Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

cannot open pc settings, cannot get to safe mode. windows 8.1


  • Please log in to reply

#1
harmomelodic

harmomelodic

    New Member

  • Member
  • Pip
  • 1 posts

Opening pc_settings, I get an error 'this app can't open, try refresh' refresh does nothing except to say some files are missing...use recovery CD

holding down F8 on reboot for safe mode does nothing.

 

files attached...a bunch of core windows processes do not have signatures...???

 

(I found this when trying to update iTunes, it was repeatedly failing to update)

 

I'm using Kaspersky.  It has yet to show anything.

I updated signatures, and did a quick scan already.  I'm stating a full scan now.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
Ran by Chad (administrator) on TEGLON (01-04-2017 13:02:06)
Running from C:\Users\Chad\Downloads
Loaded Profiles: Chad (Available Profiles: Chad)
Platform: Windows 8.1 (Update) (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [595616 2016-04-21] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-985218096-2591489430-401931631-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [479744 2014-10-28] (Microsoft Corporation)
HKU\S-1-5-21-985218096-2591489430-401931631-1001\...\MountPoints2: {7c396f6d-a881-11e5-827b-001fbc119acd} - "H:\LaunchU3.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GIGABYTE OC_GURU.lnk [2014-12-27]
ShortcutTarget: GIGABYTE OC_GURU.lnk -> C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\OC_GURU.exe (GIGABYTE Technology Co.,Ltd.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{398B59D8-A2F1-49A7-9E30-547D15B8512B}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-985218096-2591489430-401931631-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-12-13] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-01] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-08] (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-08] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-06] (AO Kaspersky Lab)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-19] (Microsoft Corporation)
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-02] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [No File]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Chad\AppData\Roaming\mozilla\plugins\npatgpc.dll [2015-12-04] (Cisco WebEx LLC)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default [2017-04-01]
CHR Extension: (Google Slides) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-10]
CHR Extension: (Google Docs) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-10]
CHR Extension: (Google Drive) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-16]
CHR Extension: (YouTube) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Adblock Plus) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-03-21]
CHR Extension: (Google Search) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-16]
CHR Extension: (Google Sheets) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-10]
CHR Extension: (Kaspersky Protection) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhoibnponjcgjgcnfacekaijdbbplhib [2017-02-11]
CHR Extension: (Google Docs Offline) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-28]
CHR Extension: (Prodigy Math Game) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\hndgjbjghbnahgfhcmhkkoibbgdemlia [2016-03-20]
CHR Extension: (Cisco WebEx Extension) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-03-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-18]
CHR Extension: (Gmail) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-06]
CHR Extension: (Chrome Media Router) - C:\Users\Chad\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-13]
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3042032 2017-01-17] (Microsoft Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
S3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [188072 2015-11-04] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [548352 2016-02-10] (Intel Corporation)
R3 e1rexpress; C:\Windows\system32\DRIVERS\e1r64x64.sys [467216 2013-05-03] (Intel Corporation)
R0 IaNVMe; C:\Windows\System32\drivers\IaNVMe.sys [96552 2014-06-05] (Intel Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [196376 2017-03-13] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [509728 2017-03-13] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1017624 2017-03-13] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [57424 2016-12-06] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [136416 2017-03-13] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [199392 2017-03-13] (AO Kaspersky Lab)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-05-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-09-22] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
R3 S3XXx64; C:\Windows\system32\DRIVERS\S3XXx64.sys [73856 2015-02-17] (Identiv)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-01 13:02 - 2017-04-01 13:02 - 00017044 _____ C:\Users\Chad\Downloads\FRST.txt
2017-04-01 13:02 - 2017-04-01 13:02 - 00000000 ____D C:\FRST
2017-04-01 13:01 - 2017-04-01 13:01 - 02424832 _____ (Farbar) C:\Users\Chad\Downloads\FRST64.exe
2017-03-31 13:46 - 2017-03-31 13:46 - 00047194 _____ C:\Users\Chad\Downloads\2016 K1 Documents (Estate of Diane L Char) (1).pdf
2017-03-31 12:43 - 2017-03-31 12:43 - 00047194 _____ C:\Users\Chad\Downloads\2016 K1 Documents (Estate of Diane L Char).pdf
2017-03-24 15:49 - 2017-03-27 22:02 - 00000000 ____D C:\Users\Chad\Documents\2017 fin aid amelia
2017-03-20 21:11 - 2017-03-20 21:11 - 00056197 _____ C:\Users\Chad\Downloads\LOX - Address.pdf
2017-03-19 08:25 - 2017-04-01 12:35 - 00000342 _____ C:\Windows\Tasks\HPCeeScheduleForChad.job
2017-03-19 08:25 - 2017-04-01 02:47 - 00003154 _____ C:\Windows\System32\Tasks\HPCeeScheduleForChad
2017-03-19 08:25 - 2017-03-19 08:25 - 00000000 ____D C:\Users\Chad\AppData\Local\HP_Development_Company,_L
2017-03-17 14:56 - 2017-03-17 14:56 - 00000000 ____D C:\Users\Chad\AppData\Roaming\Hewlett-Packard
2017-03-17 14:51 - 2017-03-24 15:21 - 00000000 ____D C:\Users\Chad\AppData\Roaming\HpUpdate
2017-03-17 14:51 - 2017-03-17 14:52 - 00000000 ____D C:\Users\Chad\AppData\Local\HP
2017-03-17 14:51 - 2017-03-17 14:51 - 00000164 _____ C:\Windows\system32\AddPort.ini
2017-03-17 14:51 - 2017-03-17 14:51 - 00000000 ____D C:\Users\Chad\Desktop\HP
2017-03-17 14:51 - 2017-03-17 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-03-17 14:50 - 2017-04-01 12:39 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-03-17 14:50 - 2017-03-17 14:51 - 00000000 ____D C:\Program Files (x86)\HP
2017-03-17 14:50 - 2017-03-17 14:50 - 00002243 _____ C:\Users\Public\Desktop\HP Support Assistant.lnk
2017-03-17 14:50 - 2017-03-17 14:50 - 00000000 ____D C:\System.sav
2017-03-17 14:50 - 2017-03-17 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2017-03-17 14:49 - 2017-04-01 12:39 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2017-03-17 14:49 - 2017-03-17 14:49 - 00000000 ____D C:\Users\Chad\Downloads\HP Downloads
2017-03-17 14:49 - 2017-03-17 14:49 - 00000000 ____D C:\Users\Chad\AppData\Roaming\hpqLog
2017-03-17 14:49 - 2017-03-17 14:49 - 00000000 ____D C:\Users\Chad\AppData\Local\Hewlett-Packard
2017-03-17 14:49 - 2017-03-17 14:49 - 00000000 ____D C:\ProgramData\HP
2017-03-17 14:49 - 2017-03-17 14:49 - 00000000 ____D C:\HP_Color_LaserJet_Enterprise_M553
2017-03-17 14:49 - 2016-03-21 01:09 - 00311296 _____ (Hewlett-Packard) C:\Windows\system32\hpbcoinsx64.dll
2017-03-17 14:48 - 2017-03-17 14:50 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2017-03-17 14:47 - 2017-03-17 14:47 - 04057776 _____ (Oleg N. Scherbakov) C:\Users\Chad\Downloads\HPSupportSolutionsFramework-12.5.32.203.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-04-01 12:56 - 2014-03-18 06:03 - 00865408 _____ C:\Windows\system32\PerfStringBackup.INI
2017-04-01 12:56 - 2013-08-22 09:36 - 00000000 ____D C:\Windows\Inf
2017-04-01 12:54 - 2016-10-20 23:07 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-04-01 12:52 - 2013-08-22 10:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-04-01 12:45 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-04-01 12:34 - 2014-12-29 04:59 - 00000000 ____D C:\Program Files (x86)\Steam
2017-04-01 12:34 - 2014-12-27 03:11 - 00000000 ____D C:\Users\Chad
2017-03-31 09:19 - 2013-08-22 11:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2017-03-30 17:11 - 2014-12-31 14:38 - 00002254 ____H C:\Users\Chad\Documents\Default.rdp
2017-03-18 13:31 - 2016-10-20 23:07 - 00003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-03-18 13:16 - 2013-08-22 10:44 - 00484952 _____ C:\Windows\system32\FNTCACHE.DAT
2017-03-17 14:49 - 2014-12-27 03:46 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-14 21:16 - 2013-08-22 11:20 - 00000000 ____D C:\Windows\CbsTemp
2017-03-13 09:44 - 2016-10-20 23:07 - 01017624 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2017-03-13 09:44 - 2016-10-20 23:07 - 00196376 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2017-03-13 09:44 - 2016-09-12 23:03 - 00509728 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2017-03-13 09:44 - 2016-09-12 23:03 - 00136416 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
2017-03-13 09:44 - 2016-06-14 17:47 - 00199392 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys
2017-03-13 09:44 - 2013-08-22 09:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-03-02 09:37 - 2013-08-22 11:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-02 09:36 - 2015-01-02 16:09 - 00000000 ____D C:\Program Files\Microsoft Office 15
 
==================== Files in the root of some directories =======
 
2014-12-27 03:46 - 2014-12-27 03:46 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Some files in TEMP:
====================
2016-12-08 18:42 - 2016-12-08 18:42 - 0737856 _____ (Oracle Corporation) C:\Users\Chad\AppData\Local\Temp\jre-8u111-windows-au.exe
2014-12-27 04:31 - 2016-03-08 02:16 - 0721952 _____ (NVIDIA Corporation) C:\Users\Chad\AppData\Local\Temp\nvSCPAPI.dll
2014-12-27 04:31 - 2016-03-08 02:16 - 0842272 _____ (NVIDIA Corporation) C:\Users\Chad\AppData\Local\Temp\nvSCPAPI64.dll
2014-12-29 04:11 - 2016-03-08 02:15 - 0324032 _____ (NVIDIA Corporation) C:\Users\Chad\AppData\Local\Temp\nvStInst.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-03-26 04:01
 
==================== End of FRST.txt ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by Chad (01-04-2017 13:02:24)
Running from C:\Users\Chad\Downloads
Windows 8.1 (Update) (X64) (2014-12-27 07:11:20)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-985218096-2591489430-401931631-500 - Administrator - Disabled)
Chad (S-1-5-21-985218096-2591489430-401931631-1001 - Administrator - Enabled) => C:\Users\Chad
Guest (S-1-5-21-985218096-2591489430-401931631-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-985218096-2591489430-401931631-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Apple Application Support (32-bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashes of the Singularity (HKLM\...\Steam App 228880) (Version:  - Oxide Games)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cisco WebEx Meetings (HKU\S-1-5-21-985218096-2591489430-401931631-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version:  - FromSoftware, Inc)
Dishonored 2 (HKLM\...\Steam App 403640) (Version:  - Arkane Studios)
DOOM (HKLM\...\Steam App 379720) (Version:  - id Software)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{EA298EC1-2B8F-4DA9-8C5B-BC1FCBBAD72F}) (Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.69.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Color LaserJet Enterprise M553 (HKLM-x32\...\{04eddfdb-3203-4605-aa4b-42659b357884}) (Version: 14.0.16124.472 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{4780AF24-213D-4187-86F2-0014A6D6077B}) (Version: 8.3.50.9 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{00612F78-52C4-46C0-97F0-F50B6036B5E2}) (Version: 12.5.32.203 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPCLJEnterpriseM553 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.30 - HP) Hidden
Intel® Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4903.1002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA 3D Vision Controller Driver 364.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 364.44 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 364.51 - NVIDIA Corporation)
NVIDIA Graphics Driver 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.51 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 364.51 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 364.51 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4903.1002 - Microsoft Corporation) Hidden
Offworld Trading Company (HKLM\...\Steam App 271240) (Version:  - Mohawk Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 2.0.0.1 - GOG.com)
Radium (HKLM-x32\...\Steam App 355410) (Version:  - Lukas Jaeckel)
Razer Surround Driver Installer version 1.5 (HKLM-x32\...\{11B11FA5-41ED-43C1-AB4B-905DDEDC72A2}_is1) (Version: 1.5 - inXile Entertainment)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.20.15.29092 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version:  - Firaxis)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
Sid Meier's Starships (HKLM-x32\...\Steam App 282210) (Version:  - Firaxis Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
Torment: Tides of Numenera - Alpha Systems Test (HKLM-x32\...\Steam App 342210) (Version:  - )
Torment: Tides of Numenera (HKLM-x32\...\Steam App 272270) (Version:  - inXile Entertainment)
Total War: ROME II - Emperor Edition (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Undertale (HKLM\...\Steam App 391540) (Version:  - tobyfox)
VanDyke Software SecureCRT and SecureFX 7.2 (HKLM\...\{B0DBE649-D31A-4D5A-8D25-B0036A27B163}) (Version: 7.2.3 - VanDyke Software, Inc.)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version:  - inXile Entertainment)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {2DB5CF7C-D427-473B-8377-2053DF91BF43} - System32\Tasks\HPCeeScheduleForChad => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {3257EA91-AAD3-4D38-8D02-2A573A1F66DA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2017-03-02] (HP Inc.)
Task: {3F24D2F4-E135-4A4E-8EB5-96460DB1964E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {4F63F209-BDB6-4A5A-96D5-E48C42644276} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {573843F5-E04E-4146-AF81-C83A52B2437D} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {6D4CF4DF-896F-4A64-B124-86E11E62A82E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {79D3C387-CDCC-45C5-A138-792A542374D2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-03-10] (HP Inc.)
Task: {7CA2B428-FF82-4236-A8C0-9F4A313233FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {7E17418A-1572-4E23-AEBE-882C99696E57} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {9BA2270A-56E1-4BD7-8DAC-BFD653347262} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-11-01] (Microsoft Corporation)
Task: {B2C3E9C9-2DD6-40BF-9838-ACBDD6961914} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {B8C81677-5B9A-425E-A83F-3F332319BFE9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {D7E38BA9-87F8-47FA-8CFF-88D5757048D3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {D962BA15-9EAC-4B91-8F57-DA96015899FC} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {E1BAB7B0-8524-42BE-A4E0-A818AECFC928} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-01-17] (Microsoft Corporation)
Task: {EC6A2B8C-D155-4761-8200-64E85DD6F683} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-06] (HP Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\HPCeeScheduleForChad.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-12-27 04:31 - 2016-03-08 02:27 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-02 16:09 - 2017-01-17 04:25 - 00117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-11-04 19:11 - 2015-11-04 19:12 - 00188072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-10-30 03:22 - 2016-05-24 12:43 - 08909504 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-07-05 15:22 - 2016-07-05 15:22 - 00313144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-04-05 13:39 - 2016-05-02 02:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-26 04:29 - 2016-02-26 04:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01041208 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-985218096-2591489430-401931631-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{68F4B6B6-9CB8-481A-BE78-35B63300C265}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DAC5AFAC-222E-4C11-8D12-4147B08CB45D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{695252AE-261C-45D4-86C1-84EAAC006A55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{348913C1-C597-4923-9367-472ED399A3E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C366BDA2-7EA8-48D4-B8CD-6C9417B15A50}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EBE9778D-0B24-4729-ADE4-E622B52B4A2C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D60EADC7-A49B-4051-9928-DF74E92E2021}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{0C42E770-01F4-4C52-B530-823672581EC6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Wasteland 2\Build\WL2.exe
FirewallRules: [{463B852B-8DB7-4548-B63E-2DF5F7F4B3E1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{CF75EEEB-94AC-4AB8-A618-FBF167BBC3ED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{71B898D0-093B-4FE9-AC08-7C22D58D402C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{415862B5-5689-400E-BA62-EE521A432B5B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{E6A902D5-4F10-4A7E-9DDA-0E0FE0EDBCB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [{C0A0FA6C-1400-4CD7-A0CD-97AD1B03826B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [{5A4CB118-4050-448C-B297-1F026509C36C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Radium\Radium.exe
FirewallRules: [{7B3483A7-C475-4092-B1CD-110D83DE7568}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Radium\Radium.exe
FirewallRules: [{758A82A0-DBF0-46A0-B7B6-4CCC090231F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{1451DD07-1024-4BDC-A91E-1C362C2A8807}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{2CB355FD-56E9-42CD-A9A8-75576BF4FE30}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{83CE318A-8415-4CF4-9AAC-4B02D86D3BFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Souls II\Game\DarkSoulsII.exe
FirewallRules: [{E55105EB-7A60-4F52-8F2A-9BCB8E8F5EA8}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{652AE1DE-6969-4819-A572-F9375608B321}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torment Tides of Numenera - Alpha Systems Test\WIN\AST0.exe
FirewallRules: [{4D78C71F-C624-4603-ABC0-260705DACD31}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torment Tides of Numenera - Alpha Systems Test\WIN\AST0.exe
FirewallRules: [{DEE0F511-1F7A-448C-ADE0-ED2DA249554E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{A8281EF8-AC92-4FBC-82ED-786CC68FF032}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{DCF2D7B3-4C68-49F5-BE94-8374C735713F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{11221F4B-7178-4EB0-89DC-75FF617B7B20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{CB9C0C9C-897B-4AF6-A736-4B3DC0FEA2E9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torment Tides of Numenera\WIN\TidesOfNumenera.exe
FirewallRules: [{65F7237F-DA0C-4EC2-9751-62292EBA9274}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Torment Tides of Numenera\WIN\TidesOfNumenera.exe
FirewallRules: [{47D670F8-5621-4764-A633-6A479E2E7872}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2B4AEEA7-C3BD-46CF-AF9F-6620C23B79FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7C43D5E6-B084-4A00-8919-72F76B623243}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E3A4259B-0151-428D-A066-5E4029742151}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FE8C2610-A4C8-41AB-AD46-8460AED69ACC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AB8CE729-78F2-40C3-A42E-55EA1395003C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{2B6B5E5B-42A2-47FA-9C7A-98F062D8801C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4CFFF110-EA9F-4C00-9501-54755A2DF01D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2CD9142E-9925-4BA3-ADBA-3E0152ED23B5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B075D2AD-4FC9-450F-905A-D13A1ABFA2AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX11.exe
FirewallRules: [{8F5F6A95-2745-467B-92FE-0483001CC122}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX11.exe
FirewallRules: [{BF346554-EEE8-45DF-8A47-4165A769DE5D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX12.exe
FirewallRules: [{8656C4AB-6445-4416-B823-93149761E533}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ashes of the Singularity\Ashes_DX12.exe
FirewallRules: [{DF3CD2AA-5097-4983-B391-8B1DB150DEC1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{4DF01B44-63A0-45C8-8A26-C3EDC85A13FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DOOM\DOOMx64.exe
FirewallRules: [{7259F099-FEFA-419E-8D30-A4A8D2143277}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{5DBF28F2-56F9-48EC-833E-5451C263FC64}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Kerbal Space Program\KSP_x64.exe
FirewallRules: [{E12FEFEF-620F-4390-86E4-4A27D6D787B9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B53181F0-C7F5-42BF-AAFC-69C76E9BC150}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{A93A205B-3AD2-4F13-BF6B-370D20D615FC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{C33CDCB2-CACF-4C86-8144-775F0D6D576B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{48D696B3-8ED9-4CB3-824C-C0C42ED11940}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored2\Dishonored2.exe
FirewallRules: [{E4C85C47-5C78-4A11-8E88-C128E1C50F94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{83DE359A-B92E-48D4-815D-5C658B7C83B2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Undertale\UNDERTALE.exe
FirewallRules: [{A391E80B-273B-410E-A7F1-A63128DE780D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{55BEE292-D25D-4041-BCC9-6A004DC21C21}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{B6FE41F8-CD24-40AB-BE6E-8FEFD5C124EF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\StardockLauncher.exe
FirewallRules: [{74FF24F4-231A-4F1B-B761-C21994AA9763}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Offworld Trading Company\StardockLauncher.exe
FirewallRules: [{4415FC25-D352-444E-9B33-19D060516F9E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{58755441-0BDE-4033-96EA-E4D952EDE671}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{EEF00477-E552-4461-9CC5-78814A2634A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{40DF0F58-8628-4081-9892-BEACC21277F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{AA9528AF-BBB0-4F4D-9D17-886A91EEE8AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
 
==================== Restore Points =========================
 
06-03-2017 09:27:36 Scheduled Checkpoint
16-03-2017 18:42:36 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (04/01/2017 12:55:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 13.1.0.1058, time stamp: 0x53642550
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0182680d
Faulting process id: 0xdbc
Faulting application start time: 0x01d2ab089fcc5bd7
Faulting application path: C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting module path: unknown
Report Id: f723a40f-16fb-11e7-82aa-001fbc119acd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/01/2017 12:55:10 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (04/01/2017 12:52:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2071.1338, time stamp: 0x5726e00c
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5726d98c
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process id: 0x12ec
Faulting application start time: 0x01d2ab08577572ec
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
Report Id: 966ba460-16fb-11e7-82aa-001fbc119acd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/01/2017 12:47:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: teglon)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (04/01/2017 12:46:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: NvStreamNetworkService.exe, version: 7.1.2071.1338, time stamp: 0x5726e00c
Faulting module name: MessageBus.dll, version: 0.0.0.0, time stamp: 0x5726d98c
Exception code: 0xc0000005
Fault offset: 0x0000000000010f73
Faulting process id: 0xfdc
Faulting application start time: 0x01d2ab078eb99570
Faulting application path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
Report Id: cda56b4b-16fa-11e7-82a9-001fbc119acd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/01/2017 12:43:39 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: teglon)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (04/01/2017 12:39:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (04/01/2017 12:38:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: teglon)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
 
Error: (04/01/2017 12:38:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 13.1.0.1058, time stamp: 0x53642550
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x016c6805
Faulting process id: 0x124c
Faulting application start time: 0x01d2ab06459ecd47
Faulting application path: C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
Faulting module path: unknown
Report Id: 9d092fc4-16f9-11e7-82a8-001fbc119acd
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (04/01/2017 12:38:20 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
 
System errors:
=============
Error: (04/01/2017 12:55:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/01/2017 12:47:03 PM) (Source: DCOM) (EventID: 10001) (User: teglon)
Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error:
"15612"
Happened while starting this command:
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
 
Error: (04/01/2017 12:43:39 PM) (Source: DCOM) (EventID: 10001) (User: teglon)
Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error:
"15612"
Happened while starting this command:
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
 
Error: (04/01/2017 12:39:31 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer GALLIFREY
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{398B59D8-A2F1-49A7-9E30-547D15B8512B}.
The master browser is stopping or an election is being forced.
 
Error: (04/01/2017 12:38:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (04/01/2017 12:38:20 PM) (Source: DCOM) (EventID: 10001) (User: teglon)
Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error:
"15612"
Happened while starting this command:
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
 
Error: (04/01/2017 12:37:09 PM) (Source: DCOM) (EventID: 10001) (User: teglon)
Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error:
"15612"
Happened while starting this command:
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
 
Error: (04/01/2017 12:37:05 PM) (Source: DCOM) (EventID: 10001) (User: teglon)
Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error:
"15612"
Happened while starting this command:
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
 
Error: (04/01/2017 12:36:48 PM) (Source: DCOM) (EventID: 10001) (User: teglon)
Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error:
"15612"
Happened while starting this command:
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
 
Error: (04/01/2017 12:36:44 PM) (Source: DCOM) (EventID: 10001) (User: teglon)
Description: Unable to start a DCOM Server: microsoft.windows.immersivecontrolpanel as Unavailable/Unavailable. The error:
"15612"
Happened while starting this command:
"C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5930K CPU @ 3.50GHz
Percentage of memory in use: 9%
Total physical RAM: 32691.78 MB
Available physical RAM: 29640.49 MB
Total Virtual: 37555.78 MB
Available Virtual: 33779.73 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:744.7 GB) (Free:394.59 GB) NTFS
Drive d: (Datalore) (Fixed) (Total:1862.89 GB) (Free:1105.61 GB) NTFS
Drive f: (CANON_DC) (Removable) (Total:7.47 GB) (Free:5.13 GB) FAT32
Drive h: (Seagate Backup Plus Drive) (Fixed) (Total:4657.4 GB) (Free:3912.29 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 745.2 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 4657.5 GB) (Disk ID: 9AB8C987)
 
Partition: GPT.
 
========================================================
Disk: 4 (Size: 7.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

Attached Files


Edited by RKinner, 02 April 2017 - 08:42 PM.

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,026 posts
  • MVP

You're getting a lot of errors related to 

Intel® Rapid Storage Technology so I would try updating it:

 

https://downloadcent...r?product=55005

 

Then check your file system:

 

Open an elevated command prompt:
 
 
If you open an elevated command prompt it will by default open in c:\Windows\system32
 
Once you have an elevated command prompt:
 
Type(with an Enter after each line):
 
 
DISM  /Online  /Cleanup-Image  /RestoreHealth
 
 (I use two spaces so you can be sure to see where one space goes.)
This will take a while to complete.  Once the prompt returns:
 
Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
 
sfc  /scannow

 

 

 
 
 
This will also take a few minutes.  
 
When it finishes it will say one of the following:
 
Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
Which do you get?
 
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt 
 
Hit Enter.  Then type::
 
notepad  \junk.txt 
 
Hit Enter. 
 
 Copy the text from notepad and paste it into a reply.
 
 
After you finish SFC:
 
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP