Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-08-2016
Ran by Joker (30-08-2016 14:59:22)
Running from C:\Users\Joker\Desktop
Windows 10 Home Version 1511 (X64) (2015-11-19 02:41:28)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4108570940-403023662-39266533-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4108570940-403023662-39266533-503 - Limited - Disabled)
Guest (S-1-5-21-4108570940-403023662-39266533-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4108570940-403023662-39266533-1004 - Limited - Enabled)
Joker (S-1-5-21-4108570940-403023662-39266533-1001 - Administrator - Enabled) => C:\Users\Joker

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
ACP Application (Version: 2016.0811.0433.30 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.183.90 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
APP Shop v1.0.22 (HKLM-x32\...\{90242E9B-BC60-46E3-8EE7-8E953F702280}_is1) (Version: 1.0.22 - ASRock Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.6.5 - ASUS)
Autodesk 3ds Max 2016 (HKLM\...\Autodesk 3ds Max 2016) (Version: 18.0.873.0 - Autodesk)
Autodesk 3ds Max 2016 (Version: 18.0.873.0 - Autodesk) Hidden
Autodesk 3ds Max 2016 Populate Data (HKLM\...\{57E92DED-DC7C-41E5-B9E1-76D83BD2EABE}) (Version: 18.0.0.0 - Autodesk)
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.19 - Autodesk)
Autodesk Application Manager (HKLM-x32\...\Autodesk Application Manager) (Version: 5.0.142.14 - Autodesk)
Autodesk Backburner 2016 (HKLM-x32\...\{8C5F38D2-9EFE-49A4-B3F5-BF3210FED168}) (Version: 16.0.0.0 - Autodesk)
Autodesk Civil View for 3ds Max 2016 64-bit (HKLM\...\{1C4FFAF0-6DBB-4F7A-A386-46747D060826}) (Version: 18.0.0.0 - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2016 (HKLM\...\{9167CA34-4E58-49E3-8892-3C439739D2D3}) (Version: 18.0 - Autodesk)
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.19 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2016 (HKLM-x32\...\{415A5A54-325E-4815-9940-62A889CA3877}) (Version: 6.3.0.19 - Autodesk)
Autodesk Revit Interoperability for 3ds Max  (HKLM\...\Autodesk Revit Interoperability for 3ds Max ) (Version: 16.0.394.0 - Autodesk)
Autodesk Revit Interoperability for 3ds Max  (Version: 16.0.394.0 - Autodesk) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitTorrent (HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\BitTorrent) (Version: 7.9.8.42450 - BitTorrent Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0811.443.6667 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.21 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
DuelystLauncher (HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\launcher) (Version: 0.0.9 - Counterplay Games Inc.)
f.lux (HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\Flux) (Version:  - )
Facebook Games Arcade 0.10.0.3 (HKLM-x32\...\{C3B7C124-136A-4E19-B21C-BDA26F8BA5A7}) (Version: 0.10.0.3 - Facebook)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Google2SRT (HKLM-x32\...\{42831FA4-7960-411E-B8E4-5D8A4F8180C2}) (Version: 0.7.4 - Google2SRT)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.23.39449 - HearthstoneTracker.com)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Championify verzia 1.2.10 (HKLM-x32\...\{1AE5DA33-DB00-453C-9190-FB14C0BBDBE7}_is1) (Version: 1.2.10 - Dustin Blackman)
Innkeeper (HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\Innkeeper) (Version: 0.3.0 - Curse Inc.)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{EFD40A4B-212B-4CD4-8A5D-175F759E5361}) (Version: 5.0.10.2907 - Intel Corporation)
Intel® Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
K-Lite Codec Pack 11.9.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.9.0 - KLCP)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes Anti-Malware verzia 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 5.0.0.24 - MSI)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version:  - NCSOFT)
NVIDIA PhysX (HKLM-x32\...\{E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}) (Version: 9.09.1112 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Overwatch (HKLM-x32\...\Overwatch) (Version:  - Blizzard Entertainment)
Overwatch Test (HKLM-x32\...\Overwatch Test) (Version:  - Blizzard Entertainment)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.97.31.0 - Overwolf Ltd.)
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.8.5-r108883-release - Plays.tv, LLC)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.6-r115593-release - Raptr, Inc)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
RebelBetting 5.6 (HKLM-x32\...\RebelBetting) (Version: 5.6 - Clarobet AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Subtitle Workshop 6.0b (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.19.0 - Synaptics Incorporated)
System Ninja version 3.1.2 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.1.2 - SingularLabs)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TP-LINK Archer T2U_T2UH Driver (HKLM-x32\...\{F2496892-5295-4208-AB93-21F1AFD07C97}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Viber (HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\{28758ae6-92af-41a4-b9de-53a3eb0ccd3a}) (Version: 6.0.5.1518 - Viber Media Inc.)
Viber (x32 Version: 6.0.5.1518 - Viber Media Inc.) Hidden
VisualSubSync (remove only) (HKLM-x32\...\VisualSubSync) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-2) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.17.0 (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.30 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
XFast LAN v10.10 (HKLM\...\XFast LAN) (Version: 10.10 - cFos Software GmbH, Bonn)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4108570940-403023662-39266533-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Joker\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\FileCoAuth.exe (Microsoft Corporation)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {15C75669-7A06-40FD-9493-35ACC92B5F7E} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-01-29] ()
Task: {28C268E6-F5C4-41B9-94A6-090DE6ADA0D1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-11] (Microsoft Corporation)
Task: {562177F2-175A-4E4E-92A3-FAA2FD720419} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-NE5EKV6-Joker DESKTOP-NE5EKV6 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {5D7ED558-F5AE-47C0-A013-078E4058A4B6} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-08-11] (Advanced Micro Devices, Inc.)
Task: {6D99ECE9-C28D-49F5-9B7C-EFFAC61E4B58} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-25] (Google Inc.)
Task: {99C62BED-C10C-49AC-943A-4DA4695003A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-25] (Google Inc.)
Task: {9B9A5566-8AE6-4307-B438-480CB22B0240} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-05] (Piriform Ltd)
Task: {B297E96C-9BDB-4DE4-99FF-D4ECC43E3934} - System32\Tasks\cFos\Registration Tasks\Open Browser => Chrome.exe "hxxp://localhost:1487/cfosspeed/pingstat.htm"
Task: {CC17182B-596B-4D2A-A60E-E6D714122FF7} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-08-14] (Overwolf LTD)
Task: {FFE3B90B-AC2B-4B98-A9F1-9CC694D0BCE7} - System32\Tasks\MSISW_Host => C:\WINDOWS\SysWOW64\muachost.exe [2015-08-18] (MSI)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-07-13 13:39 - 2016-07-01 06:48 - 02656408 _____ () c:\windows\system32\CoreUIComponents.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-13 13:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 13:39 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-05-02 17:04 - 2016-05-02 17:04 - 00959176 _____ () C:\Users\Joker\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64\ClientTelemetry.dll
2016-04-19 07:49 - 2016-04-19 07:49 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-18 16:10 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 13:41 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-01-13 17:48 - 2014-08-08 16:00 - 00844800 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2016-08-01 19:34 - 2016-08-01 19:34 - 00042928 _____ () C:\Users\Joker\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe
2016-08-25 18:33 - 2016-08-25 18:33 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-09-10 07:29 - 2015-09-10 07:29 - 00117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_3.6.23981.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2016-07-13 13:39 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 13:39 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 13:39 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 13:39 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-08 18:22 - 2016-02-24 06:48 - 00062024 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\QtSolutions_Service-head.dll
2015-12-08 18:22 - 2016-02-24 06:47 - 00110664 _____ () C:\Program Files (x86)\Common Files\Autodesk Shared\AppManager\R1\qjson0.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00028160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\servicemanager.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00041472 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32service.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_hashlib.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00017920 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00019968 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32evtlog.pyd
2015-11-24 22:48 - 2015-11-24 22:48 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_socket.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ssl.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\_ctypes.pyd
2015-11-24 22:46 - 2015-11-24 22:46 - 00354304 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom26.dll
2015-11-24 22:48 - 2015-11-24 22:48 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01980928 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2015-12-07 22:57 - 2015-12-07 22:57 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 01862144 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2015-11-24 22:47 - 2015-11-24 22:47 - 04060160 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2015-11-24 22:43 - 2015-11-24 22:43 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\select.pyd
2016-04-19 07:49 - 2016-04-19 07:49 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 07:49 - 2016-04-19 07:49 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-04-19 07:49 - 2016-04-19 07:49 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-04-19 07:49 - 2016-04-19 07:49 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-19 07:49 - 2016-04-19 07:49 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2016-08-21 19:23 - 2016-08-10 16:54 - 00042064 _____ () C:\Users\Joker\AppData\Local\Viber\qrencode.dll
2016-08-21 19:23 - 2016-08-10 16:55 - 00397904 _____ () C:\Users\Joker\AppData\Local\Viber\imageformats\qsvg.dll
2016-01-13 17:48 - 2014-08-08 16:02 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2016-01-13 17:45 - 2014-05-13 18:59 - 00195072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2016-01-13 17:45 - 2014-05-27 11:54 - 00194560 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRa.dll
2016-01-13 17:45 - 2014-04-17 10:52 - 01206576 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RaWLAPI.dll
2016-07-29 19:01 - 2016-07-29 19:01 - 01029120 _____ () C:\Users\Joker\AppData\Local\Facebook\Games\CefSharp.Core.dll
2016-07-29 19:01 - 2016-07-29 19:01 - 49805824 _____ () C:\Users\Joker\AppData\Local\Facebook\Games\libcef.dll
2016-07-29 19:01 - 2016-07-29 19:01 - 00688640 _____ () C:\Users\Joker\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.Core.dll
2016-07-29 19:01 - 2016-07-29 19:01 - 01665024 _____ () C:\Users\Joker\AppData\Local\Facebook\Games\libglesv2.dll
2016-07-29 19:01 - 2016-07-29 19:01 - 00074752 _____ () C:\Users\Joker\AppData\Local\Facebook\Games\libegl.dll
2016-08-30 14:30 - 2016-08-11 06:58 - 01587592 _____ () C:\Users\Joker\AppData\Local\Innkeeper\app-0.3.0\Electron\bin\InnkeeperUI-win32-ia32\libglesv2.dll
2016-08-30 14:30 - 2016-08-11 06:58 - 00018312 _____ () C:\Users\Joker\AppData\Local\Innkeeper\app-0.3.0\Electron\bin\InnkeeperUI-win32-ia32\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Joker:Heroes & Generals [38]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-11-18 19:31 - 2015-11-18 19:30 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4108570940-403023662-39266533-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Joker\Pictures\13411642_876288182482995_4977504738326121206_o.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "ISCT Tray"
HKLM\...\StartupApproved\Run32: => "GammingApp"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "ADSKAppManager"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\StartupApproved\Run: => "Innkeeper"
HKU\S-1-5-21-4108570940-403023662-39266533-1001\...\StartupApproved\Run: => "Overwolf"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E5754D11-0CFF-46E4-83F9-B1158153B5DD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6D4AB372-C1E1-4909-8E3B-11D1DB4B426D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{37ABAE15-7FC3-4F8E-BF57-FEE85C3B9A33}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{784D8415-95F9-4B8B-996A-B235D569AE13}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4A6871D1-AA17-44C5-A7C4-45AF2D01216C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{81F17FE4-8CC8-415E-8175-2365BAA6ED5A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{2BD9FFC3-B7A1-431D-B4F4-88356948BF09}C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe
FirewallRules: [UDP Query User{260FFD12-4E9B-4FD5-8C3F-D1757533B476}C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\jp2launcher.exe
FirewallRules: [{D0EA9D6C-2852-4BD2-9EFC-5D905AD80C6E}] => (Allow) C:\Users\Joker\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{97C124F3-AF66-4E91-B1F9-790BD0D49344}] => (Allow) C:\Users\Joker\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{98978D62-24B7-49E3-BB00-36A26B78C178}] => (Allow) C:\Users\Joker\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E0918CBF-6D7C-4933-97E7-679C5C3EB9F2}] => (Allow) C:\Users\Joker\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F304D160-BD69-4EBA-AAD4-1292FEDFDF2F}] => (Allow) C:\Users\Joker\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{6533D12E-EA48-4C47-A63E-C75C4DF65171}] => (Allow) C:\Users\Joker\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E05739E8-5DD8-4B85-A60D-A5E286965ED3}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
FirewallRules: [{C99907C1-D253-48D6-99E9-F11DCA664F61}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64server.exe
FirewallRules: [{BE46BE60-98F1-43D9-A909-026651D9A0C1}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{BB90C9A5-5939-439B-811A-CA06B2F8FA6A}] => (Allow) C:\Program Files\Autodesk\3ds Max 2016\NVIDIA\Satellite\raysat_3dsmax2016_64.exe
FirewallRules: [{78180C17-9EDD-4BBF-ADFD-C2325A86822E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{22B8A3D6-80B1-4150-9113-502686670D5B}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{AB72CABA-4AD9-4EFF-88D7-F8DD1D319EDD}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4BBBEA4D-2EB2-4110-AE21-995FF4D05C23}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{F014F522-86E3-453A-A51D-A406919D07C8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{2107F250-D1D7-49AF-8FCC-8D13094595A9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{73587258-29D3-4A7B-B636-F02CF57176AC}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{734E4C10-B53D-45F6-92C8-6303FF9A282A}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{D8033D48-BAD1-45B7-A70A-D3BBABCEF526}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{125442AE-F57E-452C-8928-7640B9E7A353}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{262EDEB8-98ED-4639-AEAD-AEC2667D7F1D}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [{2574590E-61CA-44E9-91A8-35932072A506}] => (Allow) C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RTLDHCP.exe
FirewallRules: [TCP Query User{A7C904E8-3B74-4C92-BF13-7F875995EED8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{CDCC5F5D-6332-4B96-9671-923FE3CDBE14}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{1AB5762C-2F3D-4460-AA29-22DBA1B1ECE2}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{FAB8F0FC-08B7-48A8-A970-5A039C2D64EA}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{43C645D9-16CE-45A8-8969-E7FDA339C591}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{156CB228-8733-4288-9595-0A3D9503A06C}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{B1D3CEBD-0772-4A16-BA00-6579FCACF8CB}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe
FirewallRules: [{3D930EBB-1E95-4572-8DCA-E7A6B189C7BA}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe
FirewallRules: [TCP Query User{52448DE5-B1C1-4D71-A258-7847DFB42C9B}C:\program files (x86)\hearthstonetracker\hearthcap.exe] => (Allow) C:\program files (x86)\hearthstonetracker\hearthcap.exe
FirewallRules: [UDP Query User{765DAEFA-5F9B-4779-9D82-A69DBF0EB6A6}C:\program files (x86)\hearthstonetracker\hearthcap.exe] => (Allow) C:\program files (x86)\hearthstonetracker\hearthcap.exe
FirewallRules: [TCP Query User{52A47451-1C11-4508-A643-B25EEC1C30F1}C:\users\joker\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\joker\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [UDP Query User{6F9D2DD3-18CE-481F-BF84-7EE39F28B54C}C:\users\joker\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe] => (Allow) C:\users\joker\appdata\roaming\xiaomi\miphonemanager\plugin\xunlei\download\minithunderplatform.exe
FirewallRules: [{C8125CCA-3950-4BC1-B496-67C52D9F9B76}] => (Allow) C:\Users\Joker\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2BDF4ACB-ACDE-4569-8B9F-648B7C7976C1}] => (Allow) C:\Users\Joker\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B1564116-E653-4DD2-8119-A4DE407EEC22}] => (Allow) C:\Users\Joker\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{08E2B499-9320-4F99-BB0F-C86A3AE3DCEF}] => (Allow) C:\Users\Joker\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{7E661C60-21ED-4C6E-B053-D894386D9D82}] => (Allow) C:\Users\Joker\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C4A5E473-7544-4795-8B30-54A124AE538E}] => (Allow) C:\Users\Joker\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{3089B451-476E-400D-AC4E-F9A56EA6C689}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{B01C06EE-C799-4C00-A4E2-542C6C6C6A4E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{52EB201F-730C-40D5-98BB-C9DB74E5CFE2}C:\users\joker\appdata\roaming\bittorrent\updates\7.9.7_42331.exe] => (Allow) C:\users\joker\appdata\roaming\bittorrent\updates\7.9.7_42331.exe
FirewallRules: [UDP Query User{2D967625-9161-4D54-8439-1643E8C031DD}C:\users\joker\appdata\roaming\bittorrent\updates\7.9.7_42331.exe] => (Allow) C:\users\joker\appdata\roaming\bittorrent\updates\7.9.7_42331.exe
FirewallRules: [{0396743B-DFB3-416C-B2E9-0F282D0E84A5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F93F2B4A-22B2-4D70-A3A6-88A6A0FB992D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E27DDC79-7C01-4599-99E1-BD2B6AC70856}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [TCP Query User{40239921-5B50-4F45-857A-FD408F041263}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{810956F1-9E08-4D00-A3DD-D708B1E9018C}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{6916D5F3-DE33-40B5-868B-E13989958C16}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe
FirewallRules: [UDP Query User{FB113E16-95CC-4034-A3D1-38089BF7864B}C:\program files (x86)\overwatch test\overwatch.exe] => (Allow) C:\program files (x86)\overwatch test\overwatch.exe
FirewallRules: [{035BE508-5C97-4B69-B38F-A2A72343C7F1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{909D0A1E-1968-4A78-A922-546C88CB8BC1}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{469350C8-B1E4-4902-B56A-702251B8530A}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{A5606C76-5E19-491D-ABBC-5F83DC6ED26C}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe

==================== Restore Points =========================

11-08-2016 10:48:16 Windows Update
19-08-2016 21:31:00 Scheduled Checkpoint
27-08-2016 13:55:01 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============

Name: Intel(R) Ethernet Connection (2) I218-V
Description: Intel(R) Ethernet Connection (2) I218-V
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel Corporation
Service: e1iexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/30/2016 11:12:50 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LockApp.exe version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 2834

Start Time: 01d2028b0a35bb19

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe

Report Id: eaf9d245-6e91-11e6-a364-f9d398b8b869

Faulting package full name: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy

Faulting package-relative application ID: WindowsDefaultLockScreen

Error: (08/30/2016 11:12:48 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-NE5EKV6)
Description: Aktivácia aplikácie Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen zlyhala pre chybu: -2144927142 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (08/30/2016 11:12:47 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-NE5EKV6)
Description: Aktivácia aplikácie Microsoft.Windows.Photos_8wekyb3d8bbwe!App zlyhala pre chybu: -2144927142 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (08/29/2016 06:25:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (08/29/2016 06:25:37 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01B language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (08/29/2016 06:19:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: SynTPEnh.exe, verzia: 14.0.19.0, časová značka: 0x4b21b4e3
Názov chybujúceho modulu: SynTPEnh.exe, verzia: 14.0.19.0, časová značka: 0x4b21b4e3
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000004e99f
Identifikácia chybujúceho procesu: 0x1808
Čas spustenia chybujúcej aplikácie: 0x01d202112544cc99
Cesta chybujúcej aplikácie: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Cesta chybujúceho modulu: C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Identifikácia hlásenia: 93b33436-02ca-424e-9d09-4c46b40c5835
Celé meno chybujúceho balíka: 
Identifikácia chybujúcej aplikácie vzhľadom na balík:

Error: (08/29/2016 06:17:59 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.

Details:
	The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/29/2016 06:17:59 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
	The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/29/2016 06:17:59 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
	The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)

Error: (08/29/2016 06:17:59 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
	The specified object cannot be found. Specify the name of an existing object.  (HRESULT : 0x80040d06) (0x80040d06)


System errors:
=============
Error: (08/30/2016 02:46:13 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 02:46:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 02:46:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 02:30:20 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 02:14:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 02:14:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 02:14:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 01:59:22 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 01:44:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.

Error: (08/30/2016 01:44:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-NE5EKV6)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
 and APPID 
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
 to the user DESKTOP-NE5EKV6\Joker SID (S-1-5-21-4108570940-403023662-39266533-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
  Date: 2016-08-30 08:52:56.376
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-27 13:49:01.427
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-25 00:53:26.020
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-23 13:43:17.729
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-22 14:17:11.107
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-21 13:28:54.853
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-19 21:22:39.366
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-18 20:23:40.446
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-17 08:07:51.826
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-08-14 10:16:28.941
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 43%
Total physical RAM: 8142.89 MB
Available physical RAM: 4631.33 MB
Total Virtual: 9422.89 MB
Available Virtual: 6370.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:67.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 75977164)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================