Done, attached logs
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2017
Ran by Bosscoe (administrator) on BOSSCOE-PC (09-08-2017 10:42:35)
Running from F:\Firefox Downloads\Firefox Downloads
Loaded Profiles: Bosscoe (Available Profiles: Bosscoe & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Windows\DAODx.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Akamai Technologies, Inc.) C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
(Akamai Technologies, Inc.) C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-13] (Piriform Ltd)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: {7723796b-f524-11e0-aa52-20cf30e261e8} - N:\Setup.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: {7b486a9d-b8fd-11e2-99c7-20cf30e261e8} - E:\setup.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: {870825a6-dcd9-11e4-b906-20cf30e261e8} - E:\Startme.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: {87f80a16-0df7-11e1-9476-20cf30e261e8} - G:\Setup.exe
AppInit_DLLs: C:\Users\Bosscoe\AppData\Local\Linkey\IEEXTE~1\iedll64.dll => No File
AppInit_DLLs-x32: C:\Users\Bosscoe\AppData\Local\Linkey\IEEXTE~1\iedll.dll => No File
AppInit_DLLs-x32: bitguard\261694~1.246\{c16c1~1\bitguard.dll => No File
Startup: C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk [2016-06-29]
ShortcutTarget: Samsung Auto Backup Guage.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.)
Startup: C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk [2016-06-29]
ShortcutTarget: Samsung Auto Backup Real-Time Daemon.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.)
Startup: C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk [2016-06-29]
ShortcutTarget: Samsung Auto Backup Scheduler.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.)
GroupPolicy: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{34f61d3e-7cc2-4773-873b-aefd03d115c8} <==== ATTENTION (Restriction - IP)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{984FF24D-20C0-4F06-B76A-38C258B5BEB5}: [DhcpNameServer] 10.0.0.138
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1337583389-873375944-2258466276-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com.au/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337583389-873375944-2258466276-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-1337583389-873375944-2258466276-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com.au/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-08-21] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-21] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - No File
FireFox:
========
FF ProfilePath: C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929 [2017-08-09]
FF Extension: (AdBlocker Ultimate) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\
[email protected] [2017-05-29]
FF Extension: (YouTube mp3) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\
[email protected] [2017-03-07]
FF Extension: (Places Maintenance) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\
[email protected] [2017-06-03]
FF Extension: (Video DownloadHelper) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Fasterfox) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2017-03-07]
FF Extension: (Adblock Plus) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (YouTube Flash Video Player) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2017-06-21]
FF Extension: (TLS 1.3 Compatibility Testing of Middleboxes) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\features\{695f32f9-9962-44ba-83fc-2fe6b4983610}\
[email protected] [2017-07-23]
FF Extension: (Click-to-Play staged rollout) - C:\Program Files (x86)\Mozilla Firefox\browser\features\
[email protected] [2017-08-05] [not signed]
FF Extension: (Follow-on Search Telemetry) - C:\Program Files (x86)\Mozilla Firefox\browser\features\
[email protected] [2017-08-05] [not signed]
FF Extension: (Shield Recipe Client) - C:\Program Files (x86)\Mozilla Firefox\browser\features\
[email protected] [2017-08-05] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-09-30] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [
[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-06-25] (Oracle Corporation)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-28] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-08-21] (RealPlayer)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012-08-21] (RealPlayer)
Chrome:
=======
CHR HKU\S-1-5-21-1337583389-873375944-2258466276-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bkdegagmpemadclljncealhmmkojfoam] - C:\ProgramData\Wondershare\Player\
[email protected] <not found>
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-20]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2625368 2017-06-13] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-12-21] (Nalpeiron Ltd.) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-28] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-06-21] ()
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-20] ()
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2017-08-05] (VIA Technologies, Inc.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-08-05] (Advanced Micro Devices Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132824 2017-06-22] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107344 2017-05-04] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178056 2017-05-04] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [77224 2017-05-04] (ESET)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-04-06] (Logitech Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
S3 SaiK0CCC; C:\Windows\System32\DRIVERS\SaiK0CCC.sys [171016 2010-04-29] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [22664 2010-04-24] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [49928 2010-04-24] (Saitek)
S3 SaiU0CCC; C:\Windows\System32\DRIVERS\SaiU0CCC.sys [41096 2010-04-29] (Saitek)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-09 10:33 - 2017-08-09 10:33 - 000040944 _____ C:\Users\Bosscoe\Desktop\BOSSCOE-PC.txt
2017-08-09 09:35 - 2017-08-09 09:35 - 000011164 _____ C:\Users\Bosscoe\Desktop\BOSSCOE-PC.speccy
2017-08-09 03:03 - 2017-08-09 03:03 - 000003240 ____N C:\bootsqm.dat
2017-08-09 02:26 - 2017-08-09 02:26 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\ElevatedDiagnostics
2017-08-09 02:11 - 2017-08-09 10:21 - 000214596 _____ C:\Windows\ntbtlog.txt
2017-08-08 11:31 - 2017-08-08 11:31 - 000000404 _____ C:\Windows\Tasks\RunAsStdUser Task.job
2017-08-08 11:28 - 2017-08-08 11:31 - 000000264 _____ C:\Windows\Tasks\Driver Booster SkipUAC (Bosscoe).job
2017-08-08 10:48 - 2017-08-08 10:48 - 000000000 ____D C:\Program Files (x86)\Realtek
2017-08-08 00:57 - 2017-08-08 00:57 - 000000000 ___DC C:\SWTOOLS
2017-08-07 21:34 - 2017-08-07 21:34 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2017-08-07 15:56 - 2017-08-07 15:56 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2017-08-07 15:56 - 2017-08-07 15:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2017-08-07 15:56 - 2017-08-07 15:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-08-07 15:41 - 2017-08-07 15:42 - 000000000 ___DC C:\a24006d765b9ff9d0ba277
2017-08-07 14:41 - 2017-08-07 14:41 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\onOne Software
2017-08-07 14:12 - 2017-08-07 23:12 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-08-07 14:12 - 2017-08-07 14:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2017-08-07 14:12 - 2017-08-07 14:12 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-08-07 14:07 - 2017-08-07 14:08 - 000000000 ___DC C:\332a81b2397d755966377e88
2017-08-07 10:16 - 2017-08-07 10:16 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\SUPERAntiSpyware.com
2017-08-06 10:56 - 2010-11-20 23:24 - 000443820 ____C C:\Windows\system32\advapi32.amx
2017-08-06 10:56 - 2010-11-20 23:24 - 000342524 ____C C:\Windows\system32\user32.amx
2017-08-06 10:56 - 2009-07-13 21:52 - 000339536 ____C (Adaptec, Inc.) C:\Windows\system32\adpahci.sys
2017-08-06 01:39 - 2017-08-09 10:42 - 000000000 ___DC C:\FRST
2017-08-06 00:50 - 2017-08-06 00:50 - 000000000 ____D C:\Program Files\AMD
2017-08-06 00:17 - 2017-08-06 00:25 - 000333174 _____ C:\Users\Bosscoe\sfcdetails.txt
2017-08-05 21:52 - 2017-08-05 21:52 - 000226696 _____ (Renesas Electronics Corporation) C:\Windows\system32\Drivers\nusb3xhc.sys
2017-08-05 21:52 - 2017-08-05 21:52 - 000081920 _____ (Renesas Electronics Corporation) C:\Windows\system32\nusb3co3.dll
2017-08-05 21:51 - 2017-08-05 21:51 - 000011944 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\amdide64.sys
2017-08-05 21:48 - 2017-08-05 21:48 - 003309264 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 002027192 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 002012496 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 001752904 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 001194360 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 001180496 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000896344 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000754760 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000700624 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2017-08-05 21:48 - 2017-08-05 21:48 - 000633904 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000568312 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000400504 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000132248 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000104088 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000080400 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000067280 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000064152 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000063144 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000042192 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2017-08-05 21:48 - 2017-08-05 21:48 - 000036504 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2017-08-05 21:48 - 2017-08-05 21:48 - 000000000 ____D C:\Program Files\VIA
2017-08-05 21:43 - 2017-08-08 11:35 - 000000000 ____D C:\ProgramData\ProductData
2017-08-05 21:43 - 2017-08-05 21:44 - 000000000 ____D C:\Users\Bosscoe\AppData\LocalLow\IObit
2017-08-05 21:43 - 2017-08-05 21:43 - 000000000 ____D C:\Windows\IObit
2017-08-05 21:43 - 2017-08-05 21:43 - 000000000 ____D C:\ProgramData\IObit
2017-08-05 21:42 - 2017-08-05 21:42 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\IObit
2017-08-05 19:39 - 2017-08-05 19:39 - 000000000 ___DC C:\2f9bcd65ecbfcb205fc6ddb90960d09d
2017-08-05 19:24 - 2017-08-05 19:24 - 000000000 ___DC C:\f425e64feb63f30ba90e2b0188
2017-08-04 09:27 - 2017-08-04 09:27 - 000007511 ____C C:\VEWapplication.txt
2017-08-04 02:39 - 2010-11-21 13:23 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2017-08-04 01:54 - 2017-08-04 01:54 - 000000000 ____D C:\Users\Bosscoe\AppData\LocalLow\uTorrent
2017-08-04 00:44 - 2017-08-04 00:44 - 000000000 ____D C:\Program Files (x86)\EaseUS
2017-08-04 00:22 - 2017-08-04 00:24 - 000012901 ____C C:\junk.txt
2017-08-03 21:58 - 2017-08-04 09:39 - 000007511 ____C C:\VEW.txt
2017-08-02 17:02 - 2017-08-07 13:08 - 000000000 ___DC C:\SFCFix
2017-08-02 16:49 - 2017-08-07 13:08 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\niemiro
2017-08-02 16:02 - 2017-08-02 23:32 - 000000400 __RSH C:\ProgramData\ntuser.pol
2017-08-01 18:30 - 2017-08-01 19:21 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\.minecraft
2017-07-31 12:00 - 2017-08-04 09:27 - 000000271 _____ C:\Users\Bosscoe\Desktop\to do list.txt
2017-07-29 00:42 - 2017-07-29 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-07-29 00:42 - 2017-07-29 00:42 - 000000000 ____D C:\ProgramData\ESET
2017-07-29 00:42 - 2017-07-29 00:42 - 000000000 ____D C:\Program Files\ESET
2017-07-27 01:25 - 2017-07-27 01:25 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\MultiPlayerManager
2017-07-25 17:50 - 2017-07-25 17:50 - 000000045 _____ C:\Users\Bosscoe\nuuid.ini
2017-07-25 17:50 - 2017-07-25 17:50 - 000000041 _____ C:\Users\Bosscoe\inst.ini
2017-07-25 17:50 - 2017-07-25 17:50 - 000000000 ____D C:\Users\Bosscoe\Nox_share
2017-07-25 17:48 - 2017-08-01 21:32 - 000000000 ____D C:\Users\Bosscoe\vmlogs
2017-07-25 17:46 - 2017-08-02 11:15 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2017-07-25 17:45 - 2017-08-01 21:32 - 000000000 ____D C:\Users\Bosscoe\.BigNox
2017-07-25 17:44 - 2017-07-25 17:44 - 000000000 ____D C:\Users\Bosscoe\New folder
2017-07-25 17:43 - 2017-08-02 10:49 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\Nox
2017-07-23 20:22 - 2017-07-23 20:25 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\BlueStacksFriends
2017-07-23 20:22 - 2017-07-23 20:22 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\BlueStacksFriends
2017-07-23 18:42 - 2017-07-23 20:26 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\Bluestacks
2017-07-19 16:00 - 2017-07-19 17:01 - 000000000 ____D C:\ProgramData\SQL Anywhere 16
2017-07-19 15:56 - 2017-07-20 00:29 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\Intuit
2017-07-19 15:56 - 2017-07-19 15:56 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\SQL Anywhere 16
2017-07-19 15:42 - 2012-01-05 13:43 - 004218880 _____ (Amyuni Technologies hxxp://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2017-07-19 15:38 - 2017-08-08 09:47 - 000000000 ____D C:\ProgramData\Intuit
2017-07-19 15:37 - 2017-08-08 09:48 - 000000094 _____ C:\Windows\QBChanUtil_Trigger.ini
2017-07-19 15:02 - 2017-07-19 15:02 - 000000000 ____D C:\Windows\Intuit
2017-07-11 19:57 - 2017-07-11 19:57 - 000000000 ____D C:\Users\Bosscoe\Documents\My Games
2017-07-11 16:51 - 2017-07-11 16:51 - 000000202 _____ C:\Users\Bosscoe\Desktop\Rocket League.url
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-08-09 10:37 - 2009-07-14 14:45 - 000033296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-09 10:37 - 2009-07-14 14:45 - 000033296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-09 10:34 - 2011-02-25 11:14 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\vlc
2017-08-09 10:32 - 2015-03-06 14:10 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-09 10:28 - 2009-07-14 15:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-09 09:32 - 2014-03-02 16:59 - 001902592 ___SH C:\Users\Bosscoe\Desktop\Thumbs.db
2017-08-09 02:20 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\inf
2017-08-09 02:04 - 2009-07-14 15:08 - 000032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-09 01:39 - 2012-12-07 01:37 - 000000000 ____D C:\ProgramData\TuneUp Software
2017-08-09 01:34 - 2016-11-17 23:47 - 000000000 ____D C:\Program Files\Common Files\Topaz Labs
2017-08-09 01:33 - 2016-11-17 23:47 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2017-08-09 01:18 - 2013-10-02 14:31 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-09 01:17 - 2009-07-14 15:13 - 000803590 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-08 22:45 - 2016-12-12 21:46 - 000003144 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTask
2017-08-08 13:34 - 2016-11-18 13:01 - 000000000 ____D C:\Users\Bosscoe\AppData\LocalLow\Mozilla
2017-08-08 11:31 - 2011-06-13 21:46 - 000000000 ____D C:\Windows\pss
2017-08-08 10:48 - 2011-02-20 13:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-08 10:20 - 2011-02-22 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vicon
2017-08-08 10:14 - 2012-03-19 12:38 - 000000000 ___RD C:\Users\Bosscoe\Desktop\DJ
2017-08-08 10:14 - 2011-02-20 13:49 - 000000000 ___RD C:\Users\Bosscoe\Desktop\Design Software
2017-08-08 09:55 - 2011-02-21 00:22 - 000448560 _____ C:\Users\Bosscoe\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-08 09:52 - 2009-07-14 14:45 - 005934512 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-08 09:47 - 2012-08-06 00:56 - 000000000 ____D C:\ProgramData\Nuance
2017-08-07 23:36 - 2011-11-05 00:31 - 000000000 ____D C:\Program Files\Speccy
2017-08-07 15:56 - 2015-04-14 16:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-08-07 14:36 - 2011-02-20 13:48 - 000000000 ___RD C:\Users\Bosscoe\Desktop\Desktop Programs
2017-08-07 14:32 - 2011-12-17 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-08-07 14:32 - 2011-02-20 14:15 - 000000000 ____D C:\ProgramData\Sony
2017-08-07 14:32 - 2011-02-20 14:15 - 000000000 ____D C:\Program Files (x86)\Sony
2017-08-07 14:25 - 2011-02-23 00:27 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-08-07 14:24 - 2011-10-26 00:02 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-07 14:24 - 2011-02-20 13:56 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-07 14:23 - 2011-02-20 14:53 - 000000000 ____D C:\Windows\SysWOW64\Adobe
2017-08-07 14:19 - 2015-03-05 15:47 - 000000000 ___DC C:\Temp
2017-08-06 22:02 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\SysWOW64\manifeststore
2017-08-06 13:56 - 2015-04-14 16:36 - 000000000 ____D C:\Users\Administrator
2017-08-06 13:56 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\registration
2017-08-06 11:26 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\system32\manifeststore
2017-08-06 00:17 - 2011-02-20 13:25 - 000000000 ____D C:\Users\Bosscoe
2017-08-05 23:59 - 2011-11-28 14:34 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\CrashDumps
2017-08-05 23:50 - 2011-02-20 13:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-05 20:40 - 2017-03-26 00:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-05 20:06 - 2017-01-28 14:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-04 12:41 - 2013-12-25 19:22 - 000000000 _____ C:\Users\Bosscoe\AppData\Local\Resmon.ResmonCfg
2017-08-04 10:52 - 2016-12-20 18:58 - 000000000 ____D C:\Windows\SysWOW64\tmp
2017-08-04 10:51 - 2017-01-25 11:00 - 000000166 _____ C:\Windows\SysWOW64\osver.cmd
2017-08-04 10:51 - 2017-01-25 11:00 - 000000137 _____ C:\Windows\SysWOW64\osver.vbs
2017-08-04 10:51 - 2017-01-25 11:00 - 000000002 _____ C:\Windows\SysWOW64\64.dat
2017-08-02 15:51 - 2009-07-14 13:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-08-02 15:51 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-08-01 21:32 - 2015-04-13 13:42 - 000000000 ____D C:\Users\Bosscoe\.android
2017-08-01 02:12 - 2017-01-25 11:09 - 000011952 _____ C:\Windows\SysWOW64\getwork.dat
2017-07-31 22:58 - 2012-04-14 04:09 - 000000132 _____ C:\Users\Bosscoe\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-07-25 01:12 - 2014-07-25 15:52 - 000000000 ____D C:\Users\Bosscoe\dwhelper
2017-07-21 22:02 - 2014-05-21 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2017-07-19 13:39 - 2017-05-22 09:56 - 000000000 ____D C:\ProgramData\HP
2017-07-19 13:31 - 2016-03-24 10:07 - 000000456 _____ C:\Windows\MYOBP.INI
2017-07-19 13:28 - 2016-03-24 10:07 - 000000053 _____ C:\Windows\MYOB.INI
2017-07-19 13:25 - 2016-03-24 10:05 - 000000663 _____ C:\Windows\openrda.ini
2017-07-19 13:19 - 2016-04-22 13:49 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\Manager
2017-07-12 20:11 - 2015-06-01 01:33 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-12 04:06 - 2017-02-11 15:48 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-11 16:51 - 2011-02-22 13:45 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
==================== Files in the root of some directories =======
2011-06-29 16:59 - 2011-06-29 16:59 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-06-18 19:43 - 2015-07-31 11:30 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2015-07-31 13:06 - 2017-05-29 12:15 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2011-04-07 10:46 - 2015-07-27 12:28 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-04-14 04:09 - 2017-07-31 22:58 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe PNG Format CS6 Prefs
2011-06-12 15:54 - 2011-06-12 15:54 - 000016384 _____ () C:\Users\Bosscoe\AppData\Roaming\BO Config Tool.exe
2011-06-12 15:54 - 2011-06-12 15:54 - 000058134 _____ () C:\Users\Bosscoe\AppData\Roaming\Bosscoe3SQLite3.dll
2005-07-03 04:51 - 2011-06-13 21:37 - 000875862 ____H () C:\Users\Bosscoe\AppData\Roaming\Bosscoelog.dat
2012-12-05 20:20 - 2012-12-05 20:37 - 000035630 _____ () C:\Users\Bosscoe\AppData\Roaming\net.telestream.wirecast.xml
2012-12-05 20:20 - 2012-12-05 20:20 - 000014120 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_AFL0681655000_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000005028 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_AFL0681655000_brandingimage_main.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000014543 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_AFL9067099885_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000014186 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_AFL9067099885_brandingimage_main.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000004755 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_BAMBUSER_AFFILIATE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000003123 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_DACAST_AFFILIATE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000004149 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_HIGH_SCHOOL_CUBE_AFFIALITE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000001451 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_SHOWCASTER_AFFILIATE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000007122 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAMING_MEDIA_HOSTING_AFFILIATE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000016966 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_STRETCH_INTERNET_AFFIALITE_ID_brandingimage_destination.png
2011-03-01 02:12 - 2013-09-18 23:08 - 000001456 _____ () C:\Users\Bosscoe\AppData\Local\Adobe Save for Web 12.0 Prefs
2016-02-17 18:38 - 2017-03-06 13:26 - 000001456 _____ () C:\Users\Bosscoe\AppData\Local\Adobe Save for Web 13.0 Prefs
2011-03-18 16:06 - 2012-08-17 09:45 - 000084366 _____ () C:\Users\Bosscoe\AppData\Local\installer.log
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\lwui.exe
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\pvmk.exe
2016-12-02 09:33 - 2016-12-02 09:33 - 000000756 _____ () C:\Users\Bosscoe\AppData\Local\recently-used.xbel
2013-12-25 19:22 - 2017-08-04 12:41 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\Resmon.ResmonCfg
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\term.exe
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\tklr.exe
2011-09-05 15:11 - 2011-09-05 23:37 - 000010566 ___SH () C:\Users\Bosscoe\AppData\Local\u7r60td74665673edn0gf4gd1288yakn408f68d0743j3ev
2017-05-22 09:55 - 2017-05-22 09:55 - 000000057 _____ () C:\ProgramData\Ament.ini
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\ProgramData\ftne.exe
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\ProgramData\lllr.exe
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\ProgramData\sitg.exe
2011-09-05 15:11 - 2011-09-05 23:37 - 000010566 ___SH () C:\ProgramData\u7r60td74665673edn0gf4gd1288yakn408f68d0743j3ev
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\ProgramData\xtil.exe
Files to move or delete:
====================
C:\ProgramData\ftne.exe
C:\ProgramData\lllr.exe
C:\ProgramData\sitg.exe
C:\ProgramData\xtil.exe
Some files in TEMP:
====================
2017-08-09 10:31 - 2017-08-09 10:31 - 001987072 _____ (CPUID) C:\Users\Bosscoe\AppData\Local\Temp\speccycpuid.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-08-08 10:40
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2017
Ran by Bosscoe (09-08-2017 10:44:32)
Running from F:\Firefox Downloads\Firefox Downloads
Windows 7 Professional Service Pack 1 (X64) (2011-02-20 03:25:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1337583389-873375944-2258466276-500 - Administrator - Enabled) => C:\Users\Administrator
Bosscoe (S-1-5-21-1337583389-873375944-2258466276-1000 - Administrator - Enabled) => C:\Users\Bosscoe
Guest (S-1-5-21-1337583389-873375944-2258466276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1337583389-873375944-2258466276-1003 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Illustrator CS5 (HKLM-x32\...\{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{32739B6F-1E47-C6E4-26CB-C04E25D8120C}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
ArchiCAD 15 R1 INT (HKLM\...\001FFF2FFF15FF00FF0701F01F02F000-R1) (Version: 15.0 - Graphisoft)
Call of Duty® 4 - Modern Warfare 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version: - ) Hidden
Call of Duty® 4 - Modern Warfare 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version: - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.3.201 - Corel corporation) Hidden
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version: - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Effects Suite 64-bit (HKLM\...\{05250050-34CD-4303-9194-5FEA45CB2E36}) (Version: 10.0.1 - Red Giant Software) Hidden
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{05250050-34CD-4303-9194-5FEA45CB2E36}) (Version: 10.0.1 - Red Giant Software)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{3B4AB7BA-0734-4547-9604-3FCC40873B3D}) (Version: 10.1.219.0 - ESET, spol. s r.o.)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version: - )
FumeFX 2.1 R2012 64-bit (HKLM-x32\...\{199A019C-739D-4BA1-9B4B-90AB3EE31900}) (Version: - )
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GenArts Sapphire Plug-ins 2.06 for After Effects and Compatible (HKLM-x32\...\GenArts Sapphire Plug-ins for After Effects_is1) (Version: - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000B8301}) (Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{861927A3-8B12-4BF8-9F2A-7A4ED4C40096}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Magic Bullet PhotoLooks (HKLM-x32\...\Magic Bullet PhotoLooks) (Version: - )
Magic Bullet Suite 64-bit (HKLM\...\{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B0-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31007 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.0.6424 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 en-US)) (Version: 52.2.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
ParticleShop - Core (HKLM\...\{08E7567C-74B3-4956-B575-F55BFCC77C31}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (HKLM\...\{9E99AA1D-F1DC-442D-B9D9-8DD3EE529AE9}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM Content (HKLM\...\{67BDB811-383B-4D2B-870E-F27D2511F200}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3.0.570 - Corel Corporation)
ParticleShop (HKLM\...\{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\{D4F483F8-71F1-457F-AB1B-31C61529B658}) (Version: 1.3 - Corel Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.73.618.2013 - Realtek)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
Samsung Auto Backup (HKLM-x32\...\{821D6F49-1B20-4809-8C73-286CFC52B1B1}) (Version: 4.1.371.0 - Clarus)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.13 - Piriform)
SUPER STREET FIGHTER IV: ARCADE EDITION (HKLM-x32\...\{43430FA0-4A2E-404A-B715-951000028101}) (Version: 1.0.0002.129 - CAPCOM U.S.A., INC) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Vicon boujou 5.0 (HKLM-x32\...\{A70B1A8B-24B4-4204-9E46-D14CBC49093E}) (Version: 5.0.0 - Vicon Motion Systems)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.6 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers1-x32: [SimpleShlExt] -> {A53118EA-E89E-49BD-AB1B-AB180BB12CFE} => C:\Program Files (x86)\Clarus\Samsung Auto Backup\ShContextMenu.dll [2010-07-28] (Clarus, Inc.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-02-08] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-02-08] ()
ContextMenuHandlers1-x32-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2013-08-23] ()
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers4-x32: [SimpleShlExt] -> {A53118EA-E89E-49BD-AB1B-AB180BB12CFE} => C:\Program Files (x86)\Clarus\Samsung Auto Backup\ShContextMenu.dll [2010-07-28] (Clarus, Inc.)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-02-08] ()
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-02-08] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-11-05] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\Windows\System32\DreamScene.dll [2011-03-01] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-28] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-02-08] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-02-08] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {089172D3-8A52-45CB-BD95-AB19F45C0002} - System32\Tasks\{47D5201F-E766-40FD-82EB-F4C1B18ED3A5} => C:\Program Files (x86)\MasterBox\MasterBox.exe
Task: {1B9ED9AF-229F-4A7C-8C0C-3777F4BFB027} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {24439B3B-F860-47CA-AF23-E330167567C6} - System32\Tasks\{17844133-D36F-4EEE-B59A-3F30E6461C47} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {27F49B1A-295B-4609-A0B6-95B11056D586} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {2C73A536-7296-4081-868C-5233C1F03BCF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)
Task: {2E159C60-3885-476E-B076-41F2CE7042D1} - System32\Tasks\{C55DAF05-8BE2-4957-9ABB-38CD09B12A7C} => C:\Windows\system32\pcalua.exe -a F:\Bosscoe-Studio\ArchiCAD\Install\Uninstall.AC\uninstaller.exe
Task: {2EA8CCD2-0436-43B2-8E8D-29EAC59F050F} - System32\Tasks\{8924D90E-F70B-48D0-BA8A-47E99023E80D} => C:\Windows\system32\pcalua.exe -a "F:\Firefox Downloads\Firefox Downloads 2\OffercastInstaller.exe" -d "F:\Firefox Downloads\Firefox Downloads 2"
Task: {31B08594-E1BD-461F-8ED5-D593400CB6D5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {43F9FBEB-6E30-4D36-BABE-E815DC87FBFB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {56130510-827A-4EE0-A313-0A96A406F34B} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Task: {57CF27AA-257A-42B1-9CD8-28BF176EF99F} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-07-24] (Corel Corporation)
Task: {5B15C4C1-FCA9-4657-B554-BD51FF595958} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {5DA8BAAE-F1DA-4B9D-9833-092D90CBA729} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\realplayer\update\realsched.exe [2012-08-21] (RealNetworks, Inc.)
Task: {7A1A4222-B789-4670-810C-C28CD8081BE8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {7C532509-D68B-4B96-9421-22A11BD1CC5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {8B48A0A1-EE3E-458B-8D94-C82BE0B1A3FE} - System32\Tasks\{F628C2A6-DEB1-4108-BD4F-A4E789ADB2DF} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {962015B8-51E6-49D5-B763-EDCFB0390629} - System32\Tasks\{41A0C290-B4BD-43CD-87EE-E6E7C011DDE8} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\PACIFI~1\UNWISE.EXE -c C:\PROGRA~2\PACIFI~1\INSTALL.LOG
Task: {A10A72A9-CCC8-4947-AA30-A0007ABD1709} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-13] (Piriform Ltd)
Task: {A28EF54D-3B52-42E5-8CC7-77CBDA09B822} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {AB75116D-0825-447B-BC76-CC04EF959BA1} - System32\Tasks\{62247D23-618F-4530-A14B-62C0966B71E8} => C:\Windows\system32\pcalua.exe -a C:\Users\Bosscoe\Downloads\pbsetup\pbsetup.exe -d C:\Users\Bosscoe\Downloads\pbsetup
Task: {CA8E2CDF-76F3-4098-BB6A-FF2F62B14E31} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {D94DFEAD-EA57-48E2-9672-CB83D91C533F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {E21A903F-87FA-49B6-8FED-BC0DBCA43E2E} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {E54CEC21-24CB-4D13-94C6-27EEFCCFA6F2} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F4DDEE11-D980-4FDE-BBD8-30BFC2A3FF06} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-07-24] (Corel Corporation)
Task: {FD7C72C5-A646-4863-A26C-CA33D2072041} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Bosscoe).job => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
Task: C:\Windows\Tasks\RunAsStdUser Task.job => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\NoteIcon.exe C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2013-11-01 19:27 - 2013-08-23 12:36 - 000721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2011-02-20 13:50 - 2011-02-08 14:42 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll
2017-03-22 23:37 - 2017-06-21 17:07 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2009-03-30 16:32 - 2009-03-30 16:32 - 000032768 ____R () C:\Windows\DAODx.exe
2017-03-22 23:37 - 2017-06-21 17:07 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-02 00:17 - 2016-06-02 00:17 - 000144832 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 002632640 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000078272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 002231744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000598976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 001566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000334784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 001265600 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000242624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 012001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000681408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000026560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000086976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000026560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000100800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000298944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 001291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 002680768 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000370112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 014929344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 001782208 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000038336 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 001568704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000067008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000789952 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000746432 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000125888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000065472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000031168 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000037824 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000059840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 001504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000041408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows:nlsPreferences [514]
AlternateDataStreams: C:\ProgramData\TEMP:888AFB86 [110]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\Software\Classes\exefile: "%1" %* <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\com -> hxxp://*.Wondershare.com
IE trusted site: HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\skype.com -> hxxps://clientlogin.cdn.skype.com
IE trusted site: HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2011-02-21 00:19 - 2017-05-25 21:54 - 000001248 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: UxTuneUp => 2
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk => C:\Windows\pss\UltraMon.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Steam => "F:\Steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Bosscoe\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{EE4BC180-9673-4201-B951-D9191FE84817}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [UDP Query User{440B3026-A335-44B0-9CEB-0251014B0404}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [TCP Query User{D97619D5-0AA4-443D-8ADD-C122E207F0D4}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [UDP Query User{34579A37-8D2A-499D-A3AD-322973BBB1C8}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [{E1BB697C-2DE1-4D5A-AC9E-F00104CB12AA}] => (Allow) LPort=9322
FirewallRules: [{F080C849-0F0C-444C-9E6E-DCC6AD38F7C6}] => (Allow) LPort=9323
FirewallRules: [{F5415E94-ADB1-4631-9F4C-5783709BA321}] => (Allow) LPort=9323
FirewallRules: [TCP Query User{76E38839-825A-496F-8126-6252356278E4}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{B1E9A4EF-2E9B-41E1-8EE7-678A93FAFDDA}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [{5017B9BF-55EA-40C2-9B51-C6514D309A31}] => (Allow) LPort=49167
FirewallRules: [{0EDDAAE6-01E4-4A85-AC3C-6315A8836C3A}] => (Allow) LPort=5000
FirewallRules: [{5926A668-18BB-4588-AD25-22C2444BFC51}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9989C56B-763E-4EAA-B7EC-BB62F08B556E}] => (Allow) LPort=2869
FirewallRules: [{7F6CAB02-FBF2-41FF-8C1D-15D85162A869}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{99BF72BB-FF89-42FF-AB68-00B1C0CD6653}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{2DA270A5-5E2D-4DC0-9130-E8E66BCC8240}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{A98BB15E-1416-4E61-B095-2A6682802C43}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{48B06D3F-4320-4E43-86A6-22C9A11A8EE7}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{CAE6651F-B2AB-4A5E-9150-8AD7079ADF93}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [{BF2AB77A-6937-4EB7-908B-93ACE6CAC8D7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{622418D1-3604-49E4-90C8-59B13AA0F467}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{8FAA4F38-2026-42E7-A514-81482E863FD6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{EF6B7284-E823-4A7D-9940-58FB965A15C4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{64F1B81C-1A2E-44A1-ABD1-E4B0D3197159}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B7F63603-36D3-4106-AE2B-6E44713F9309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{FD6BE8E5-F013-4B94-99FB-903ED4D94077}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe
FirewallRules: [UDP Query User{FC43CDE5-B76B-4659-9D76-E27134DC1475}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe
FirewallRules: [TCP Query User{EF0E5947-2F04-4168-BA35-4B0DA4A6B513}F:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe] => (Allow) F:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe
FirewallRules: [UDP Query User{97E9173B-8DB1-47F1-93DD-A9F6FD156CA7}F:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe] => (Allow) F:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe
FirewallRules: [{71CFB545-ACB0-43EF-9A90-B8D577AC4AF0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9465D0F0-F916-440D-B42A-7E00EAB71488}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{34A11A97-6DEB-47C7-860B-D0DC9F1BB026}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{042E8343-9CE4-424E-812B-16A32504BB5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9C78D8EB-C68D-4204-8237-0681907E0D63}] => (Allow) C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{42BE02CE-25EF-4826-BD2B-2B07F89844A7}] => (Allow) C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{4CFA4DA6-AA61-408C-922C-3B0BD01BBE31}] => (Allow) F:\Bosscoe-Studio\ArchiCAD\Install\ArchiCAD.exe
FirewallRules: [{6F3BEC2B-A161-472D-98B1-0A355D562277}] => (Allow) F:\Bosscoe-Studio\ArchiCAD\Install\ArchiCAD.exe
FirewallRules: [{11859CD5-2CAE-4A9B-BEB1-09FB1040DE4C}] => (Allow) F:\Bosscoe-Studio\ArchiCAD\Install\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{019C90BD-7B8A-4622-A4B2-EDA14C3E4232}] => (Allow) F:\Bosscoe-Studio\ArchiCAD\Install\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [TCP Query User{F998C04F-0AF1-46E7-B93D-02BA33FF0947}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe] => (Block) C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe
FirewallRules: [UDP Query User{47E3A0A2-DA22-4C97-9348-9A47C048D03E}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe] => (Block) C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe
FirewallRules: [TCP Query User{3D547069-D6AD-4F2E-A1AE-BB1ACA4D50A9}F:\sony\vegas120.exe] => (Allow) F:\sony\vegas120.exe
FirewallRules: [UDP Query User{8544B9B6-4F73-4735-8928-A10D3CC96846}F:\sony\vegas120.exe] => (Allow) F:\sony\vegas120.exe
FirewallRules: [TCP Query User{ACAA4A58-E54D-44F9-8770-AD1A73344053}F:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) F:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{C9BD3F3B-3826-4CA7-AAD6-F8A332CE393B}F:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) F:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{090EF6E0-D77B-4487-818C-F52F70F86A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3D3FE008-33B6-45BA-811C-CB18518D2842}C:\users\bosscoe\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\bosscoe\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{53627182-66DC-4B28-AF0F-1144B76E7F3B}C:\users\bosscoe\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\bosscoe\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{4B0BA603-A98F-449A-AF6B-3A08E1A0B9C4}F:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) F:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{FA0A9E66-95EC-4600-A9F0-6B5EBFDBDC13}F:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) F:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{5B7FEA5C-BB57-4CA1-B336-3B9BF5656BE5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0AA0A131-E9B4-4581-AA01-F76BC0F8DC89}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16CEB304-9CCC-4379-A0B7-7DF6B7161DE7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F34A52C5-6139-49B9-BC74-6C1B67E21CA3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{B4839FD0-BC00-48CF-ACA2-ADF79872BD10}F:\sony\vegas120.exe] => (Allow) F:\sony\vegas120.exe
FirewallRules: [UDP Query User{4473D654-3DFE-4B33-83D4-9BF47FC6BFF8}F:\sony\vegas120.exe] => (Allow) F:\sony\vegas120.exe
FirewallRules: [{49F970E6-F7E1-4EE7-865A-9A074918DD86}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{A7055F11-1A84-49B6-9871-03C50D09AD21}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [TCP Query User{80A8643F-F952-42FB-83F3-48F98FC35B09}F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{91DEFF90-BFBA-4533-AE1B-784E0411A3C3}F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe
FirewallRules: [{A5DFFE82-E04B-4F2E-84A0-2D03A584A490}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C1C52E13-07E6-46B7-AE10-0383D534701F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{568C478A-9015-43CB-A6C0-B9B660142875}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{9E74CAE7-90FA-49EB-BC76-A2F54AE99863}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [TCP Query User{29A1861C-2313-4BE1-9343-37F0A5E5B72A}F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{46275D7E-30BF-465C-9E0F-5FF2B8D78EEB}F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe
FirewallRules: [{DD24ACC9-8D61-4356-ACE1-42B67AB736E7}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2F98F781-AB49-4419-8B80-5C32338A1452}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{1248060D-3DEC-402C-8268-86FF6FDF1800}F:\firefox downloads\firefox downloads\skype\skype.exe] => (Allow) F:\firefox downloads\firefox downloads\skype\skype.exe
FirewallRules: [UDP Query User{8EC9491D-8DCC-4618-A92D-349C7360E35E}F:\firefox downloads\firefox downloads\skype\skype.exe] => (Allow) F:\firefox downloads\firefox downloads\skype\skype.exe
FirewallRules: [{8449B848-ADF3-4786-B940-B8E1F653929A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EDC2D277-D466-4C9B-87B2-B16838B5F095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D90C7D99-3E3E-4617-93F9-B044AE46A0AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2FBB4F14-2B4B-485B-82B1-E49DA24A3FEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8F47A7EC-E6FE-470C-857C-9C29790CAD5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{04CB3E74-1DF1-4AF2-BF58-36C2EDC95DAE}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FB238ED7-8265-421C-81B6-08313B0B746C}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{405DA858-F17F-470E-8233-3E19FC988D01}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E867D271-5E68-438A-8938-DAF7C99F9296}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{3EF1C433-606D-4334-B2DE-75EF0B503DA6}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{B74B6A0A-180A-4F3F-9166-2CF2DAF6D91E}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{8A310D2A-A442-41D2-9CE5-AC704B467EA1}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FBA9D22F-CDE6-4F91-AA68-72F78B7C59EA}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{DBDBB100-DB7C-47B5-A480-317F8BECD25C}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{E6E4F862-221D-4B09-8A08-9E76448762FB}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
==================== Restore Points =========================
09-08-2017 01:17:59 Windows Assessment and Deployment Kit - Windows 10
09-08-2017 01:36:06 Removed TuneUp Utilities 2013
09-08-2017 01:38:49 Removed TuneUp Utilities Language Pack (en-US)
09-08-2017 01:44:47 Windows Update
==================== Faulty Device Manager Devices =============
Name: Realtek PCI GBE Family Controller
Description: Realtek PCI GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/09/2017 10:29:57 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/09/2017 10:18:11 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (08/09/2017 10:18:11 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (08/09/2017 10:16:05 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
Error: (08/09/2017 09:52:28 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/09/2017 09:31:01 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/09/2017 03:08:23 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (08/09/2017 02:41:33 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (08/09/2017 10:38:08 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:38:08 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:34:07 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:34:07 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
CodeIntegrity:
===================================
Date: 2017-08-02 12:39:26.485
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10635\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-08-02 12:39:25.268
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10635\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-08-02 12:39:24.067
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10635\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-08-02 12:39:21.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10632\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-08-02 12:39:20.510
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10632\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-08-02 12:39:19.871
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10632\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-08-02 12:39:18.186
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10620\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-08-02 12:39:17.780
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10620\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-08-02 12:39:17.421
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10620\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
Date: 2017-04-07 20:33:22.025
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: AMD Athlon II X4 640 Processor
Percentage of memory in use: 21%
Total physical RAM: 8190.18 MB
Available physical RAM: 6437.45 MB
Total Virtual: 16378.54 MB
Available Virtual: 14526.85 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:74.52 GB) (Free:4.91 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: () (Fixed) (Total:931.51 GB) (Free:123.28 GB) NTFS
==================== MBR & Partition Table ==================
==================== End of Addition.txt ============================