Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows not running properly


  • Please log in to reply

#91
Bosscoe

Bosscoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts

If you disable the new one too does that make everything (Speccy) start working again?  (except for networking of course).  Make a log with Speccy while it is working.  Also run FRST (right click & Run As Admin)  with all Whitelist boxes and Addition.txt checked.  You will get two logs.  Post them both even if you have to put them on a USB drive and post them from a friend's computer.

Yes if the new network adapter is disabled everything runs fine. I'm able to use everything in normal mode properly, music, photoshop etc...Once I enable the network adapter from device manager I watch the physical mem sky rocket.

I disable the network adapter from safe mode which allows me to run everything normally in normal mode. I'll get you those logs first thing when I wake up in a few hours, just hit 3am on my side.


  • 0

Advertisements


#92
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,320 posts
  • MVP

Night night


  • 0

#93
Bosscoe

Bosscoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts

Done, attached logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-08-2017
Ran by Bosscoe (administrator) on BOSSCOE-PC (09-08-2017 10:42:35)
Running from F:\Firefox Downloads\Firefox Downloads
Loaded Profiles: Bosscoe (Available Profiles: Bosscoe & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Windows\DAODx.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Akamai Technologies, Inc.) C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe
(Clarus, Inc.) C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe
(Akamai Technologies, Inc.) C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Piriform Ltd) C:\Program Files\Speccy\Speccy64.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Run: [ctfmon.exe] => C:\WINDOWS\system32\ctfmon.exe [9728 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8641240 2016-02-13] (Piriform Ltd)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: E - E:\Setup.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: G - G:\Setup.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: {7723796b-f524-11e0-aa52-20cf30e261e8} - N:\Setup.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: {7b486a9d-b8fd-11e2-99c7-20cf30e261e8} - E:\setup.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: {870825a6-dcd9-11e4-b906-20cf30e261e8} - E:\Startme.exe
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\MountPoints2: {87f80a16-0df7-11e1-9476-20cf30e261e8} - G:\Setup.exe
AppInit_DLLs: C:\Users\Bosscoe\AppData\Local\Linkey\IEEXTE~1\iedll64.dll => No File
AppInit_DLLs-x32: C:\Users\Bosscoe\AppData\Local\Linkey\IEEXTE~1\iedll.dll => No File
AppInit_DLLs-x32:  bitguard\261694~1.246\{c16c1~1\bitguard.dll => No File
Startup: C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Guage.lnk [2016-06-29]
ShortcutTarget: Samsung Auto Backup Guage.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFGuage.exe (Clarus, Inc.)
Startup: C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Real-Time Daemon.lnk [2016-06-29]
ShortcutTarget: Samsung Auto Backup Real-Time Daemon.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFRealTimeD.exe (Clarus, Inc.)
Startup: C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Auto Backup Scheduler.lnk [2016-06-29]
ShortcutTarget: Samsung Auto Backup Scheduler.lnk -> C:\Program Files (x86)\Clarus\Samsung Auto Backup\ISFTimerD.exe (Clarus, Inc.)
GroupPolicy: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{34f61d3e-7cc2-4773-873b-aefd03d115c8} <==== ATTENTION (Restriction - IP)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{984FF24D-20C0-4F06-B76A-38C258B5BEB5}: [DhcpNameServer] 10.0.0.138
 
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-1337583389-873375944-2258466276-1000 -> DefaultScope {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com.au/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1337583389-873375944-2258466276-1000 -> ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKU\S-1-5-21-1337583389-873375944-2258466276-1000 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com.au/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-08-21] (RealPlayer)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-21] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-21] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C -  No File
 
FireFox:
========
FF ProfilePath: C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929 [2017-08-09]
FF Extension: (AdBlocker Ultimate) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\[email protected] [2017-05-29]
FF Extension: (YouTube mp3) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\[email protected] [2017-03-07]
FF Extension: (Places Maintenance) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\[email protected] [2017-06-03]
FF Extension: (Video DownloadHelper) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-05-09]
FF Extension: (Fasterfox) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\{c36177c0-224a-11da-8cd6-0800200c9a91}.xpi [2017-03-07]
FF Extension: (Adblock Plus) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF Extension: (YouTube Flash Video Player) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\Extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi [2017-06-21]
FF Extension: (TLS 1.3 Compatibility Testing of Middleboxes) - C:\Users\Bosscoe\AppData\Roaming\Mozilla\Firefox\Profiles\ez7r6wgt.default-1488856787929\features\{695f32f9-9962-44ba-83fc-2fe6b4983610}\[email protected] [2017-07-23]
FF Extension: (Click-to-Play staged rollout) - C:\Program Files (x86)\Mozilla Firefox\browser\features\[email protected] [2017-08-05] [not signed]
FF Extension: (Follow-on Search Telemetry) - C:\Program Files (x86)\Mozilla Firefox\browser\features\[email protected] [2017-08-05] [not signed]
FF Extension: (Shield Recipe Client) - C:\Program Files (x86)\Mozilla Firefox\browser\features\[email protected] [2017-08-05] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: (RealPlayer Browser Record Plugin) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-09-30] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-06-25] (Oracle Corporation)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-28] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2012-08-21] (RealPlayer)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-02] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-11-13] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll [2012-08-21] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2012-08-21] (RealPlayer)
 
Chrome: 
=======
CHR HKU\S-1-5-21-1337583389-873375944-2258466276-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bkdegagmpemadclljncealhmmkojfoam] - C:\ProgramData\Wondershare\Player\[email protected] <not found>
CHR HKLM-x32\...\Chrome\Extension: [hegneaniplmfjcmohoclabblbahcbjoe] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-07-20]
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-11-05] (Advanced Micro Devices, Inc.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2625368 2017-06-13] (ESET)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2012-12-21] (Nalpeiron Ltd.) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-28] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-06-21] ()
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-02-20] ()
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2017-08-05] (VIA Technologies, Inc.)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-08-05] (Advanced Micro Devices Inc.)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132824 2017-06-22] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107344 2017-05-04] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [178056 2017-05-04] (ESET)
R1 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [77224 2017-05-04] (ESET)
S3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [67736 2017-04-06] (Logitech Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2013-08-06] (Apple Inc.) [File not signed]
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
S3 SaiK0CCC; C:\Windows\System32\DRIVERS\SaiK0CCC.sys [171016 2010-04-29] (Saitek)
S3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [22664 2010-04-24] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [49928 2010-04-24] (Saitek)
S3 SaiU0CCC; C:\Windows\System32\DRIVERS\SaiU0CCC.sys [41096 2010-04-29] (Saitek)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-17] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-09 10:33 - 2017-08-09 10:33 - 000040944 _____ C:\Users\Bosscoe\Desktop\BOSSCOE-PC.txt
2017-08-09 09:35 - 2017-08-09 09:35 - 000011164 _____ C:\Users\Bosscoe\Desktop\BOSSCOE-PC.speccy
2017-08-09 03:03 - 2017-08-09 03:03 - 000003240 ____N C:\bootsqm.dat
2017-08-09 02:26 - 2017-08-09 02:26 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\ElevatedDiagnostics
2017-08-09 02:11 - 2017-08-09 10:21 - 000214596 _____ C:\Windows\ntbtlog.txt
2017-08-08 11:31 - 2017-08-08 11:31 - 000000404 _____ C:\Windows\Tasks\RunAsStdUser Task.job
2017-08-08 11:28 - 2017-08-08 11:31 - 000000264 _____ C:\Windows\Tasks\Driver Booster SkipUAC (Bosscoe).job
2017-08-08 10:48 - 2017-08-08 10:48 - 000000000 ____D C:\Program Files (x86)\Realtek
2017-08-08 00:57 - 2017-08-08 00:57 - 000000000 ___DC C:\SWTOOLS
2017-08-07 21:34 - 2017-08-07 21:34 - 000000000 ____D C:\Users\Administrator\AppData\Local\ElevatedDiagnostics
2017-08-07 15:56 - 2017-08-07 15:56 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe
2017-08-07 15:56 - 2017-08-07 15:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2017-08-07 15:56 - 2017-08-07 15:56 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2017-08-07 15:41 - 2017-08-07 15:42 - 000000000 ___DC C:\a24006d765b9ff9d0ba277
2017-08-07 14:41 - 2017-08-07 14:41 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\onOne Software
2017-08-07 14:12 - 2017-08-07 23:12 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2017-08-07 14:12 - 2017-08-07 14:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\Mozilla
2017-08-07 14:12 - 2017-08-07 14:12 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Mozilla
2017-08-07 14:07 - 2017-08-07 14:08 - 000000000 ___DC C:\332a81b2397d755966377e88
2017-08-07 10:16 - 2017-08-07 10:16 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\SUPERAntiSpyware.com
2017-08-06 10:56 - 2010-11-20 23:24 - 000443820 ____C C:\Windows\system32\advapi32.amx
2017-08-06 10:56 - 2010-11-20 23:24 - 000342524 ____C C:\Windows\system32\user32.amx
2017-08-06 10:56 - 2009-07-13 21:52 - 000339536 ____C (Adaptec, Inc.) C:\Windows\system32\adpahci.sys
2017-08-06 01:39 - 2017-08-09 10:42 - 000000000 ___DC C:\FRST
2017-08-06 00:50 - 2017-08-06 00:50 - 000000000 ____D C:\Program Files\AMD
2017-08-06 00:17 - 2017-08-06 00:25 - 000333174 _____ C:\Users\Bosscoe\sfcdetails.txt
2017-08-05 21:52 - 2017-08-05 21:52 - 000226696 _____ (Renesas Electronics Corporation) C:\Windows\system32\Drivers\nusb3xhc.sys
2017-08-05 21:52 - 2017-08-05 21:52 - 000081920 _____ (Renesas Electronics Corporation) C:\Windows\system32\nusb3co3.dll
2017-08-05 21:51 - 2017-08-05 21:51 - 000011944 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\Drivers\amdide64.sys
2017-08-05 21:48 - 2017-08-05 21:48 - 003309264 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIAPropPageExt.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 002027192 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO264.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 002012496 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaMicArrayAPO.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 001752904 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO232.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 001194360 _____ (VIA Technologies, Inc.) C:\Windows\system32\VIASysFx.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 001180496 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViaKaraokeApo.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000896344 _____ (Creative Technology Ltd.) C:\Windows\system32\VMAPO64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000754760 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMAPO32.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000700624 _____ (VIA Technologies, Inc.) C:\Windows\system32\Drivers\viahduaa.sys
2017-08-05 21:48 - 2017-08-05 21:48 - 000633904 _____ (Creative Technology Ltd.) C:\Windows\system32\VMTHX64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000568312 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\VMTHX32.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000400504 _____ (Creative Technology Ltd.) C:\Windows\system32\VMWRP64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000132248 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaKaraokePropPageExt.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000104088 _____ (VIA Technologies,Inc.) C:\Windows\system32\ViaMicArrayPropPageExt.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000080400 _____ (Windows ® Codename Longhorn DDK provider) C:\Windows\system32\VtSrdAPO.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000067280 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPLD64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000064152 _____ (TODO: <Company name>) C:\Windows\system32\PropPageExt.dll
2017-08-05 21:48 - 2017-08-05 21:48 - 000063144 _____ (Creative Technology Ltd.) C:\Windows\system32\VMPPCN64.DLL
2017-08-05 21:48 - 2017-08-05 21:48 - 000042192 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\VMfilt64.sys
2017-08-05 21:48 - 2017-08-05 21:48 - 000036504 _____ (VIA Technologies, Inc.) C:\Windows\system32\ViakaraokeSrv.exe
2017-08-05 21:48 - 2017-08-05 21:48 - 000000000 ____D C:\Program Files\VIA
2017-08-05 21:43 - 2017-08-08 11:35 - 000000000 ____D C:\ProgramData\ProductData
2017-08-05 21:43 - 2017-08-05 21:44 - 000000000 ____D C:\Users\Bosscoe\AppData\LocalLow\IObit
2017-08-05 21:43 - 2017-08-05 21:43 - 000000000 ____D C:\Windows\IObit
2017-08-05 21:43 - 2017-08-05 21:43 - 000000000 ____D C:\ProgramData\IObit
2017-08-05 21:42 - 2017-08-05 21:42 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\IObit
2017-08-05 19:39 - 2017-08-05 19:39 - 000000000 ___DC C:\2f9bcd65ecbfcb205fc6ddb90960d09d
2017-08-05 19:24 - 2017-08-05 19:24 - 000000000 ___DC C:\f425e64feb63f30ba90e2b0188
2017-08-04 09:27 - 2017-08-04 09:27 - 000007511 ____C C:\VEWapplication.txt
2017-08-04 02:39 - 2010-11-21 13:23 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2017-08-04 01:54 - 2017-08-04 01:54 - 000000000 ____D C:\Users\Bosscoe\AppData\LocalLow\uTorrent
2017-08-04 00:44 - 2017-08-04 00:44 - 000000000 ____D C:\Program Files (x86)\EaseUS
2017-08-04 00:22 - 2017-08-04 00:24 - 000012901 ____C C:\junk.txt
2017-08-03 21:58 - 2017-08-04 09:39 - 000007511 ____C C:\VEW.txt
2017-08-02 17:02 - 2017-08-07 13:08 - 000000000 ___DC C:\SFCFix
2017-08-02 16:49 - 2017-08-07 13:08 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\niemiro
2017-08-02 16:02 - 2017-08-02 23:32 - 000000400 __RSH C:\ProgramData\ntuser.pol
2017-08-01 18:30 - 2017-08-01 19:21 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\.minecraft
2017-07-31 12:00 - 2017-08-04 09:27 - 000000271 _____ C:\Users\Bosscoe\Desktop\to do list.txt
2017-07-29 00:42 - 2017-07-29 00:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-07-29 00:42 - 2017-07-29 00:42 - 000000000 ____D C:\ProgramData\ESET
2017-07-29 00:42 - 2017-07-29 00:42 - 000000000 ____D C:\Program Files\ESET
2017-07-27 01:25 - 2017-07-27 01:25 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\MultiPlayerManager
2017-07-25 17:50 - 2017-07-25 17:50 - 000000045 _____ C:\Users\Bosscoe\nuuid.ini
2017-07-25 17:50 - 2017-07-25 17:50 - 000000041 _____ C:\Users\Bosscoe\inst.ini
2017-07-25 17:50 - 2017-07-25 17:50 - 000000000 ____D C:\Users\Bosscoe\Nox_share
2017-07-25 17:48 - 2017-08-01 21:32 - 000000000 ____D C:\Users\Bosscoe\vmlogs
2017-07-25 17:46 - 2017-08-02 11:15 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2017-07-25 17:45 - 2017-08-01 21:32 - 000000000 ____D C:\Users\Bosscoe\.BigNox
2017-07-25 17:44 - 2017-07-25 17:44 - 000000000 ____D C:\Users\Bosscoe\New folder
2017-07-25 17:43 - 2017-08-02 10:49 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\Nox
2017-07-23 20:22 - 2017-07-23 20:25 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\BlueStacksFriends
2017-07-23 20:22 - 2017-07-23 20:22 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\BlueStacksFriends
2017-07-23 18:42 - 2017-07-23 20:26 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\Bluestacks
2017-07-19 16:00 - 2017-07-19 17:01 - 000000000 ____D C:\ProgramData\SQL Anywhere 16
2017-07-19 15:56 - 2017-07-20 00:29 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\Intuit
2017-07-19 15:56 - 2017-07-19 15:56 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\SQL Anywhere 16
2017-07-19 15:42 - 2012-01-05 13:43 - 004218880 _____ (Amyuni Technologies hxxp://www.amyuni.com) C:\Windows\SysWOW64\cdintf400.dll
2017-07-19 15:38 - 2017-08-08 09:47 - 000000000 ____D C:\ProgramData\Intuit
2017-07-19 15:37 - 2017-08-08 09:48 - 000000094 _____ C:\Windows\QBChanUtil_Trigger.ini
2017-07-19 15:02 - 2017-07-19 15:02 - 000000000 ____D C:\Windows\Intuit
2017-07-11 19:57 - 2017-07-11 19:57 - 000000000 ____D C:\Users\Bosscoe\Documents\My Games
2017-07-11 16:51 - 2017-07-11 16:51 - 000000202 _____ C:\Users\Bosscoe\Desktop\Rocket League.url
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-08-09 10:37 - 2009-07-14 14:45 - 000033296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-09 10:37 - 2009-07-14 14:45 - 000033296 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-09 10:34 - 2011-02-25 11:14 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\vlc
2017-08-09 10:32 - 2015-03-06 14:10 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-09 10:28 - 2009-07-14 15:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-09 09:32 - 2014-03-02 16:59 - 001902592 ___SH C:\Users\Bosscoe\Desktop\Thumbs.db
2017-08-09 02:20 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\inf
2017-08-09 02:04 - 2009-07-14 15:08 - 000032602 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-09 01:39 - 2012-12-07 01:37 - 000000000 ____D C:\ProgramData\TuneUp Software
2017-08-09 01:34 - 2016-11-17 23:47 - 000000000 ____D C:\Program Files\Common Files\Topaz Labs
2017-08-09 01:33 - 2016-11-17 23:47 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs
2017-08-09 01:18 - 2013-10-02 14:31 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-09 01:17 - 2009-07-14 15:13 - 000803590 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-08 22:45 - 2016-12-12 21:46 - 000003144 _____ C:\Windows\System32\Tasks\CorelUpdateHelperTask
2017-08-08 13:34 - 2016-11-18 13:01 - 000000000 ____D C:\Users\Bosscoe\AppData\LocalLow\Mozilla
2017-08-08 11:31 - 2011-06-13 21:46 - 000000000 ____D C:\Windows\pss
2017-08-08 10:48 - 2011-02-20 13:35 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-08-08 10:20 - 2011-02-22 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vicon
2017-08-08 10:14 - 2012-03-19 12:38 - 000000000 ___RD C:\Users\Bosscoe\Desktop\DJ
2017-08-08 10:14 - 2011-02-20 13:49 - 000000000 ___RD C:\Users\Bosscoe\Desktop\Design Software
2017-08-08 09:55 - 2011-02-21 00:22 - 000448560 _____ C:\Users\Bosscoe\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-08 09:52 - 2009-07-14 14:45 - 005934512 _____ C:\Windows\system32\FNTCACHE.DAT
2017-08-08 09:47 - 2012-08-06 00:56 - 000000000 ____D C:\ProgramData\Nuance
2017-08-07 23:36 - 2011-11-05 00:31 - 000000000 ____D C:\Program Files\Speccy
2017-08-07 15:56 - 2015-04-14 16:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2017-08-07 14:36 - 2011-02-20 13:48 - 000000000 ___RD C:\Users\Bosscoe\Desktop\Desktop Programs
2017-08-07 14:32 - 2011-12-17 22:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-08-07 14:32 - 2011-02-20 14:15 - 000000000 ____D C:\ProgramData\Sony
2017-08-07 14:32 - 2011-02-20 14:15 - 000000000 ____D C:\Program Files (x86)\Sony
2017-08-07 14:25 - 2011-02-23 00:27 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2017-08-07 14:24 - 2011-10-26 00:02 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-07 14:24 - 2011-02-20 13:56 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-07 14:23 - 2011-02-20 14:53 - 000000000 ____D C:\Windows\SysWOW64\Adobe
2017-08-07 14:19 - 2015-03-05 15:47 - 000000000 ___DC C:\Temp
2017-08-06 22:02 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\SysWOW64\manifeststore
2017-08-06 13:56 - 2015-04-14 16:36 - 000000000 ____D C:\Users\Administrator
2017-08-06 13:56 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\registration
2017-08-06 11:26 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\system32\manifeststore
2017-08-06 00:17 - 2011-02-20 13:25 - 000000000 ____D C:\Users\Bosscoe
2017-08-05 23:59 - 2011-11-28 14:34 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\CrashDumps
2017-08-05 23:50 - 2011-02-20 13:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-05 20:40 - 2017-03-26 00:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-05 20:06 - 2017-01-28 14:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-08-04 12:41 - 2013-12-25 19:22 - 000000000 _____ C:\Users\Bosscoe\AppData\Local\Resmon.ResmonCfg
2017-08-04 10:52 - 2016-12-20 18:58 - 000000000 ____D C:\Windows\SysWOW64\tmp
2017-08-04 10:51 - 2017-01-25 11:00 - 000000166 _____ C:\Windows\SysWOW64\osver.cmd
2017-08-04 10:51 - 2017-01-25 11:00 - 000000137 _____ C:\Windows\SysWOW64\osver.vbs
2017-08-04 10:51 - 2017-01-25 11:00 - 000000002 _____ C:\Windows\SysWOW64\64.dat
2017-08-02 15:51 - 2009-07-14 13:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-08-02 15:51 - 2009-07-14 13:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-08-01 21:32 - 2015-04-13 13:42 - 000000000 ____D C:\Users\Bosscoe\.android
2017-08-01 02:12 - 2017-01-25 11:09 - 000011952 _____ C:\Windows\SysWOW64\getwork.dat
2017-07-31 22:58 - 2012-04-14 04:09 - 000000132 _____ C:\Users\Bosscoe\AppData\Roaming\Adobe PNG Format CS6 Prefs
2017-07-25 01:12 - 2014-07-25 15:52 - 000000000 ____D C:\Users\Bosscoe\dwhelper
2017-07-21 22:02 - 2014-05-21 10:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
2017-07-19 13:39 - 2017-05-22 09:56 - 000000000 ____D C:\ProgramData\HP
2017-07-19 13:31 - 2016-03-24 10:07 - 000000456 _____ C:\Windows\MYOBP.INI
2017-07-19 13:28 - 2016-03-24 10:07 - 000000053 _____ C:\Windows\MYOB.INI
2017-07-19 13:25 - 2016-03-24 10:05 - 000000663 _____ C:\Windows\openrda.ini
2017-07-19 13:19 - 2016-04-22 13:49 - 000000000 ____D C:\Users\Bosscoe\AppData\Local\Manager
2017-07-12 20:11 - 2015-06-01 01:33 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-12 04:06 - 2017-02-11 15:48 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-07-11 16:51 - 2011-02-22 13:45 - 000000000 ____D C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
 
==================== Files in the root of some directories =======
 
2011-06-29 16:59 - 2011-06-29 16:59 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe GIF Format CS5 Prefs
2011-06-18 19:43 - 2015-07-31 11:30 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
2015-07-31 13:06 - 2017-05-29 12:15 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
2011-04-07 10:46 - 2015-07-27 12:28 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe PNG Format CS5 Prefs
2012-04-14 04:09 - 2017-07-31 22:58 - 000000132 _____ () C:\Users\Bosscoe\AppData\Roaming\Adobe PNG Format CS6 Prefs
2011-06-12 15:54 - 2011-06-12 15:54 - 000016384 _____ () C:\Users\Bosscoe\AppData\Roaming\BO Config Tool.exe
2011-06-12 15:54 - 2011-06-12 15:54 - 000058134 _____ () C:\Users\Bosscoe\AppData\Roaming\Bosscoe3SQLite3.dll
2005-07-03 04:51 - 2011-06-13 21:37 - 000875862 ____H () C:\Users\Bosscoe\AppData\Roaming\Bosscoelog.dat
2012-12-05 20:20 - 2012-12-05 20:37 - 000035630 _____ () C:\Users\Bosscoe\AppData\Roaming\net.telestream.wirecast.xml
2012-12-05 20:20 - 2012-12-05 20:20 - 000014120 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_AFL0681655000_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000005028 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_AFL0681655000_brandingimage_main.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000014543 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_AFL9067099885_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000014186 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_AFL9067099885_brandingimage_main.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000004755 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_BAMBUSER_AFFILIATE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000003123 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_DACAST_AFFILIATE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000004149 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_HIGH_SCHOOL_CUBE_AFFIALITE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000001451 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_SHOWCASTER_AFFILIATE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000007122 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_STREAMING_MEDIA_HOSTING_AFFILIATE_ID_brandingimage_destination.png
2012-12-05 20:20 - 2012-12-05 20:20 - 000016966 _____ () C:\Users\Bosscoe\AppData\Roaming\net_telestream_wirecast_partner_NO_STRETCH_INTERNET_AFFIALITE_ID_brandingimage_destination.png
2011-03-01 02:12 - 2013-09-18 23:08 - 000001456 _____ () C:\Users\Bosscoe\AppData\Local\Adobe Save for Web 12.0 Prefs
2016-02-17 18:38 - 2017-03-06 13:26 - 000001456 _____ () C:\Users\Bosscoe\AppData\Local\Adobe Save for Web 13.0 Prefs
2011-03-18 16:06 - 2012-08-17 09:45 - 000084366 _____ () C:\Users\Bosscoe\AppData\Local\installer.log
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\lwui.exe
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\pvmk.exe
2016-12-02 09:33 - 2016-12-02 09:33 - 000000756 _____ () C:\Users\Bosscoe\AppData\Local\recently-used.xbel
2013-12-25 19:22 - 2017-08-04 12:41 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\Resmon.ResmonCfg
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\term.exe
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\Users\Bosscoe\AppData\Local\tklr.exe
2011-09-05 15:11 - 2011-09-05 23:37 - 000010566 ___SH () C:\Users\Bosscoe\AppData\Local\u7r60td74665673edn0gf4gd1288yakn408f68d0743j3ev
2017-05-22 09:55 - 2017-05-22 09:55 - 000000057 _____ () C:\ProgramData\Ament.ini
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\ProgramData\ftne.exe
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\ProgramData\lllr.exe
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\ProgramData\sitg.exe
2011-09-05 15:11 - 2011-09-05 23:37 - 000010566 ___SH () C:\ProgramData\u7r60td74665673edn0gf4gd1288yakn408f68d0743j3ev
2011-09-05 15:11 - 2011-09-05 15:11 - 000000000 _____ () C:\ProgramData\xtil.exe
 
Files to move or delete:
====================
C:\ProgramData\ftne.exe
C:\ProgramData\lllr.exe
C:\ProgramData\sitg.exe
C:\ProgramData\xtil.exe
 
 
Some files in TEMP:
====================
2017-08-09 10:31 - 2017-08-09 10:31 - 001987072 _____ (CPUID) C:\Users\Bosscoe\AppData\Local\Temp\speccycpuid.dll
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-08-08 10:40
 
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2017
Ran by Bosscoe (09-08-2017 10:44:32)
Running from F:\Firefox Downloads\Firefox Downloads
Windows 7 Professional Service Pack 1 (X64) (2011-02-20 03:25:49)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1337583389-873375944-2258466276-500 - Administrator - Enabled) => C:\Users\Administrator
Bosscoe (S-1-5-21-1337583389-873375944-2258466276-1000 - Administrator - Enabled) => C:\Users\Bosscoe
Guest (S-1-5-21-1337583389-873375944-2258466276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1337583389-873375944-2258466276-1003 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1530 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Dreamweaver CS6 (HKLM-x32\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12 - Adobe Systems Incorporated)
Adobe Illustrator CS5 (HKLM-x32\...\{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}) (Version: 15.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{32739B6F-1E47-C6E4-26CB-C04E25D8120C}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.76 - NVIDIA Corporation) Hidden
ArchiCAD 15 R1 INT (HKLM\...\001FFF2FFF15FF00FF0701F01F02F000-R1) (Version: 15.0 - Graphisoft)
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (HKLM-x32\...\InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}) (Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (HKLM-x32\...\InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}) (Version:  - ) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Corel Update Manager (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.3.201 - Corel corporation) Hidden
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Effects Suite 64-bit (HKLM\...\{05250050-34CD-4303-9194-5FEA45CB2E36}) (Version: 10.0.1 - Red Giant Software) Hidden
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{05250050-34CD-4303-9194-5FEA45CB2E36}) (Version: 10.0.1 - Red Giant Software)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
ESET NOD32 Antivirus (HKLM\...\{3B4AB7BA-0734-4547-9604-3FCC40873B3D}) (Version: 10.1.219.0 - ESET, spol. s r.o.)
FileHippo.com Update Checker (HKLM-x32\...\FileHippo.com) (Version:  - )
FumeFX 2.1 R2012 64-bit (HKLM-x32\...\{199A019C-739D-4BA1-9B4B-90AB3EE31900}) (Version:  - )
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GenArts Sapphire Plug-ins 2.06 for After Effects and Compatible (HKLM-x32\...\GenArts Sapphire Plug-ins for After Effects_is1) (Version:  - )
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000B8301}) (Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\{5454083B-1308-4485-BF17-1110000D8301}) (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{861927A3-8B12-4BF8-9F2A-7A4ED4C40096}) (Version: 4.1.2 - Riot Games) Hidden
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
Magic Bullet PhotoLooks (HKLM-x32\...\Magic Bullet PhotoLooks) (Version:  - )
Magic Bullet Suite 64-bit (HKLM\...\{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{26055432-339E-4776-803B-F22240B91864}) (Version: 11.1.2 - Red Giant Software)
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office 2007 Primary Interop Assemblies (HKLM-x32\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Save as PDF Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B0-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic PowerPacks 10.0 (HKLM-x32\...\{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}) (Version: 10.0.20911 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.31007 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.0.6424 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 en-US)) (Version: 52.2.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.76 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.7.0.81 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.7.0.81 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.76 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.76 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.7.0.81 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.6.1.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
ParticleShop - Core (HKLM\...\{08E7567C-74B3-4956-B575-F55BFCC77C31}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM (HKLM\...\{9E99AA1D-F1DC-442D-B9D9-8DD3EE529AE9}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop - IPM Content (HKLM\...\{67BDB811-383B-4D2B-870E-F27D2511F200}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3.0.570 - Corel Corporation)
ParticleShop (HKLM\...\{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.3 - Corel Corporation) Hidden
ParticleShop (HKLM\...\{D4F483F8-71F1-457F-AB1B-31C61529B658}) (Version: 1.3 - Corel Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (HKLM-x32\...\{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}) (Version: 9.0 - RealNetworks, Inc) Hidden
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.73.618.2013 - Realtek)
RealUpgrade 1.1 (HKLM-x32\...\{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}) (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Samsung Auto Backup (HKLM-x32\...\{821D6F49-1B20-4809-8C73-286CFC52B1B1}) (Version: 4.1.371.0 - Clarus)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0380 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.13 - Piriform)
SUPER STREET FIGHTER IV: ARCADE EDITION (HKLM-x32\...\{43430FA0-4A2E-404A-B715-951000028101}) (Version: 1.0.0002.129 - CAPCOM U.S.A., INC) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.2.0 - Topaz Labs, LLC)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Vicon boujou 5.0 (HKLM-x32\...\{A70B1A8B-24B4-4204-9E46-D14CBC49093E}) (Version: 5.0.0 - Vicon Motion Systems)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.0 (HKLM\...\VulkanRT1.0.3.0) (Version: 1.0.3.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
Windows Assessment and Deployment Kit - Windows 10 (HKLM-x32\...\{39ebb79f-797c-418f-b329-97cfdf92b7ab}) (Version: 10.1.14393.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.00 beta 6 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.6 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1337583389-873375944-2258466276-1000_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Corporation)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers1-x32: [SimpleShlExt] -> {A53118EA-E89E-49BD-AB1B-AB180BB12CFE} => C:\Program Files (x86)\Clarus\Samsung Auto Backup\ShContextMenu.dll [2010-07-28] (Clarus, Inc.)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-02-08] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-02-08] ()
ContextMenuHandlers1-x32-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2013-08-23] ()
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers4-x32: [SimpleShlExt] -> {A53118EA-E89E-49BD-AB1B-AB180BB12CFE} => C:\Program Files (x86)\Clarus\Samsung Auto Backup\ShContextMenu.dll [2010-07-28] (Clarus, Inc.)
ContextMenuHandlers4-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-02-08] ()
ContextMenuHandlers4-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-02-08] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-11-05] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [DreamScene] -> {BE800AEB-A440-4B63-94CD-AA6B43647DF9} => C:\Windows\System32\DreamScene.dll [2011-03-01] (Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-06-28] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-06-13] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-02-08] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-02-08] ()
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {089172D3-8A52-45CB-BD95-AB19F45C0002} - System32\Tasks\{47D5201F-E766-40FD-82EB-F4C1B18ED3A5} => C:\Program Files (x86)\MasterBox\MasterBox.exe
Task: {1B9ED9AF-229F-4A7C-8C0C-3777F4BFB027} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {24439B3B-F860-47CA-AF23-E330167567C6} - System32\Tasks\{17844133-D36F-4EEE-B59A-3F30E6461C47} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {27F49B1A-295B-4609-A0B6-95B11056D586} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-06-21] (NVIDIA Corporation)
Task: {2C73A536-7296-4081-868C-5233C1F03BCF} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)
Task: {2E159C60-3885-476E-B076-41F2CE7042D1} - System32\Tasks\{C55DAF05-8BE2-4957-9ABB-38CD09B12A7C} => C:\Windows\system32\pcalua.exe -a F:\Bosscoe-Studio\ArchiCAD\Install\Uninstall.AC\uninstaller.exe
Task: {2EA8CCD2-0436-43B2-8E8D-29EAC59F050F} - System32\Tasks\{8924D90E-F70B-48D0-BA8A-47E99023E80D} => C:\Windows\system32\pcalua.exe -a "F:\Firefox Downloads\Firefox Downloads 2\OffercastInstaller.exe" -d "F:\Firefox Downloads\Firefox Downloads 2"
Task: {31B08594-E1BD-461F-8ED5-D593400CB6D5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-06-21] (NVIDIA Corporation)
Task: {43F9FBEB-6E30-4D36-BABE-E815DC87FBFB} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-06-21] (NVIDIA Corporation)
Task: {56130510-827A-4EE0-A313-0A96A406F34B} - System32\Tasks\HP online update program => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
Task: {57CF27AA-257A-42B1-9CD8-28BF176EF99F} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-07-24] (Corel Corporation)
Task: {5B15C4C1-FCA9-4657-B554-BD51FF595958} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {5DA8BAAE-F1DA-4B9D-9833-092D90CBA729} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\realplayer\update\realsched.exe [2012-08-21] (RealNetworks, Inc.)
Task: {7A1A4222-B789-4670-810C-C28CD8081BE8} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-06-21] (NVIDIA Corporation)
Task: {7C532509-D68B-4B96-9421-22A11BD1CC5D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {8B48A0A1-EE3E-458B-8D94-C82BE0B1A3FE} - System32\Tasks\{F628C2A6-DEB1-4108-BD4F-A4E789ADB2DF} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {962015B8-51E6-49D5-B763-EDCFB0390629} - System32\Tasks\{41A0C290-B4BD-43CD-87EE-E6E7C011DDE8} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~2\PACIFI~1\UNWISE.EXE -c C:\PROGRA~2\PACIFI~1\INSTALL.LOG
Task: {A10A72A9-CCC8-4947-AA30-A0007ABD1709} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-02-13] (Piriform Ltd)
Task: {A28EF54D-3B52-42E5-8CC7-77CBDA09B822} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: {AB75116D-0825-447B-BC76-CC04EF959BA1} - System32\Tasks\{62247D23-618F-4530-A14B-62C0966B71E8} => C:\Windows\system32\pcalua.exe -a C:\Users\Bosscoe\Downloads\pbsetup\pbsetup.exe -d C:\Users\Bosscoe\Downloads\pbsetup
Task: {CA8E2CDF-76F3-4098-BB6A-FF2F62B14E31} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-06-21] (NVIDIA Corporation)
Task: {D94DFEAD-EA57-48E2-9672-CB83D91C533F} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-06-21] (NVIDIA Corporation)
Task: {E21A903F-87FA-49B6-8FED-BC0DBCA43E2E} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {E54CEC21-24CB-4D13-94C6-27EEFCCFA6F2} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {F4DDEE11-D980-4FDE-BBD8-30BFC2A3FF06} - System32\Tasks\CorelUpdateHelperTask => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2017-07-24] (Corel Corporation)
Task: {FD7C72C5-A646-4863-A26C-CA33D2072041} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Driver Booster SkipUAC (Bosscoe).job => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
Task: C:\Windows\Tasks\RunAsStdUser Task.job => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\NoteIcon.exe C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-11-01 19:27 - 2013-08-23 12:36 - 000721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2011-02-20 13:50 - 2011-02-08 14:42 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll
2017-03-22 23:37 - 2017-06-21 17:07 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2009-03-30 16:32 - 2009-03-30 16:32 - 000032768 ____R () C:\Windows\DAODx.exe
2017-03-22 23:37 - 2017-06-21 17:07 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-06-02 00:17 - 2016-06-02 00:17 - 000144832 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 002632640 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000554944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000041920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000039872 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000086464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000078272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 002231744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000114112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000245184 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000089536 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000055744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000072128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000598976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000771520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000131520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000052672 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000145856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 001566656 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000334784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 001265600 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000069568 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000242624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000048576 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 012001728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000046528 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000681408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000137152 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000026560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000086976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000026560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000100800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000261056 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000298944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 001291200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000754624 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000344512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000052160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000456128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000035776 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000157632 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 002680768 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000356288 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000028096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000031680 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000370112 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000121792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 014929344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 001782208 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000038336 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 001568704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000067008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000789952 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000038848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000030144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000746432 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000036800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000125888 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000065472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000028608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000024512 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000031168 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000027584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000029120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000037824 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000024000 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000023488 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000022976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000022464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000027072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 000059840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll
2016-06-02 00:18 - 2016-06-02 00:18 - 001504704 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2016-06-02 00:19 - 2016-06-02 00:19 - 000041408 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences [514]
AlternateDataStreams: C:\ProgramData\TEMP:888AFB86 [110]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\Software\Classes\exefile: "%1" %* <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\com -> hxxp://*.Wondershare.com
IE trusted site: HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\skype.com -> hxxps://clientlogin.cdn.skype.com
IE trusted site: HKU\S-1-5-21-1337583389-873375944-2258466276-1000\...\webcompanion.com -> hxxp://webcompanion.com
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2011-02-21 00:19 - 2017-05-25 21:54 - 000001248 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1337583389-873375944-2258466276-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bosscoe\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: UxTuneUp => 2
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^UltraMon.lnk => C:\Windows\pss\UltraMon.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Sony PC Companion => "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
MSCONFIG\startupreg: Steam => "F:\Steam\steam.exe" -silent
MSCONFIG\startupreg: uTorrent => "C:\Users\Bosscoe\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{EE4BC180-9673-4201-B951-D9191FE84817}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [UDP Query User{440B3026-A335-44B0-9CEB-0251014B0404}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [TCP Query User{D97619D5-0AA4-443D-8ADD-C122E207F0D4}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [UDP Query User{34579A37-8D2A-499D-A3AD-322973BBB1C8}E:\steam\steam.exe] => (Allow) E:\steam\steam.exe
FirewallRules: [{E1BB697C-2DE1-4D5A-AC9E-F00104CB12AA}] => (Allow) LPort=9322
FirewallRules: [{F080C849-0F0C-444C-9E6E-DCC6AD38F7C6}] => (Allow) LPort=9323
FirewallRules: [{F5415E94-ADB1-4631-9F4C-5783709BA321}] => (Allow) LPort=9323
FirewallRules: [TCP Query User{76E38839-825A-496F-8126-6252356278E4}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{B1E9A4EF-2E9B-41E1-8EE7-678A93FAFDDA}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [{5017B9BF-55EA-40C2-9B51-C6514D309A31}] => (Allow) LPort=49167
FirewallRules: [{0EDDAAE6-01E4-4A85-AC3C-6315A8836C3A}] => (Allow) LPort=5000
FirewallRules: [{5926A668-18BB-4588-AD25-22C2444BFC51}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9989C56B-763E-4EAA-B7EC-BB62F08B556E}] => (Allow) LPort=2869
FirewallRules: [{7F6CAB02-FBF2-41FF-8C1D-15D85162A869}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{99BF72BB-FF89-42FF-AB68-00B1C0CD6653}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{2DA270A5-5E2D-4DC0-9130-E8E66BCC8240}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{A98BB15E-1416-4E61-B095-2A6682802C43}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{48B06D3F-4320-4E43-86A6-22C9A11A8EE7}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{CAE6651F-B2AB-4A5E-9150-8AD7079ADF93}C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe] => (Allow) C:\program files\adobe\adobe photoshop cs5 (64 bit)\photoshop.exe
FirewallRules: [{BF2AB77A-6937-4EB7-908B-93ACE6CAC8D7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{622418D1-3604-49E4-90C8-59B13AA0F467}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{8FAA4F38-2026-42E7-A514-81482E863FD6}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{EF6B7284-E823-4A7D-9940-58FB965A15C4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{64F1B81C-1A2E-44A1-ABD1-E4B0D3197159}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{B7F63603-36D3-4106-AE2B-6E44713F9309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{FD6BE8E5-F013-4B94-99FB-903ED4D94077}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe
FirewallRules: [UDP Query User{FC43CDE5-B76B-4659-9D76-E27134DC1475}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe
FirewallRules: [TCP Query User{EF0E5947-2F04-4168-BA35-4B0DA4A6B513}F:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe] => (Allow) F:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe
FirewallRules: [UDP Query User{97E9173B-8DB1-47F1-93DD-A9F6FD156CA7}F:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe] => (Allow) F:\steam\steamapps\common\call of duty modern warfare 2\iw4m.exe
FirewallRules: [{71CFB545-ACB0-43EF-9A90-B8D577AC4AF0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9465D0F0-F916-440D-B42A-7E00EAB71488}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{34A11A97-6DEB-47C7-860B-D0DC9F1BB026}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{042E8343-9CE4-424E-812B-16A32504BB5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9C78D8EB-C68D-4204-8237-0681907E0D63}] => (Allow) C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{42BE02CE-25EF-4826-BD2B-2B07F89844A7}] => (Allow) C:\Users\Bosscoe\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{4CFA4DA6-AA61-408C-922C-3B0BD01BBE31}] => (Allow) F:\Bosscoe-Studio\ArchiCAD\Install\ArchiCAD.exe
FirewallRules: [{6F3BEC2B-A161-472D-98B1-0A355D562277}] => (Allow) F:\Bosscoe-Studio\ArchiCAD\Install\ArchiCAD.exe
FirewallRules: [{11859CD5-2CAE-4A9B-BEB1-09FB1040DE4C}] => (Allow) F:\Bosscoe-Studio\ArchiCAD\Install\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [{019C90BD-7B8A-4622-A4B2-EDA14C3E4232}] => (Allow) F:\Bosscoe-Studio\ArchiCAD\Install\GSQuickTimeServer\GSQTServer.exe
FirewallRules: [TCP Query User{F998C04F-0AF1-46E7-B93D-02BA33FF0947}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe] => (Block) C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe
FirewallRules: [UDP Query User{47E3A0A2-DA22-4C97-9348-9A47C048D03E}C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe] => (Block) C:\program files\onone software\perfect resize 7.5\perfect resize 7.5.exe
FirewallRules: [TCP Query User{3D547069-D6AD-4F2E-A1AE-BB1ACA4D50A9}F:\sony\vegas120.exe] => (Allow) F:\sony\vegas120.exe
FirewallRules: [UDP Query User{8544B9B6-4F73-4735-8928-A10D3CC96846}F:\sony\vegas120.exe] => (Allow) F:\sony\vegas120.exe
FirewallRules: [TCP Query User{ACAA4A58-E54D-44F9-8770-AD1A73344053}F:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) F:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{C9BD3F3B-3826-4CA7-AAD6-F8A332CE393B}F:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) F:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{090EF6E0-D77B-4487-818C-F52F70F86A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{3D3FE008-33B6-45BA-811C-CB18518D2842}C:\users\bosscoe\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\bosscoe\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{53627182-66DC-4B28-AF0F-1144B76E7F3B}C:\users\bosscoe\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\bosscoe\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{4B0BA603-A98F-449A-AF6B-3A08E1A0B9C4}F:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) F:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [UDP Query User{FA0A9E66-95EC-4600-A9F0-6B5EBFDBDC13}F:\steam\steamapps\common\counter-strike source\hl2.exe] => (Allow) F:\steam\steamapps\common\counter-strike source\hl2.exe
FirewallRules: [{5B7FEA5C-BB57-4CA1-B336-3B9BF5656BE5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0AA0A131-E9B4-4581-AA01-F76BC0F8DC89}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{16CEB304-9CCC-4379-A0B7-7DF6B7161DE7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F34A52C5-6139-49B9-BC74-6C1B67E21CA3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{B4839FD0-BC00-48CF-ACA2-ADF79872BD10}F:\sony\vegas120.exe] => (Allow) F:\sony\vegas120.exe
FirewallRules: [UDP Query User{4473D654-3DFE-4B33-83D4-9BF47FC6BFF8}F:\sony\vegas120.exe] => (Allow) F:\sony\vegas120.exe
FirewallRules: [{49F970E6-F7E1-4EE7-865A-9A074918DD86}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [{A7055F11-1A84-49B6-9871-03C50D09AD21}] => (Allow) F:\Steam\Steam.exe
FirewallRules: [TCP Query User{80A8643F-F952-42FB-83F3-48F98FC35B09}F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{91DEFF90-BFBA-4533-AE1B-784E0411A3C3}F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe
FirewallRules: [{A5DFFE82-E04B-4F2E-84A0-2D03A584A490}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C1C52E13-07E6-46B7-AE10-0383D534701F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{568C478A-9015-43CB-A6C0-B9B660142875}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{9E74CAE7-90FA-49EB-BC76-A2F54AE99863}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [TCP Query User{29A1861C-2313-4BE1-9343-37F0A5E5B72A}F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe
FirewallRules: [UDP Query User{46275D7E-30BF-465C-9E0F-5FF2B8D78EEB}F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe] => (Allow) F:\adobe\new folder\adobe photoshop cs6 (64 bit)\photoshop.exe
FirewallRules: [{DD24ACC9-8D61-4356-ACE1-42B67AB736E7}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2F98F781-AB49-4419-8B80-5C32338A1452}] => (Allow) F:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{1248060D-3DEC-402C-8268-86FF6FDF1800}F:\firefox downloads\firefox downloads\skype\skype.exe] => (Allow) F:\firefox downloads\firefox downloads\skype\skype.exe
FirewallRules: [UDP Query User{8EC9491D-8DCC-4618-A92D-349C7360E35E}F:\firefox downloads\firefox downloads\skype\skype.exe] => (Allow) F:\firefox downloads\firefox downloads\skype\skype.exe
FirewallRules: [{8449B848-ADF3-4786-B940-B8E1F653929A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EDC2D277-D466-4C9B-87B2-B16838B5F095}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D90C7D99-3E3E-4617-93F9-B044AE46A0AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{2FBB4F14-2B4B-485B-82B1-E49DA24A3FEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8F47A7EC-E6FE-470C-857C-9C29790CAD5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{04CB3E74-1DF1-4AF2-BF58-36C2EDC95DAE}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{FB238ED7-8265-421C-81B6-08313B0B746C}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{405DA858-F17F-470E-8233-3E19FC988D01}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E867D271-5E68-438A-8938-DAF7C99F9296}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{3EF1C433-606D-4334-B2DE-75EF0B503DA6}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{B74B6A0A-180A-4F3F-9166-2CF2DAF6D91E}] => (Allow) F:\Steam\steamapps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{8A310D2A-A442-41D2-9CE5-AC704B467EA1}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{FBA9D22F-CDE6-4F91-AA68-72F78B7C59EA}] => (Allow) F:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{DBDBB100-DB7C-47B5-A480-317F8BECD25C}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{E6E4F862-221D-4B09-8A08-9E76448762FB}C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_121\bin\javaw.exe
 
==================== Restore Points =========================
 
09-08-2017 01:17:59 Windows Assessment and Deployment Kit - Windows 10
09-08-2017 01:36:06 Removed TuneUp Utilities 2013
09-08-2017 01:38:49 Removed TuneUp Utilities Language Pack (en-US)
09-08-2017 01:44:47 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Realtek PCI GBE Family Controller
Description: Realtek PCI GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/09/2017 10:29:57 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (08/09/2017 10:18:11 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (08/09/2017 10:18:11 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (08/09/2017 10:16:05 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code.
 
Error: (08/09/2017 09:52:28 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (08/09/2017 09:31:01 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (08/09/2017 03:08:23 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
Error: (08/09/2017 02:41:33 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
 
 
System errors:
=============
Error: (08/09/2017 10:38:08 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:38:08 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:34:07 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:34:07 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error: (08/09/2017 10:32:26 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.
 
 
CodeIntegrity:
===================================
  Date: 2017-08-02 12:39:26.485
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10635\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-02 12:39:25.268
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10635\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-02 12:39:24.067
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10635\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-02 12:39:21.197
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10632\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-02 12:39:20.510
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10632\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-02 12:39:19.871
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10632\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-02 12:39:18.186
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10620\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-02 12:39:17.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10620\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-08-02 12:39:17.421
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\ESET\ESET NOD32 Antivirus\Modules\em023_64\10620\em023_64.dll.raw because the set of per-page image hashes could not be found on the system.
 
  Date: 2017-04-07 20:33:22.025
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X4 640 Processor
Percentage of memory in use: 21%
Total physical RAM: 8190.18 MB
Available physical RAM: 6437.45 MB
Total Virtual: 16378.54 MB
Available Virtual: 14526.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:74.52 GB) (Free:4.91 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: () (Fixed) (Total:931.51 GB) (Free:123.28 GB) NTFS
 
==================== MBR & Partition Table ==================
 
==================== End of Addition.txt ============================

Attached Files


  • 0

#94
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,320 posts
  • MVP

C: drive is dying.  

 

S.M.A.R.T
01 Read Error Rate 200 (199 worst) Data 00000011B2
03 Spin-Up Time 162 (034) Data 0000000B32
04 Start/Stop Count 093 (093) Data 0000001EB1
05 Reallocated Sectors Count 178 (178) Data 00000000B0
07 Seek Error Rate 200 (200) Data 0000000000
09 Power-On Hours (POH) 025 (025) Data 000000D749
0A Spin Retry Count 100 (100) Data 0000000000
0B Recalibration Retries 100 (100) Data 0000000000
0C Device Power Cycle Count 093 (093) Data 0000001E1B
C0 Power-off Retract Count 194 (194) Data 0000001270
C1 Load/Unload Cycle Count 197 (197) Data 00000029E0
C2 Temperature 114 (087) Data 000000001D
C4 Reallocation Event Count 144 (144) Data 0000000038
C5 Current Pending Sector Count 200 (200) Data 0000000005
C6 Uncorrectable Sector Count 200 (200) Data 0000000000
C7 UltraDMA CRC Error Count 200 (199) Data 000003BBDE
C8 Write Error Rate / Multi-Zone Error Rate 200 (200) Data 0000000004

 

 
 
Items in bold are not good.  Clone as soon as possible. You have a Western Digital Blue WD800AAJS 80GB 7200 RPM 8MB Cache SATA 3.0Gb/s 3.5" Internal Hard Drive Get a bigger drive while you are at it.  500 GB or 1 TB are about the same price.  But look for a Western Digital BLACK.  
 
Are you watching a movie?  VLC seems to have a lot of loaded modules.  If you are not watching a video then uninstall VLC.
Your F: drive needs a disk check.
1. Double-click My Computer, and then right-click the hard disk that you want to check. F:
2. Click Properties, and then click Tools.
3. Under Error-checking, click Check Now. A dialog box that shows the Check disk options is displayed,
4. Check both boxes and then click Start.
You may receive the following message:
The disk check could not be performed because the disk check utility needs exclusive access to some Windows files on the disk. These files can be accessed by restarting Windows. Do you want to schedule the disk check to occur the next time you restart the computer?
Click Yes to schedule the disk check.
 
 
 
 
Download the attached fixlist.txt to the same location as FRST
 
 
Run FRST and press Fix
A fix log will be generated please post that 
 
reboot.
 
Enable network adapter.  Is it still bad?  If so Disable network adapter.
 
 
Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
 

 


  • 0

#95
Bosscoe

Bosscoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts

wow thats amazing how you picked it up from the logs, good work. I picked up a hdd as well ysterday, a 1tb WD10EZEX 64mb WD Blue only went with it because of the price. Will follow youtube instructions on how to clone. and get back to you with the frst logs.


  • 0

#96
Bosscoe

Bosscoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts

attached logs, still no luck when network adapter is enabled. Just wondering, if I clone my hdd, will this issue carry onto the new hdd?

Attached Files


Edited by Bosscoe, 08 August 2017 - 09:44 PM.

  • 0

#97
RKinner

RKinner

    Malware Expert

  • Expert
  • 23,320 posts
  • MVP

Possible.  But then again the failing hdd may be the source of the problem.

 



Error: (08/09/2017 01:14:31 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.
 

 

 

 
Better do a disk check on your USB drive too unless this is actually F: and the numbering changed with the addition of the USB drive.
 
I have one more networking fix:
 

Do you have the file:
 
C:\WINDOWS\inf\nettcpip.inf
 
IF so.  Back up your registry:
 
 
Then see if you can follow the steps in the Hardcore method when nothing else is working section on
 
 
The instructions are for XP but I don't think there is any difference.  If you back up your registry first you can revert back if it doesn't work.
 
Bedtime for me.
 

  • 0

#98
Bosscoe

Bosscoe

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 122 posts

 

Possible.  But then again the failing hdd may be the source of the problem.

 



Error: (08/09/2017 01:14:31 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk3\DR3.
 

 

 

 
Better do a disk check on your USB drive too unless this is actually F: and the numbering changed with the addition of the USB drive.
 
I have one more networking fix:
 

Do you have the file:
 
C:\WINDOWS\inf\nettcpip.inf
 
IF so.  Back up your registry:
 
 
Then see if you can follow the steps in the Hardcore method when nothing else is working section on
 
 
The instructions are for XP but I don't think there is any difference.  If you back up your registry first you can revert back if it doesn't work.
 
Bedtime for me.
 

 

Alright no luck, only thing it done was prevent my internet from working lol, but that's ok. I highly appreciate the time and effort you've taken out to help me, I truly do. You can mark this as solved as I believe we tried everything we could. The best option for me here is to just install the new HDD, fresh install of windows. Can't wait to throw the current HDD in the fire, looking forward to it. Thank you once again RKinner.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP