Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-09-2017 Ran by iTzHDz (25-09-2017 13:16:25) Running from C:\Users\iTzHDz\Desktop Windows 7 Professional Service Pack 1 (X64) (2017-09-19 19:43:19) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3878856725-784265099-1576118965-500 - Administrator - Disabled) Guest (S-1-5-21-3878856725-784265099-1576118965-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3878856725-784265099-1576118965-1002 - Limited - Enabled) iTzHDz (S-1-5-21-3878856725-784265099-1576118965-1000 - Administrator - Enabled) => C:\Users\iTzHDz ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189} AV: AVG Antivirus (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Antivirus (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated) Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.2.8 - ASUSTek COMPUTER INC.) Hidden ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.2.8 - ASUSTek COMPUTER INC.) AVG (HKLM\...\{BA40B3B4-7707-437E-84FF-8C18BE5AD9B6}) (Version: 1.211.2 - AVG Technologies) Hidden AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 17.6.3029 - AVG Technologies) Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Discord (HKU\S-1-5-21-3878856725-784265099-1576118965-1000\...\Discord) (Version: 0.0.298 - Discord Inc.) FMW 1 (HKLM\...\{2B66FCDA-0BD6-47CC-8EC5-C2EA02E03EB2}) (Version: 1.224.4 - AVG Technologies) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation) Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - ) Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Mozilla Firefox 55.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 55.0.3 (x64 en-US)) (Version: 55.0.3 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla) NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation) NVIDIA 3D Vision Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation) NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation) NVIDIA Graphics Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation) NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation) osu! (HKLM-x32\...\{ddd51bd8-d254-448d-9f8c-b6051e705966}) (Version: latest - ppy Pty Ltd) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.) RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games) Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.) SteelSeries Engine 3.11.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.4 - SteelSeries ApS) Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN) Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.) Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-09-20] (AVG Technologies CZ, s.r.o.) ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation) ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2017-09-20] (AVG Technologies CZ, s.r.o.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {00F49097-8B14-4A07-B830-CE10F8554811} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-20] (Adobe Systems Incorporated) Task: {055397A2-7B8C-4BE0-9E22-3709B165AA07} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation) Task: {1F558228-F957-41CF-BFDC-1EDED92E41C2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation) Task: {21C48684-9045-4A5B-8924-9C91838C5B21} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2017-08-25] (TODO: ) Task: {470C7F1F-F842-4F8A-8E40-E2CC3723EEF1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation) Task: {7CAF7B85-1672-4694-B0B2-E1BEB32F8BF0} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe Task: {93F9CFFA-5703-425C-9BC5-116B84ACD689} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation) Task: {A7A11617-C7BF-4D08-8331-255F9B7FC5E4} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2017-09-20] (AVG Technologies CZ, s.r.o.) Task: {AA9C6C8A-E4E9-42C3-B467-B8F003BADC51} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-20] (Adobe Systems Incorporated) Task: {B5AD5B1D-9341-4450-8FC8-373E2ADCE948} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation) Task: {E1D70C99-4F4A-4842-8164-523A379CED34} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation) Task: {E967B304-1A55-4935-A90B-A76AFB2F65E0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation) Task: {F7BBBDBB-951A-4A3D-9242-7C78CA8F5648} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-09-19] (NVIDIA Corporation) Task: {FC7FC267-43CC-4A22-A485-CE386B4A10A6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2017-09-19 23:51 - 2017-08-22 02:10 - 000133752 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2017-09-22 22:41 - 2017-01-22 15:20 - 000933840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe 2017-09-20 07:58 - 2017-09-19 10:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2015-03-07 03:07 - 2015-03-07 03:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2017-08-18 12:01 - 2017-08-18 12:01 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 03:07 - 2015-03-07 03:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2017-08-18 12:01 - 2017-08-18 12:01 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000068528 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\module_lifetime.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000170952 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\vaarclient.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000826064 _____ () C:\Program Files (x86)\AVG\Antivirus\x64\ffl2.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000287832 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll 2013-07-14 17:33 - 2014-07-06 23:43 - 000486912 _____ () F:\.HD stuff\..Tools\.Open HW\.OpenHardwareMonitor.exe 2012-05-27 18:05 - 2014-07-06 23:43 - 000149504 _____ () F:\.HD stuff\..Tools\.Open HW\Aga.Controls.dll 2013-07-14 17:33 - 2014-07-06 23:43 - 000259584 _____ () F:\.HD stuff\..Tools\.Open HW\OpenHardwareMonitorLib.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000060160 _____ () C:\Program Files (x86)\AVG\Antivirus\module_lifetime.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000168216 _____ () C:\Program Files (x86)\AVG\Antivirus\JsonRpcServer.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000213024 _____ () C:\Program Files (x86)\AVG\Antivirus\event_routing_rpc.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000243080 _____ () C:\Program Files (x86)\AVG\Antivirus\tasks_core.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000150688 _____ () C:\Program Files (x86)\AVG\Antivirus\network_notifications.dll 2017-09-22 22:27 - 2017-09-22 22:27 - 005900424 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17092400\algo.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000686808 _____ () C:\Program Files (x86)\AVG\Antivirus\ffl2.dll 2017-09-24 18:03 - 2017-09-24 18:03 - 005900424 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\17092500\algo.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 000242568 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll 2017-09-22 22:41 - 2017-09-24 18:03 - 000032768 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\PEbiosinterface32.dll 2017-09-22 22:41 - 2015-09-17 10:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\ATKEX.dll 2017-09-20 18:28 - 2017-09-20 18:28 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll 2017-09-20 18:30 - 2017-09-20 18:30 - 067109376 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll 2017-09-20 07:58 - 2017-09-19 10:23 - 069807552 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll 2017-09-20 07:58 - 2017-09-19 10:23 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-09-14 15:24 - 2017-09-09 22:25 - 000688416 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\SDL2.dll 2016-10-07 02:48 - 2016-09-01 04:02 - 004969248 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\v8.dll 2016-10-07 02:48 - 2016-09-01 04:02 - 001563936 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\icui18n.dll 2016-10-07 02:48 - 2016-09-01 04:02 - 001195296 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\icuuc.dll 2017-09-16 12:50 - 2017-09-22 05:02 - 002544928 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\video.dll 2016-10-07 02:48 - 2016-01-27 10:49 - 002549760 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\libavcodec-56.dll 2016-10-07 02:48 - 2016-01-27 10:49 - 000442880 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\libavutil-54.dll 2016-10-07 02:48 - 2016-01-27 10:49 - 000491008 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\libavformat-56.dll 2016-10-07 02:48 - 2016-01-27 10:49 - 000332800 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\libavresample-2.dll 2016-10-07 02:48 - 2016-01-27 10:49 - 000485888 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\libswscale-3.dll 2017-09-16 12:50 - 2017-09-22 05:02 - 000901408 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\bin\chromehtml.DLL 2016-10-07 02:48 - 2016-07-05 01:17 - 000266560 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\openvr_api.dll 2017-09-14 15:24 - 2017-08-17 01:28 - 073130272 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\bin\cef\cef.win7\libcef.dll 2017-09-14 15:24 - 2017-09-07 05:04 - 000678400 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\bin\cef\cef.win7\SDL2.dll 2016-10-07 02:48 - 2015-09-25 02:52 - 000119208 _____ () F:\.HD stuff\Steam\Steam\Steam\Steam\winh264.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2009-06-11 00:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3878856725-784265099-1576118965-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\iTzHDz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 8.8.8.8 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{4A11917C-261D-477F-B3C5-2AABA7422848}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{E75696AC-048B-4A5E-BE33-602F36949541}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{FED9475D-6AD4-4F1C-BE86-3E4D904DD8BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{DC9A5319-831F-4ADA-84AB-63AED54CA538}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{54CF80DE-F02B-46C4-8341-265D35DAFEEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{884F0F07-59AE-4464-BD10-D39F2AA77042}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{1D1CA0B3-9B76-40E5-9A89-3DCC08422352}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{A924F110-7E78-456A-ABBD-A1B8DC486E9B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{11FF3EA7-0362-402F-9917-7A332D767C30}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{D99F6467-F9A9-4828-A96C-1D84653E8293}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\Steam.exe FirewallRules: [{9220C826-445B-4A4A-991D-B58E2A77777E}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\Steam.exe FirewallRules: [{06F6A82C-E7FE-43E8-803B-91D4A72C0A47}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{04BD5C0F-A934-45C2-8A53-B4E7E1B6A723}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{DE09E3B7-5890-4C2E-B1D1-A0C7969023C9}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [{06AEA011-36EE-4801-90F0-2A55A67BF8FC}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe FirewallRules: [TCP Query User{AC6C9200-4568-4946-A45F-C36C072F0BA8}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{0275B3B4-FE93-49D3-A663-F2A63660957E}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{7BDFDF7B-DC7A-420E-B8CC-025F328A9571}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\city car driving\bin\win32\starter.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\city car driving\bin\win32\starter.exe FirewallRules: [UDP Query User{6E47E3B0-71E0-403F-B5A0-C5409E2B2259}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\city car driving\bin\win32\starter.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\city car driving\bin\win32\starter.exe FirewallRules: [TCP Query User{32B01509-96FF-4202-879A-242B1E9E9EA3}F:\.hd stuff\installed games do not transfer\far cry primal\bin\fcprimal.exe] => (Block) F:\.hd stuff\installed games do not transfer\far cry primal\bin\fcprimal.exe FirewallRules: [UDP Query User{D150FA30-F055-4C27-933A-865A74B9BB72}F:\.hd stuff\installed games do not transfer\far cry primal\bin\fcprimal.exe] => (Block) F:\.hd stuff\installed games do not transfer\far cry primal\bin\fcprimal.exe FirewallRules: [{542EDABD-4ED3-4174-A613-659AE069AEA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe FirewallRules: [{661FB018-0AC6-491E-8B8A-DBDEF2C2E714}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{38EFC4C4-C11C-4127-8061-203B5A77B4C7}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{1E42D13B-526C-4931-81E1-B49FF756E264}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{EA01FFF9-1849-4A7D-9C4C-287341893C2A}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{BA8D4A8C-A02E-48A1-A227-A72C79E18578}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{DC7FD35B-17FE-49F8-B64B-7328C490AF52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{1BC961EF-80D4-445D-B1B7-AF6EA6AA06A6}F:\.hd stuff\games\hearthstone\hearthstone\hearthstone.exe] => (Allow) F:\.hd stuff\games\hearthstone\hearthstone\hearthstone.exe FirewallRules: [UDP Query User{BDDA0141-33D0-4201-81E1-D0AF1A3D77D6}F:\.hd stuff\games\hearthstone\hearthstone\hearthstone.exe] => (Allow) F:\.hd stuff\games\hearthstone\hearthstone\hearthstone.exe FirewallRules: [TCP Query User{B3FD2D56-D475-4C58-A9AE-B80508FCE05A}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe FirewallRules: [UDP Query User{96EAFC04-F83D-4BEA-A508-F5E1871FDDB8}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe FirewallRules: [{9C07D2AB-25BC-4880-9C6F-23FECB8C7A34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe ==================== Restore Points ========================= 22-09-2017 22:40:45 Installed ASUS GPU TweakII 24-09-2017 18:06:50 Removed Skype™ 7.40 24-09-2017 18:13:38 Windows Update 24-09-2017 19:01:57 Removed Skype™ 7.40 ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (09/24/2017 06:03:40 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/24/2017 06:03:49 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/24/2017 06:03:59 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/24/2017 06:03:43 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/24/2017 06:03:45 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/22/2017 10:26:55 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/22/2017 10:37:38 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program FCPrimal.exe version 1.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 17f8 Start Time: 01d333d9921b3265 Termination Time: 167 Application Path: F:\.HD stuff\INSTALLED GAMES DO NOT TRANSFER\Far Cry Primal\bin\FCPrimal.exe Report Id: Error: (09/22/2017 10:27:02 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (09/22/2017 10:34:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: GTA5.exe, version: 1.0.1180.2, time stamp: 0x599d9281 Faulting module name: GTA5.exe, version: 1.0.1180.2, time stamp: 0x599d9281 Exception code: 0x80000003 Fault offset: 0x0000000001219dd3 Faulting process id: 0x1d98 Faulting application start time: 0x01d333dabd3e582e Faulting application path: F:\.HD stuff\Steam\Steam\Steam\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe Faulting module path: F:\.HD stuff\Steam\Steam\Steam\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe Report Id: 05b48496-9fcd-11e7-9530-10c37b6b0477 Error: (09/22/2017 10:26:47 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. System errors: ============= Error: (09/24/2017 06:46:04 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: Event-ID 14 Error: (09/24/2017 06:06:32 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: Event-ID 14 Error: (09/24/2017 06:05:01 PM) (Source: nvlddmkm) (EventID: 14) (User: ) Description: Event-ID 14 Error: (09/24/2017 06:03:02 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: Driver USB returned invalid ID for a child device (00000000). Error: (09/24/2017 06:03:02 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: Driver USB returned invalid ID for a child device (018D36683032). Error: (09/24/2017 06:04:23 PM) (Source: Application Popup) (EventID: 56) (User: ) Description: Driver USB returned invalid ID for a child device (018D36683032). Error: (09/22/2017 10:41:39 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout. Error: (09/22/2017 10:40:29 PM) (Source: DCOM) (EventID: 10001) (User: ) Description: Unable to start a DCOM Server: {B3EDE298-AE75-4A1C-AB7E-1B9229B77BBE} as /. The error: "740" Happened while starting this command: C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe -Embedding Error: (09/22/2017 11:17:09 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout. Error: (09/22/2017 11:10:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Steam Client Service service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-09-25 13:38:57.026 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-24 18:36:28.170 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-24 18:26:35.113 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-24 19:01:09.577 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. Date: 2017-09-20 07:40:53.994 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz Percentage of memory in use: 42% Total physical RAM: 8134.93 MB Available physical RAM: 4670.39 MB Total Virtual: 16268.04 MB Available Virtual: 12304.46 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:119.14 GB) (Free:70.66 GB) NTFS Drive e: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.28 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: (New Volume) (Fixed) (Total:931.17 GB) (Free:188.68 GB) NTFS ==================== MBR & Partition Table ================== ==================== End of Addition.txt ============================