Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2016 Ran by Wonszyna (10-09-2016 14:47:09) Running from C:\Users\Wonszyna\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2016-03-17 20:12:27) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2833092497-400483568-1915059554-500 - Administrator - Disabled) Guest (S-1-5-21-2833092497-400483568-1915059554-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2833092497-400483568-1915059554-1003 - Limited - Enabled) UpdatusUser (S-1-5-21-2833092497-400483568-1915059554-1004 - Limited - Enabled) => C:\Users\UpdatusUser Wonszyna (S-1-5-21-2833092497-400483568-1915059554-1000 - Administrator - Enabled) => C:\Users\Wonszyna ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 15.12 (x64) (HKLM\...\7-Zip) (Version: 15.12 - Igor Pavlov) 7-Zip 16.02 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1602-000001000000}) (Version: 16.02.00.0 - Igor Pavlov) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform) Driver Easy 5.1.0 (HKLM\...\DriverEasy_is1) (Version: 5.1.0 - Easeware) ELAN Touchpad 11.5.21.6_X64_WHQL (HKLM\...\Elantech) (Version: 11.5.21.6 - ELAN Microelectronic Corp.) Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff) Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Hero Siege (HKLM\...\Steam App 269210) (Version: - Elias Viglione) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) HiPatch (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF000}) (Version: 5.0.3.9 - Hi-Rez Studios) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2963 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.7.248 - Intel Corporation) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2010 Service Pack 1 (SP1) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}) (Version: - Microsoft) Microsoft Office Language Pack 2010 - Polish/Polski (HKLM\...\Office14.OMUI.pl-pl) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation) Middle-earth: Shadow of Mordor (HKLM\...\Steam App 241930) (Version: - Monolith Productions, Inc.) Minion (HKU\S-1-5-21-2833092497-400483568-1915059554-1000\...\{Minion}}_is1) (Version: 3.0 - Good Game Mods LLC) Mozilla Firefox 48.0.2 (x64 pl) (HKLM\...\Mozilla Firefox 48.0.2 (x64 pl)) (Version: 48.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2 - Mozilla) Music Manager (HKU\S-1-5-21-2833092497-400483568-1915059554-1000\...\MusicManager) (Version: - Google, Inc.) NVIDIA HD Audio Driver 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation) NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation) NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation) Paladins (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF402}) (Version: 0.31.1195.3 - Hi-Rez Studios) qBittorrent 3.3.5 (HKLM-x32\...\qBittorrent) (Version: 3.3.5 - The qBittorrent project) Qualcomm Atheros WiFi Driver Installation Program (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.27055 - Realtek Semiconduct Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7899 - Realtek Semiconductor Corp.) SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios) Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.8.7 - Tunngle.net GmbH) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) Winyl 3.2.1 (HKLM-x32\...\{5BEA5008-5317-4526-92C9-9685E7AF5F5A}_is1) (Version: - Vinyl Software) X-Mouse Button Control 2.13.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.13.1 - Highresolution Enterprises) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2833092497-400483568-1915059554-1000_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Wonszyna\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2833092497-400483568-1915059554-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2833092497-400483568-1915059554-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Wonszyna\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1E012E6A-FECE-421E-8BFB-8AE0839321BB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software) Task: {3C1E8AA7-E3A8-4B5E-B251-7C8010FCE440} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833092497-400483568-1915059554-1000Core => C:\Users\Wonszyna\AppData\Local\Google\Update\GoogleUpdate.exe [2016-08-07] (Google Inc.) Task: {B997631D-FE6C-4DE5-A6DD-5793EDBD465B} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2016-08-10] (Easeware) Task: {BAEA7A6F-C585-46DE-B28F-99CE7C107549} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2833092497-400483568-1915059554-1000UA => C:\Users\Wonszyna\AppData\Local\Google\Update\GoogleUpdate.exe [2016-08-07] (Google Inc.) Task: {BD6E0E19-A954-456C-AB51-522BFCF5E49D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd) Task: {C3F2EE54-46C3-4091-BE76-E6BBF3CF4A3D} - System32\Tasks\SafeZone scheduled Autoupdate 1466522398 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software) Task: {DE284BC6-D00D-4DE0-9437-102AEA7194BE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-09] (AVAST Software) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2833092497-400483568-1915059554-1000Core.job => C:\Users\Wonszyna\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2833092497-400483568-1915059554-1000UA.job => C:\Users\Wonszyna\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2016-08-14 17:18 - 2016-08-14 17:18 - 00020536 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll 2016-06-15 14:42 - 2016-07-11 01:17 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2016-06-14 13:49 - 2016-06-14 13:48 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe 2015-10-22 13:22 - 2015-10-22 13:22 - 00175080 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll 2015-10-22 13:21 - 2015-10-22 13:21 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll 2015-10-22 13:21 - 2015-10-22 13:21 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll 2015-10-22 13:22 - 2015-10-22 13:22 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll 2015-10-22 13:22 - 2015-10-22 13:22 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll 2015-09-21 16:24 - 2015-09-21 16:24 - 00317440 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll 2015-09-21 16:24 - 2015-09-21 16:24 - 01709056 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll 2016-09-09 13:42 - 2016-09-09 13:42 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-09-10 12:13 - 2016-09-10 12:13 - 03085488 _____ () C:\Program Files\AVAST Software\Avast\defs\16091000\algo.dll 2016-09-09 13:42 - 2016-09-09 13:42 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2015-11-17 19:44 - 2015-11-17 19:44 - 00117248 _____ () C:\Users\Wonszyna\AppData\Local\Programs\Google\MusicManager\libaacdec.dll 2015-11-17 19:45 - 2015-11-17 19:45 - 00234496 _____ () C:\Users\Wonszyna\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll 2015-11-17 19:45 - 2015-11-17 19:45 - 00253440 _____ () C:\Users\Wonszyna\AppData\Local\Programs\Google\MusicManager\libid3tag.dll 2015-11-17 19:44 - 2015-11-17 19:44 - 00344064 _____ () C:\Users\Wonszyna\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll 2016-08-14 17:18 - 2016-08-14 17:18 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll 2016-06-21 17:15 - 2016-06-21 17:15 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2833092497-400483568-1915059554-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Wonszyna\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{DB3162E0-8EDC-4662-A5CA-18A169B325B9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{B464DCBC-64B6-4C28-AF1E-81E0E0AE1FB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{01CEE1E9-49C8-416B-A080-19A5B06BDA03}] => (Allow) D:\steam\Steam.exe FirewallRules: [{2FBDEE88-A035-4CD7-AC6B-0545841059C3}] => (Allow) D:\steam\Steam.exe FirewallRules: [{2A0A5EDA-0BDD-44CB-9BC8-87E53B659ECC}] => (Allow) D:\steam\bin\steamwebhelper.exe FirewallRules: [{B3C12DDD-7C1F-4985-8A55-D8036798D4EB}] => (Allow) D:\steam\bin\steamwebhelper.exe FirewallRules: [{93C4EEA1-FF88-436A-AD4C-7D95AD338E5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D0662597-25FC-43D2-9776-0229CDD54D4C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{68DFB5D7-C1CE-4465-9D8B-DE8BA24C207D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{694C911A-034C-4441-9BF3-5FD3B118B532}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{D61D60AF-9467-4EE3-8499-B070B6903F8F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{9D74384C-57DA-470A-87C5-67CF4C27AB26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{CC0D90F3-E2B8-4D23-B165-55D754707EBD}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{5B3AB003-2B15-45A1-B44B-05019C28A70C}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{65ACA60B-ED92-49B6-81E3-1F13B3D63C30}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{0C37F25D-2423-4E96-8AD1-44AD298E3240}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe FirewallRules: [{6512F506-4031-4057-A68F-D5706F183D58}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{A21F67AA-A891-4867-B451-575DA75C6D12}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe FirewallRules: [{B378E613-6F45-45A0-8024-BF569F01F1EE}] => (Allow) D:\steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe FirewallRules: [{17C83EC0-EC77-426A-AD03-DFDD764E8B60}] => (Allow) D:\steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe FirewallRules: [{B5982AFD-8D3D-41DE-A743-822F3056543A}] => (Allow) D:\steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{40A8E777-EFA3-4C4D-81EB-9CA80C92A270}] => (Allow) D:\steam\steamapps\common\ShadowOfMordor\x64\ShadowOfMordor.exe FirewallRules: [{6DE3AAD1-0778-4444-AD11-AF15CB514D97}] => (Allow) D:\steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe FirewallRules: [{F1A85B73-6AAA-4CE7-BB3C-F31A768EE976}] => (Allow) D:\steam\steamapps\common\HeroSiege\bin\Hero_Siege.exe FirewallRules: [{C7BB80E7-CA2B-4013-9C98-EEA1E1EA04E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4DBBF107-F4F1-4066-AD51-FA8C9D134A16}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{6113346D-AD34-4E44-AFAA-37B7B01F06AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Restore Points ========================= 08-09-2016 17:26:41 Removed Java 8 Update 101 (64-bit) 08-09-2016 19:09:10 Removed Java 8 Update 101 08-09-2016 19:30:43 Removed Java 8 Update 101 (64-bit) 08-09-2016 19:32:02 Removed Java SE Development Kit 8 Update 91 (64-bit) 10-09-2016 12:01:19 Removed Java 8 Update 101 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/10/2016 02:28:23 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/10/2016 02:18:17 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: The index cannot be initialized. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/10/2016 02:18:17 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/10/2016 02:18:17 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/10/2016 02:18:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Error: (09/10/2016 02:18:16 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/10/2016 02:18:16 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: The Windows Search Service cannot load the property store information. Context: Windows Application, SystemIndex Catalog Details: The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800) Error: (09/10/2016 02:18:16 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/10/2016 02:18:16 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index. Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (09/10/2016 02:18:16 PM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: The Windows Search Service cannot open the Jet property store. Details: 0x%08x (0xc0041800 - The content index database is corrupt. (HRESULT : 0xc0041800)) System errors: ============= Error: (09/10/2016 02:18:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (09/10/2016 02:18:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The Windows Search service terminated with service-specific error %%-1073473535. Error: (09/10/2016 02:16:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Search service failed to start due to the following error: The system cannot find the path specified. Error: (09/10/2016 02:16:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Windows Media Player Network Sharing Service service failed to start due to the following error: The system cannot find the path specified. Error: (09/10/2016 02:16:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s). Error: (09/10/2016 02:16:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s). Error: (09/10/2016 02:16:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (09/10/2016 02:16:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (09/10/2016 02:15:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (09/10/2016 02:15:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The PnkBstrA service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2016-08-03 13:26:21.786 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-03 13:26:21.474 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-02 08:23:50.802 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-02 08:23:50.537 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-01 15:28:41.303 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-08-01 15:28:41.006 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-31 18:23:53.708 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-31 18:23:53.474 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-31 10:23:04.708 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system. Date: 2016-07-31 10:23:04.506 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz Percentage of memory in use: 32% Total physical RAM: 8077.62 MB Available physical RAM: 5437.24 MB Total Virtual: 16153.44 MB Available Virtual: 13449.5 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:97.56 GB) (Free:55.93 GB) NTFS Drive d: () (Fixed) (Total:600.98 GB) (Free:421.61 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: D20E56A9) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=601 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================