00002210 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-11-08 14:28 - 2013-08-22 08:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-11-05 09:48 - 2016-06-05 19:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-11-05 09:47 - 2016-06-05 20:54 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-10-29 18:51 - 2015-12-05 11:27 - 00000000 ____D C:\Program Files (x86)\StarCraft II
 
==================== Files in the root of some directories =======
 
2015-12-30 21:44 - 2015-12-30 21:44 - 0927824 _____ (Google Inc.) C:\Program Files\ChromeSetup.exe
2015-11-28 19:23 - 2016-11-12 23:25 - 0043940 _____ () C:\Users\user01\AppData\Local\BTServer.log
2016-02-19 23:09 - 2016-02-19 23:09 - 0000017 _____ () C:\Users\user01\AppData\Local\resmon.resmoncfg
2015-01-15 03:37 - 2015-01-15 03:37 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
C:\Users\user01\AppData\Local\Temp\avgnt.exe
C:\Users\user02\AppData\Local\Temp\avgnt.exe
 
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-11-05 21:55
 
==================== End of FRST.txt ============================
 
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-11-2016
Ran by user01 (12-11-2016 23:29:40)
Running from C:\Program Files (x86)\br\tdsskiller
Windows 8.1 (Update) (X64) (2015-11-29 00:23:01)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3426533655-1647404870-3214638991-500 - Administrator - Disabled)
Guest (S-1-5-21-3426533655-1647404870-3214638991-501 - Limited - Disabled)
user01 (S-1-5-21-3426533655-1647404870-3214638991-1001 - Administrator - Enabled) => C:\Users\user01
user02 (S-1-5-21-3426533655-1647404870-3214638991-1002 - Limited - Enabled) => C:\Users\user02
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov)
AMD Catalyst Install Manager (HKLM\...\{B5550B26-CD14-054D-FF0A-83405AE096B9}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ASUS App Box (HKLM-x32\...\{F0CE6060-50B1-401E-8357-B6E24DB98D21}) (Version: 1.00.04 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.15 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.06 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.05 - ASUSTeK Computer Inc.)
ASUS Manager - SyncUp (HKLM-x32\...\{C2294792-457D-4DF7-9486-B630754C73D0}) (Version: 2.00.07 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.08 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.09.05 - ASUSTeK Computer Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.23.58 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{82dc2ab6-088f-4e0a-8e27-bb829481d3bc}) (Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.70.16079 - Avira Operations GmbH & Co. KG) Hidden
Bastion (HKLM\...\Steam App 107100) (Version:  - Supergiant Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bloodstained: Ritual of the Night (HKLM\...\Steam App 477970) (Version:  - )
Broken Sword 1 - Shadow of the Templars: Director's Cut (HKLM-x32\...\Steam App 57640) (Version:  - Revolution Software Ltd)
Card Hunter (HKLM-x32\...\Steam App 293260) (Version:  - Blue Manchu)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Clockwork Empires (HKLM-x32\...\Steam App 224740) (Version:  - Gaslamp Games, Inc.)
Commandos: Behind Enemy Lines (HKLM\...\Steam App 6800) (Version:  - Pyro Studios)
Company of Heroes (HKLM-x32\...\Steam App 4560) (Version:  - Relic Entertainment)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Divinity: Original Sin Enhanced Edition (HKLM-x32\...\Steam App 373420) (Version:  - Larian Studios)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.01.00 - ASUSTeK Computer Inc.)
EMET 5.2 (HKLM-x32\...\{F4DCB44D-F072-43A1-B4A5-57619C7B22D2}) (Version: 5.2 - Microsoft Corporation)
Gabriel Knight - Sins of the Fathers (HKLM\...\Steam App 262000) (Version:  - Phoenix Online Studios)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Grandia II Anniversary Edition (HKLM\...\Steam App 330390) (Version:  - GAME ARTS Co., Ltd.)
GWX Control Panel (HKLM-x32\...\UltimateOutsider_GwxControlPanel) (Version:  - UltimateOutsider)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
I am Setsuna (HKLM\...\Steam App 441830) (Version:  - Tokyo RPG Factory)
Icewind Dale: Enhanced Edition (HKLM\...\Steam App 321800) (Version:  - Beamdog)
Juniper Networks, Inc. Setup Client (HKU\S-1-5-21-3426533655-1647404870-3214638991-1001\...\Juniper_Setup_Client) (Version: 7.4.13.48589 - Juniper Networks, Inc.)
King's Bounty: Crossworlds (HKLM\...\Steam App 63910) (Version:  - Katauri Interactive)
Learn Japanese To Survive - Hiragana Battle (HKLM\...\Steam App 438270) (Version:  - Sleepy Duck Educational Games)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{8F92E0CF-620B-5C20-F292-59C93567B06D}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{E6AD67BB-1C33-4AB3-A387-E0D48137AB70}) (Version: 4.12.9782 - Apache Software Foundation)
Pillars of Eternity (HKLM\...\Steam App 291650) (Version:  - Obsidian Entertainment)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30179 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7272 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0247 - REALTEK Semiconductor Corp.)
Resident Evil 0 / biohazard 0 HD REMASTER (HKLM\...\Steam App 339340) (Version:  - CAPCOM Co., Ltd.)
SAMSUNG Intelli-studio (HKLM-x32\...\Intelli-studio) (Version:  - )
Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC)
SOMA (HKLM\...\Steam App 282140) (Version:  - Frictional Games)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tales of Symphonia (HKLM\...\Steam App 372360) (Version:  - BANDAI NAMCO Entertainment Inc.)
The Evil Within (HKLM-x32\...\Steam App 268050) (Version:  - Tango Gameworks)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD PROJEKT RED)
Torchlight II (HKLM\...\Steam App 200710) (Version:  - Runic Games)
Transistor (HKLM\...\Steam App 237930) (Version:  - Supergiant Games)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.12-2 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
XCOM: Enemy Unknown (HKLM\...\Steam App 200510) (Version:  - Firaxis Games)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {1EABA053-4156-4ED8-947A-094D1C94FA44} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2014-03-20] ()
Task: {23BE600B-E173-4942-A8F6-BD65F2E4458D} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2014-06-03] ()
Task: {7CC5EAE2-0135-434D-B19B-70638B59D569} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-09-12] (ASUSTeK)
Task: {8A6F8D6A-A0D9-4E3D-9C69-F60DB7F1556B} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2014-03-18] ()
Task: {A71A619C-0F91-4F6C-95C6-7883240CB840} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.)
Task: {B9C561F6-B618-4295-A135-04BFB759641B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-16] (Google Inc.)
Task: {D69D3BEA-0508-490B-B175-28FF696212FA} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-23] ()
Task: {DF43A3EB-B801-4CD4-AB46-8419D0BAF5BB} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-19] (ASUSTeK Computer Inc.)
Task: {ECAECB59-8445-480D-AC9C-D156824A3F97} - System32\Tasks\ASUS\SyncUp => C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe [2014-11-03] (ASUSTeK Computer Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-04 04:27 - 2013-09-26 13:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-03-11 16:43 - 2015-03-11 16:43 - 00157344 _____ () C:\Program Files (x86)\EMET 5.2\HelperLib.dll
2015-03-11 16:43 - 2015-03-11 16:43 - 00018584 _____ () C:\Program Files (x86)\EMET 5.2\ReportingSubsystem.dll
2015-03-11 16:43 - 2015-03-11 16:43 - 00052384 _____ () C:\Program Files (x86)\EMET 5.2\PKIPinningSubsystem.dll
2015-03-04 04:30 - 2013-11-06 05:58 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-03-11 16:43 - 2015-03-11 16:43 - 00035992 _____ () C:\Program Files (x86)\EMET 5.2\TrayIconSubsystem.dll
2015-03-11 16:43 - 2015-03-11 16:43 - 00036504 _____ () C:\Program Files (x86)\EMET 5.2\TelemetrySubsystem.dll
2014-03-19 13:31 - 2014-03-19 13:31 - 00348160 _____ () C:\Program Files (x86)\EMET 5.2\DevExpress.UserSkins.HighContrast.dll
2015-03-04 04:31 - 2014-06-03 17:59 - 00930448 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
2016-06-19 10:34 - 2015-05-26 17:33 - 01347264 ____N () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-11-29 09:30 - 2015-11-18 02:03 - 00666083 _____ () C:\Windows\SoftwarePolicy\softwarepolicystart.exe
2013-06-05 18:51 - 2013-06-05 18:51 - 00430080 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2013-06-05 18:51 - 2013-06-05 18:51 - 00032768 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResourcesNet4.dll
2015-03-04 04:30 - 2016-11-12 22:06 - 00036352 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-03-04 04:30 - 2010-06-28 21:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-03-04 04:31 - 2014-01-22 13:36 - 00753664 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\WiMoveHelp.dll
2015-03-04 04:31 - 2014-01-22 13:35 - 00684032 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\PhoneCtrlAPI.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3426533655-1647404870-3214638991-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.png
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [WMPNSS-Out-UDP-NoScope] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe
FirewallRules: [WMPNSS-Out-UDP] => (Block) %PROGRAMFILES%\Windows Media Player\wmpnetwk.exe
FirewallRules: [WMPNSS-UPnP-Out-TCP] => (Block) %SystemRoot%\system32\svchost.exe
FirewallRules: [{FBF475E7-8A92-48B9-AA74-E5CD9E056CF5}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{688DFF26-41A7-4733-B814-169CCD30825F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DC2890FE-3C16-4485-9BF2-E380273A6AE1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C3FD3384-3663-4BC7-89F3-E67D3F65231C}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{0666DE20-4E49-4F11-B4D9-A8A98F7DDBD0}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm_x64.exe
FirewallRules: [{F338F3DA-BEAC-4B1C-8629-AB9741425C23}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2D924D0A-2C14-4FDF-83FE-6A9B13FEDCFF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{58560AD0-DC78-42C6-A35E-38A454316CCC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC47EC09-543C-42A1-B629-D5BB51415803}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{987C0A21-838B-4321-9B7C-2C9C9172B5B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{03676ED0-9657-4FB3-B365-4A5D86DD4506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Broken Sword Shadow of the Templars\bs1dc.exe
FirewallRules: [{FABF295C-E2E2-4191-B80F-F9D4CF2FEEA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{9D19E6E5-8650-4240-9B01-37E8F99F58E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{BF512CA6-A136-4DFE-B806-47C65CE7CDCE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{0AF741F7-6528-4CEA-B129-E14DD1A984D2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{88440F3E-2533-4A94-9A25-B8F90EA09479}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clockwork Empires\Clockwork Empires.exe
FirewallRules: [{17C8FB55-D3B3-4863-8863-DDE83E69CE51}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Clockwork Empires\Clockwork Empires.exe
FirewallRules: [{953273DB-2576-4F02-89CE-1CD31C19AD21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes\RelicCOH.exe
FirewallRules: [{C8DF3D89-FD18-4E21-870B-10D1FE6FF9BB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Company of Heroes\RelicCOH.exe
FirewallRules: [TCP Query User{FDB77321-7CBC-42FA-878A-B65681340205}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe
FirewallRules: [UDP Query User{B4965B3E-BF07-4F99-8DBC-3F2B59A437E0}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe
FirewallRules: [{FC158D80-6177-48DB-91DD-6F647FFFA6FE}] => (Allow) %ProgramFiles% (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BB78989F-ADCC-4F98-A7BF-0FE0C96D199E}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe
FirewallRules: [{21327A16-905D-4588-945B-4F95658D3B22}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe
FirewallRules: [{3C5DE34A-DD0E-462E-A02B-19B414DC9395}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net.6382\Battle.net.exe
FirewallRules: [{8E6D3BF6-C048-42D6-88C9-274691DD3533}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net.6382\Battle.net.exe
FirewallRules: [{96746A8C-4AF7-4A24-98BA-05FDE44A46D3}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{84268244-CA84-4D62-B5B6-D09D15EF9F60}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{9772B089-6DD1-4598-91FE-800B736FABBC}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net.6526\Battle.net.exe
FirewallRules: [{AF12C844-5F61-46C8-A877-97F7609DAA34}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe
FirewallRules: [{E6804265-1FD1-48BC-8A10-C789371BF640}] => (Allow) %ProgramFiles% (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe
FirewallRules: [{4881F8CC-89E8-411B-A6AB-0DBEE152C88B}] => (Allow) %ProgramFiles% (x86)\Avira\Antivirus\update.exe
FirewallRules: [{F513399A-F8A4-43BA-9B38-6ACE2B704CA2}] => (Allow) %ProgramFiles% (x86)\Avira\Antivirus\avgnt.exe
FirewallRules: [{990FE437-91C2-438C-9540-C42D381E3B85}] => (Allow) %ProgramFiles% (x86)\Avira\Antivirus\avadmin.exe
FirewallRules: [TCP Query User{5A330D22-418E-4A42-9B35-CAEA8CB56C36}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm.exe
FirewallRules: [UDP Query User{7ABFF56A-90B3-48C2-9445-811325B0C17C}C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39271\heroesofthestorm.exe
FirewallRules: [{A14E614F-5424-4841-9BDC-8C35FC525E5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{7810A338-8269-498A-8D6C-2676AA57E269}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TheEvilWithin\EvilWithin.exe
FirewallRules: [{D8BEAAD7-119E-4483-B564-12A0CCDE5EED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{E1B8C4C9-76F8-47E1-A60A-08E3E88B4E6C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{86192BDF-0AD4-4169-AE9D-403572CD5B1A}] => (Allow) %ALLUSERSPROFILE%\Battle.net\Agent\Agent.5181\Agent.exe
FirewallRules: [TCP Query User{DA3AE5C8-B639-4A32-832A-9578DB643D6D}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{82D8FA16-AC51-4A38-95AF-617D13B4C11F}C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{6F9F92AA-F177-42D1-9729-1630C7829E80}] => (Allow) %ProgramFiles% (x86)\StarCraft II\Versions\Base46154\SC2_x64.exe
FirewallRules: [TCP Query User{29A1519A-5427-421D-97EE-DFE0BBF73E09}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{D7D61AA0-DC8F-4D83-8AC9-307A79DFD204}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{E9FEF360-3918-4A44-8BFD-F202C6261FC0}] => (Allow) %ProgramFiles% (x86)\Steam\GameOverlayUI.exe
FirewallRules: [TCP Query User{08E1B947-9AC7-46D0-ABC7-C419DBA7DAD9}C:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4C41D00A-9555-42F7-9D97-D64973174DF6}C:\program files (x86)\heroes of the storm\versions\base39445\heroesofthestorm_x64.exe] => (Allow) %ProgramFiles% (x86)\Heroes of the Storm\Versions\Base39709\HeroesOfTheStorm_x64.exe
FirewallRules: [{2D595A8C-FB23-4EE2-BC31-EF66003636F3}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net.exe
FirewallRules: [{39A8993D-2777-427B-BA96-0D80E19B96C5}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{7FAC5E0D-DA81-42CB-B9B6-F1B1165C8A30}] => (Allow) %ALLUSERSPROFILE%\Battle.net\Agent\Agent.5269\Agent.exe
FirewallRules: [{2D04A0FC-2F7E-4D84-BAD2-10E2885A608F}] => (Allow) %ALLUSERSPROFILE%\Battle.net\Agent\Agent.exe
FirewallRules: [TCP Query User{BE149E46-CB03-42FF-8D8A-A09ACFA5C369}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm.exe
FirewallRules: [UDP Query User{BE90B984-60D2-49B1-AF13-6EA05DB1A756}C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39709\heroesofthestorm.exe
FirewallRules: [{7783B61B-56F0-4A48-BF07-9119E914ED09}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net.8142\Battle.net.exe
FirewallRules: [TCP Query User{D4ED2C73-4564-405C-9737-1F82100DE781}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2D5A9D24-57FE-470B-94CE-B67552256D8A}C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base39951\heroesofthestorm_x64.exe
FirewallRules: [{9510214C-DDFB-4663-8FA0-1D5064A04501}] => (Allow) %ProgramFiles% (x86)\NCWest\NCLauncher\NCLauncher.exe
FirewallRules: [{BDFED72F-ACFA-43F2-96D1-581068C04FBD}] => (Allow) %ProgramFiles% (x86)\NCWest\NCLauncher\NCLauncherR.exe
FirewallRules: [{0EB50F1B-B721-4C97-9064-0F1AA708351B}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe
FirewallRules: [{68604D77-7D20-4C78-A2F8-6AF7F2A05ABD}] => (Allow) %ALLUSERSPROFILE%\Battle.net\Agent\Agent.4869\Agent.exe
FirewallRules: [{3C48A965-4199-4F16-905C-DC5519426A10}] => (Allow) %ProgramFiles% (x86)\Battle.net\Battle.net.7113\Battle.net.exe
FirewallRules: [{0E66E573-0BB5-45D3-A8D2-6B115878542B}] => (Allow) %ProgramFiles% (x86)\Heroes of the Storm\Versions\Base47479\HeroesOfTheStorm_x64.exe
FirewallRules: [{125FC625-C058-4CD3-B985-48470970F823}] => (Allow) %ProgramFiles% (x86)\Heroes of the Storm\Heroes of the Storm.exe
FirewallRules: [{79CA7AE4-0096-4899-BDEA-E5247FBF2DC9}] => (Allow) %ProgramFiles% (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [{0B21259F-FFDB-4245-9208-3030D45AC334}] => (Allow) %ProgramFiles% (x86)\Diablo III\Diablo III.exe
FirewallRules: [{F7C46A7A-A150-4AFE-852E-6E9541FE1C3A}] => (Allow) %ProgramFiles% (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E4C03678-46B3-4889-8758-F0EB442EF687}] => (Allow) %ProgramFiles% (x86)\Diablo III\Diablo III Launcher.exe
FirewallRules: [TCP Query User{D28149B4-CF14-4267-A848-E7774F0F0FB9}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7973730E-F179-4AC4-99F5-15019988F2D8}C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base40697\heroesofthestorm_x64.exe
FirewallRules: [{1EC13BEC-9647-4767-86D9-EDACE6FDF45C}] => (Allow) %ProgramFiles%\ChromeSetup.exe
FirewallRules: [{FDE48127-61A6-484A-BBFF-2F7076CBE090}] => (Allow) %ProgramFiles%\ChromeSetup.exe
FirewallRules: [{71DB01C4-BE21-4A8E-9003-253A02AF0485}] => (Allow) %ProgramFiles% (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{181C2C53-8D52-4E16-A574-4F4CDF91515D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{A6089555-E44C-4458-82C7-A4025C29F61C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Divinity Original Sin Enhanced Edition\Shipping\EoCApp.exe
FirewallRules: [{C674E48E-8FCA-43F0-9C42-84FE33C0305C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{1FFDD37A-6043-4B95-A765-D9D839BF7038}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Transistor\x64\Transistor.exe
FirewallRules: [{F10C1B81-5991-4FEC-8E44-4CA99EB069EC}] => (Allow) %ProgramFiles% (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{47D3206A-85DE-4E80-AA5F-B5048DC46844}] => (Allow) %ProgramFiles% (x86)\Hearthstone\Hearthstone Beta Launcher.exe
FirewallRules: [{A63E6811-A4AC-4DCA-8FC9-506DAE9762D8}] => (Allow) %ProgramFiles% (x86)\Overwatch\Overwatch Launcher.exe
FirewallRules: [{5AA3C754-FED2-4F4A-8E92-50AF2EA87797}] => (Allow) %ProgramFiles% (x86)\Overwatch\Overwatch.exe
FirewallRules: [TCP Query User{2045A458-5CFC-4824-86D7-5D9FA093B942}C:\program files (x86)\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{3BEC3C7E-66E7-40F5-AB51-F33D79ED7906}C:\program files (x86)\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43170\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3F69AA9D-605B-4BEC-8C3A-83F559D36035}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{60A48894-DAE8-46BA-B57D-7CC9D29850A4}C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43259\heroesofthestorm_x64.exe
FirewallRules: [{99C9ADFF-1E3D-4A7F-B88D-ABBBA929D930}] => (Allow) %ProgramFiles% (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{41C13CB6-A253-4412-B23C-B045A762B8F8}] => (Allow) %ProgramFiles% (x86)\VideoLAN\VLC\vlc.exe
FirewallRules: [{F3BD4D08-2DA9-436B-9803-DD0EB3C7FFED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{ACCD71A8-CBCB-416F-A7AA-5DF9080EFE5C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kings Bounty Crossworlds\KB.exe
FirewallRules: [{D902407A-E601-4BD9-9F56-5E521D8371A1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{19E720AD-BE57-4D36-BB66-AA32BD19C6AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{C60EDCB3-4D70-4DF7-974F-18306FE85840}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{586E7F5F-EC8F-423B-9F18-C3B98B82405A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{C0808572-2D4F-4F57-9A6E-1CC33B5DC082}] => (Allow) %ProgramFiles% (x86)\Steam\bin\steamservice.exe
FirewallRules: [{FF001C70-3443-4B57-8608-B07C3156EBD3}] => (Allow) %ProgramFiles% (x86)\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{07C0E701-7909-491B-B4C8-13F041E03C23}C:\program files (x86)\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{169D2A35-07EB-4873-AB08-5546C016A6BB}C:\program files (x86)\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base43571\heroesofthestorm_x64.exe
FirewallRules: [{061E6AC8-0223-4424-914C-4D668ED8FCC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grandia II Anniversary Edition\grandia2.exe
FirewallRules: [{9398F696-4C86-4E86-9662-83ADA72C5C1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grandia II Anniversary Edition\grandia2.exe
FirewallRules: [{70EEE323-84B8-402F-B525-AC483D082ADE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grandia II Anniversary Edition\Grandia2Launcher.exe
FirewallRules: [{EBDB5684-C3DF-4DFA-8C18-EFAA53D40D7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grandia II Anniversary Edition\Grandia2Launcher.exe
FirewallRules: [{A440C9D0-F197-4BE2-B506-068C3C8CD0BF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Symphonia\TOS.exe
FirewallRules: [{658CB9F1-1178-4126-9608-F2FCE9211E75}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tales of Symphonia\TOS.exe
FirewallRules: [{D1907C44-52BD-4F38-964A-44CB3F60AC21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gabriel Knight 1\GK1.exe
FirewallRules: [{39D0144B-465A-456F-AC80-4270615CBC27}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Gabriel Knight 1\GK1.exe
FirewallRules: [{119A835F-0922-400D-8EBB-B2FE0819F4FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos Behind Enemy Lines\Comandos.exe
FirewallRules: [{B839B09E-7E2E-4C4E-8FAF-C22B0D0B88DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos Behind Enemy Lines\Comandos.exe
FirewallRules: [{9E06572A-9640-42EB-9B74-CF7B961E40E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{6EE11DAD-0B5A-496C-889C-30D1C870BE30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commandos Behind Enemy Lines\Legacy\Comandos.exe
FirewallRules: [{857F853F-327F-4A84-97DD-59D37C248AF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe
FirewallRules: [{2010D8CC-2DF9-474F-9333-5A39BD69BE24}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Icewind Dale Enhanced Edition\icewind.exe
FirewallRules: [{A1437B7D-8C4B-4DA9-A194-95F80C69ACF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HiraganaBattle\Learn Japanese To Survive - Hiragana Battle.exe
FirewallRules: [{6C498CC5-18B7-4564-93E6-7AA09A2DF597}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\HiraganaBattle\Learn Japanese To Survive - Hiragana Battle.exe
FirewallRules: [{2B4406E6-C83B-425C-80A3-11397307EAE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{051FA201-C118-4FF5-82D8-2658EE4A6C23}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{444B0226-65C6-4A4E-936E-F858626ED747}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 0\re0hd.exe
FirewallRules: [{370AE6C7-34BD-4941-B1B9-80E6A7AC5A22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Resident Evil 0\re0hd.exe
FirewallRules: [{9FF6C8E4-A1E2-4B93-AC20-698626E5718C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SOMA\Soma.exe
FirewallRules: [{8166E6C7-E885-453C-81DB-597F32353AF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SOMA\Soma.exe
FirewallRules: [{83DE3AFE-FCF7-46D6-8814-0A7D32196CF6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SOMA\ModLauncher.exe
FirewallRules: [{D3267C6C-B5DB-4D06-B0BA-5E361741A315}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SOMA\ModLauncher.exe
FirewallRules: [{3CBC607F-4431-4EF8-BF1B-8B2355519FC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{D4718BAC-4E74-4519-BD1F-AF3FD8DFE513}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{3A9CAB77-CF94-4D43-AEE5-70C12D725F6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloodstained Ritual of the Night\Bloodstained.exe
FirewallRules: [{401A82CE-85FE-4E50-BEC6-D54ED3CF665D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bloodstained Ritual of the Night\Bloodstained.exe
FirewallRules: [TCP Query User{98155DC4-A89E-4FF0-9577-7672ACFCE035}C:\program files (x86)\steam\steamapps\common\bloodstained ritual of the night\ron\binaries\win64\ron-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodstained ritual of the night\ron\binaries\win64\ron-win64-shipping.exe
FirewallRules: [UDP Query User{6A3C989A-9037-4568-841C-948BDC6DC13A}C:\program files (x86)\steam\steamapps\common\bloodstained ritual of the night\ron\binaries\win64\ron-win64-shipping.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\bloodstained ritual of the night\ron\binaries\win64\ron-win64-shipping.exe
FirewallRules: [{018D0E4B-8A0B-41DE-82D3-08244A040FD4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{72AFEEE3-EDAC-4F5D-8418-2C17892E4683}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{3CB2F4D0-0A92-4B23-8FE2-FC5CF8C5FC8B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SETSUNA\SETSUNA.exe
FirewallRules: [{F1746641-71C3-4C88-8149-D3801AC91934}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SETSUNA\SETSUNA.exe
FirewallRules: [TCP Query User{567B0B35-E4CE-47D1-9525-EE573E8B9F3D}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [UDP Query User{7F1D315B-7AE0-42E5-8A20-AECB28C16234}C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe] => (Block) C:\program files (x86)\starcraft ii\versions\base44983\sc2_x64.exe
FirewallRules: [{482477EA-70F9-4988-AE85-5613D920A191}] => (Allow) %ProgramFiles% (x86)\br\tdsskiller\FRST64.exe
FirewallRules: [{E543CE7D-F751-4835-9C4B-49C01DB39FB5}] => (Allow) %SystemDrive%\Users\user02\Documents\frst\esetsmartinstaller_enu.exe
FirewallRules: [{86A10242-EA7F-4C90-BC10-CE54776EAE54}] => (Allow) %ProgramFiles% (x86)\br\mbytes\mbar\mbar.exe
FirewallRules: [TCP Query User{D8D685D9-B52A-4342-AF2C-1461BF60D53D}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{11E6A04F-75FB-48B1-97CB-C2F73F3B16F0}C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base46446\heroesofthestorm_x64.exe
FirewallRules: [{8F1FBE92-D103-4272-8641-EE49C767712F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{14292615-72A3-4B34-98C0-F98DF04F3AB1}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
FirewallRules: [{B2CAE5AB-0EB4-4B31-BFF7-D69A66255389}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
FirewallRules: [{3EF8A3E6-D2E0-498E-9B2A-2DF2DADB0024}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe
FirewallRules: [{463AF001-7A22-4A69-93CF-D7525C489B5C}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe
 
==================== Restore Points =========================
 
18-10-2016 18:41:58 Scheduled Checkpoint
26-10-2016 22:54:42 Scheduled Checkpoint
05-11-2016 09:56:02 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
Name: Root Print Queue
Description: Local Print Queue
Class Guid: {1ed2bbf9-11f0-4084-b21f-ad83a8e6dcdc}
Manufacturer: Microsoft
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC
Description: Realtek 8821AE Wireless LAN 802.11ac PCI-E NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTWlanE
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Microsoft Kernel Debug Network Adapter
Description: Microsoft Kernel Debug Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: kdnic
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Realtek Bluetooth 4.0 + High Speed Chip
Description: Realtek Bluetooth 4.0 + High Speed Chip
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Realtek Semiconductor Corp.
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Remote Desktop Device Redirector Bus
Description: Remote Desktop Device Redirector Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: rdpbus
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/12/2016 10:24:51 PM) (Source: Avira Service Host) (EventID: 0) (User: )
Description: Failed to process session change. System.ComponentModel.Composition.CompositionException: The composition produced a single composition error, with 4 root causes. The root causes are provided below. Review the CompositionException.Errors property for more detailed information.
 
1) Could not finishing composing object of type 'Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector'. The import '
ContractName Avira.OE.BrowserExtensionConnector.IProductInfoFactory
RequiredTypeIdentity Avira.OE.BrowserExtensionConnector.IProductInfoFactory' was not satisfied.
 
Resulting in: Cannot get export 'Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector (ContractName="Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector")' from part 'Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector'.
Element: Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector (ContractName="Avira.OE.BrowserExtensionConnector.AviraBrowserSafetyStatusConnector") -->  Avira.OE.BrowserExtensionConnec...
 
Error: (11/12/2016 07:07:33 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\RltkAPO64.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Audio Device Graph Isolation because of this error.
 
Program: Windows Audio Device Graph Isolation
File: C:\Windows\System32\RltkAPO64.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000428
Disk type: 3
 
Error: (11/12/2016 07:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 6.3.9600.17415, time stamp: 0x54503ea8
Faulting module name: RltkAPO64.dll, version: 11.0.6000.380, time stamp: 0x539ab2a5
Exception code: 0xc0000006
Fault offset: 0x0000000000157697
Faulting process id: 0x8c0
Faulting application start time: 0x01d23d41eeef465c
Faulting application path: C:\Windows\system32\AUDIODG.EXE
Faulting module path: C:\Windows\system32\RltkAPO64.dll
Report Id: 2ca7bdf9-a935-11e6-8347-54a05088bfcd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/12/2016 07:07:33 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\RltkAPO64.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Audio Device Graph Isolation because of this error.
 
Program: Windows Audio Device Graph Isolation
File: C:\Windows\System32\RltkAPO64.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000428
Disk type: 3
 
Error: (11/12/2016 07:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 6.3.9600.17415, time stamp: 0x54503ea8
Faulting module name: RltkAPO64.dll, version: 11.0.6000.380, time stamp: 0x539ab2a5
Exception code: 0xc0000006
Fault offset: 0x0000000000157697
Faulting process id: 0x594
Faulting application start time: 0x01d23d41eede95f0
Faulting application path: C:\Windows\system32\AUDIODG.EXE
Faulting module path: C:\Windows\system32\RltkAPO64.dll
Report Id: 2c970d81-a935-11e6-8347-54a05088bfcd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/12/2016 07:07:33 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\RltkAPO64.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Audio Device Graph Isolation because of this error.
 
Program: Windows Audio Device Graph Isolation
File: C:\Windows\System32\RltkAPO64.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000428
Disk type: 3
 
Error: (11/12/2016 07:07:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 6.3.9600.17415, time stamp: 0x54503ea8
Faulting module name: RltkAPO64.dll, version: 11.0.6000.380, time stamp: 0x539ab2a5
Exception code: 0xc0000006
Fault offset: 0x0000000000157697
Faulting process id: 0x161c
Faulting application start time: 0x01d23d41eeaee6d0
Faulting application path: C:\Windows\system32\AUDIODG.EXE
Faulting module path: C:\Windows\system32\RltkAPO64.dll
Report Id: 2c83fac0-a935-11e6-8347-54a05088bfcd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/12/2016 07:05:56 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\RltkAPO64.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Audio Device Graph Isolation because of this error.
 
Program: Windows Audio Device Graph Isolation
File: C:\Windows\System32\RltkAPO64.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000428
Disk type: 3
 
Error: (11/12/2016 07:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AUDIODG.EXE, version: 6.3.9600.17415, time stamp: 0x54503ea8
Faulting module name: RltkAPO64.dll, version: 11.0.6000.380, time stamp: 0x539ab2a5
Exception code: 0xc0000006
Fault offset: 0x0000000000157697
Faulting process id: 0xb6c
Faulting application start time: 0x01d23d41b518f9cb
Faulting application path: C:\Windows\system32\AUDIODG.EXE
Faulting module path: C:\Windows\system32\RltkAPO64.dll
Report Id: f2d1716d-a934-11e6-8347-54a05088bfcd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (11/12/2016 07:05:56 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Windows\System32\RltkAPO64.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Windows Audio Device Graph Isolation because of this error.
 
Program: Windows Audio Device Graph Isolation
File: C:\Windows\System32\RltkAPO64.dll
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: C0000428
Disk type: 3
 
 
System errors:
=============
Error: (11/12/2016 10:03:34 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:56:26 PM on ‎11/‎12/‎2016 was unexpected.
 
Error: (11/12/2016 10:03:18 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841180816
 
Error: (11/12/2016 09:56:11 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841181200
 
Error: (11/12/2016 09:56:26 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:08:43 PM on ‎11/‎12/‎2016 was unexpected.
 
Error: (11/12/2016 06:35:18 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
Description: 32212256841181200
 
Error: (11/12/2016 06:35:38 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:29:23 PM on ‎11/‎12/‎2016 was unexpected.
 
Error: (11/12/2016 12:37:40 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
Error: (11/12/2016 12:12:09 PM) (Source: DCOM) (EventID: 10010) (User: labtop01)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (11/12/2016 02:12:56 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5
 
Error: (11/11/2016 10:05:40 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-8310 Eight-Core Processor 
Percentage of memory in use: 18%
Total physical RAM: 8107.42 MB
Available physical RAM: 6632.66 MB
Total Virtual: 8939.42 MB
Available Virtual: 6514.79 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:1847.81 GB) (Free:1526.44 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 9B7CD077)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 user001

user001
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:09:40 PM

Posted 13 November 2016 - 08:51 PM

I tested the mouse on my bro's computer thinking its mechanical issue but it worked perfectly with no issue. I've read online that Bluetooth mouse might have delay but my mouse is plug-in USB. I've ran malware bytes and Avira but it found nothing.

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:40 PM

Posted 18 November 2016 - 12:20 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/632118 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#4 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,769 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:40 PM

Posted 18 November 2016 - 02:02 PM

You have stated that you no longer need help with this issue, therefore I am closing this topic. If that is not the case and you need or wish to continue with this topic, please send any Moderator a Personal Message (PM) that you would like this topic re-opened.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users