After leaving my PC off for a couple weeks I've come back to serious issues on it, mostly revolving around use of internet, with constant crashes in Firefox and BSOD's while browsing, also I have tried installing the Windows update "2017-09 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4038777)" and cannot do so, I have tried running the windows troubleshooting tool in Control Panel and re-booting in safe mode and deleting the files in the C:/Windows/Softwaredistribution folder. I have tried running Malwarebytes and Windows Security Essentials, neither came back with anything though. Here is the FRST scan
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2017 01
Ran by Warren (administrator) on WARREN-PC (17-09-2017 21:32:23)
Running from C:\Users\Warren\Desktop
Loaded Profiles: Warren (Available Profiles: Warren & Mcx1-WARREN-PC)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Spotify Ltd) C:\Users\Warren\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CMedia) C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1353680 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\Run: [Spotify Web Helper] => C:\Users\Warren\AppData\Roaming\Spotify\SpotifyWebHelper.exe [777840 2017-09-05] (Spotify Ltd)
HKU\S-1-5-21-143088597-1759118391-1618591540-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2013-06-09]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6DF1ED97-4457-456E-A145-8F036FC3A4BC}: [DhcpNameServer] 192.168.169.1
Tcpip\..\Interfaces\{D5ED5B49-7AB2-4096-A07C-F255842A3F87}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-143088597-1759118391-1618591540-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKU\S-1-5-21-143088597-1759118391-1618591540-1000 -> DefaultScope {5FC5FDC7-141D-4AE8-87DF-966F1142430D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-143088597-1759118391-1618591540-1000 -> {0A06A00E-FE0E-4CCE-A544-288D03227C32} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-143088597-1759118391-1618591540-1000 -> {5291B8F8-68ED-4D2A-B3F8-9B8F80CF80EF} URL =
SearchScopes: HKU\S-1-5-21-143088597-1759118391-1618591540-1000 -> {5FC5FDC7-141D-4AE8-87DF-966F1142430D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-06] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-06] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-143088597-1759118391-1618591540-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {8167C273-DF59-4416-B647-C8BB2C7EE83E} hxxp://liveupdate.msi.com.tw/autobios/LOnline/install.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
FireFox:
========
FF DefaultProfile: tgxm0pth.default-1472601473002-1504706706118
FF ProfilePath: C:\Users\Warren\AppData\Roaming\Mozilla\Firefox\Profiles\tgxm0pth.default-1472601473002-1504706706118 [2017-09-17]
FF Extension: (Adblock Plus) - C:\Users\Warren\AppData\Roaming\Mozilla\Firefox\Profiles\tgxm0pth.default-1472601473002-1504706706118\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-09-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-11-09] [not signed]
FF HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin-x32: @esn/esnlaunch,version=1.102.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @gametap.com/npdd,version=1.0 -> C:\Program Files (x86)\Downloader\npdd.dll [2010-02-19] (Metaboli)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-07-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-07-18] (NVIDIA Corporation)
FF Plugin-x32: @t-immersion.com/DFusionHomeWebPlugIn -> C:\Program Files (x86)\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll [2011-06-30] (Total Immersion)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2011-06-07] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-143088597-1759118391-1618591540-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2017-01-18] ()
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default [2017-09-12]
CHR Extension: (Google Slides) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-09]
CHR Extension: (Google Docs) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-09]
CHR Extension: (Google Drive) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-09]
CHR Extension: (YouTube) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-09]
CHR Extension: (Adblock Plus) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-17]
CHR Extension: (Google Sheets) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-09]
CHR Extension: (Google Docs Offline) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-09]
CHR Extension: (Ace Stream Web Extension) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2016-11-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-13]
CHR Extension: (Gmail) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-09]
CHR Extension: (Chrome Media Router) - C:\Users\Warren\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-22]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [284224 2016-10-26] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6581824 2016-10-28] (GOG.com)
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-07-18] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2169696 2017-07-25] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3149672 2017-07-25] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2017-02-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2016-11-10] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-11-12] (REALiX)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
S3 MSI_DVD_010507; C:\Program Files\MSI\MSIWDev\DVDSYS64_100507.sys [28984 2010-05-10] (Your Corporation)
S3 MSI_MSIBIOS_010507; C:\Program Files\MSI\MSIWDev\msibios64_100507.sys [33592 2010-05-10] (Your Corporation)
S3 MSI_VGASYS_010507; C:\Program Files\MSI\MSIWDev\VGASYS64_100507.sys [14960 2010-05-10] () [File not signed]
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2017-01-18] ()
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-13] (Microsoft Corporation)
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S4 nvvhci; system32\DRIVERS\nvvhci.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S0 xhtrraav; System32\drivers\tqtpvkns.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-17 21:32 - 2017-09-17 21:33 - 000018587 _____ C:\Users\Warren\Desktop\FRST.txt
2017-09-17 21:32 - 2017-09-17 21:32 - 000000000 ___DC C:\FRST
2017-09-17 21:31 - 2017-09-17 21:31 - 002399744 _____ (Farbar) C:\Users\Warren\Desktop\FRST64.exe
2017-09-17 19:26 - 2017-09-17 19:27 - 000160690 _____ C:\Windows\ntbtlog.txt
2017-09-16 15:11 - 2017-09-16 15:11 - 000001462 _____ C:\Users\Public\Desktop\Data Lifeguard Diagnostic for Windows.lnk
2017-09-16 15:10 - 2017-09-16 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital Corporation
2017-09-16 15:10 - 2017-09-16 15:10 - 000000000 ____D C:\Program Files (x86)\Western Digital Corporation
2017-09-16 12:30 - 2017-09-16 12:30 - 008867840 _____ C:\Users\Warren\Downloads\SeaToolsDOS223ALL.ISO
2017-09-16 09:23 - 2017-09-16 09:23 - 000626499 _____ C:\Users\Warren\Downloads\SeaTools-for-windows-en-us.pdf
2017-09-16 09:16 - 2017-09-16 09:16 - 000001401 _____ C:\Users\Public\Desktop\SeaTools for Windows.lnk
2017-09-16 09:16 - 2017-09-16 09:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2017-09-16 09:16 - 2017-09-16 09:16 - 000000000 ____D C:\Program Files (x86)\Seagate
2017-09-16 09:15 - 2017-09-16 09:15 - 026141488 _____ (Seagate Technology LLC) C:\Users\Warren\Downloads\SeaToolsforWindowsSetup.exe
2017-09-13 04:55 - 2013-08-10 16:39 - 001839104 _____ C:\Users\Warren\Downloads\memtest86+-5.01.iso
2017-09-12 20:12 - 2017-09-12 20:12 - 000059435 _____ C:\Users\Warren\Downloads\memtest86+-5.01.iso.zip
2017-09-12 17:44 - 2017-09-12 17:44 - 000000000 ____D C:\Users\Warren\AppData\LocalLow\uTorrent
2017-09-10 19:07 - 2017-09-10 19:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-09-10 19:03 - 2017-07-18 19:24 - 006463608 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-09-10 19:03 - 2017-07-18 19:24 - 002479040 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-09-10 19:03 - 2017-07-18 19:24 - 001762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-09-10 19:03 - 2017-07-18 19:24 - 000549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-09-10 19:03 - 2017-07-18 19:24 - 000392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-09-10 19:03 - 2017-07-18 19:24 - 000081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-09-10 19:03 - 2017-07-18 19:24 - 000069752 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-09-10 19:03 - 2017-07-18 18:38 - 000135800 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-09-10 19:03 - 2017-07-12 21:37 - 008095171 _____ C:\Windows\system32\nvcoproc.bin
2017-09-10 18:43 - 2017-08-03 16:02 - 000521664 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-09-10 18:43 - 2017-08-03 16:02 - 000427456 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-09-10 18:43 - 2017-07-18 18:54 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2017-09-10 18:17 - 2017-09-10 18:19 - 414447096 _____ (NVIDIA Corporation) C:\Users\Warren\Downloads\385.41-desktop-win8-win7-64bit-international-whql.exe
2017-09-09 14:35 - 2017-09-09 14:35 - 002203208 _____ C:\Users\Warren\Desktop\WARREN-PC-Sat_09_09_2017_143111_16.zip
2017-09-09 14:18 - 2017-09-09 14:35 - 000000000 ____D C:\Users\Warren\Desktop\SFdebugFiles
2017-09-09 14:18 - 2017-09-09 14:18 - 000314008 _____ C:\Users\Warren\Downloads\dm log collector.exe
2017-09-09 13:51 - 2017-09-09 13:51 - 000032496 _____ C:\Windows\Minidump\090917-27331-01.rar
2017-09-09 13:46 - 2017-09-09 13:46 - 000000868 _____ C:\Windows\Minidump\090917-27331-01.dmp - Shortcut.lnk
2017-09-06 09:13 - 2017-09-06 09:13 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-09-06 09:13 - 2017-09-06 09:13 - 000000000 ____D C:\Program Files (x86)\Java
2017-09-06 09:11 - 2017-09-06 09:11 - 000000000 _____ C:\Users\Warren\AppData\Local\{A1A400C7-BCA5-4FCE-8019-E0CD60AA99CD}
2017-09-06 09:02 - 2017-09-06 09:02 - 000000000 ___DC C:\MATS
2017-09-06 08:54 - 2017-09-06 08:54 - 057217088 _____ (Oracle Corporation) C:\Users\Warren\Downloads\jre-8u144-windows-i586.exe
2017-09-03 19:19 - 2017-09-03 19:19 - 000003238 _____ C:\Windows\System32\Tasks\{4CC5E489-8A21-42D4-9746-ACBA7399FF7E}
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-17 20:01 - 2017-01-20 20:25 - 000000000 ____D C:\Users\Warren\AppData\LocalLow\Mozilla
2017-09-17 19:55 - 2009-07-14 00:45 - 000027040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-17 19:55 - 2009-07-14 00:45 - 000027040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-17 19:47 - 2017-01-18 14:55 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-17 19:47 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-17 14:42 - 2010-10-11 11:19 - 000000000 ____D C:\Users\Warren\AppData\Local\ElevatedDiagnostics
2017-09-16 19:00 - 2010-10-03 01:40 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-16 11:37 - 2012-01-27 12:19 - 000000410 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2017-09-13 04:52 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2017-09-12 20:39 - 2010-10-03 01:31 - 000000000 ____D C:\Users\Warren\AppData\Roaming\uTorrent
2017-09-12 20:38 - 2017-01-18 19:07 - 000000000 ____D C:\Windows\Minidump
2017-09-12 20:38 - 2011-01-24 22:48 - 000000000 ____D C:\Users\Warren\AppData\Local\CrashDumps
2017-09-12 19:13 - 2012-03-31 16:52 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-12 19:12 - 2017-03-07 22:36 - 000004454 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-09-12 19:12 - 2012-03-31 16:52 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-12 19:12 - 2011-11-27 21:15 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-12 19:12 - 2011-05-16 16:21 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-12 17:45 - 2014-03-16 14:46 - 000000000 ____D C:\Users\Warren\AppData\Roaming\Spotify
2017-09-12 17:45 - 2014-03-16 14:46 - 000000000 ____D C:\Users\Warren\AppData\Local\Spotify
2017-09-12 17:37 - 2013-07-23 00:04 - 000000000 ____D C:\Windows\system32\MRT
2017-09-12 17:32 - 2016-11-15 20:42 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-12 17:28 - 2016-11-09 21:35 - 000787260 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-09-12 17:28 - 2009-07-14 01:13 - 000787260 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-12 17:17 - 2014-10-14 22:55 - 000000000 ____D C:\Users\Warren\AppData\Local\Adobe
2017-09-12 17:10 - 2009-07-14 00:45 - 000297160 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-12 16:57 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\L2Schemas
2017-09-12 07:53 - 2014-07-08 09:39 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-09-10 22:00 - 2010-10-30 17:44 - 000000000 ____D C:\Users\Warren\AppData\Local\Google
2017-09-10 22:00 - 2010-10-30 17:44 - 000000000 ____D C:\Program Files (x86)\Google
2017-09-10 19:04 - 2017-01-18 14:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-09-10 19:04 - 2016-11-09 21:30 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-09-10 19:03 - 2016-09-01 17:53 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-09-10 19:03 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\Help
2017-09-10 19:02 - 2017-01-18 14:23 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-09-10 18:14 - 2012-02-02 20:27 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-10 17:59 - 2013-11-12 18:53 - 000000000 ____D C:\Users\Warren\AppData\Local\NVIDIA Corporation
2017-09-07 19:54 - 2009-07-14 01:08 - 000028132 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-06 10:05 - 2017-08-04 23:48 - 000000000 ____D C:\Users\Warren\Desktop\Old Firefox Data
2017-09-06 09:15 - 2013-12-22 12:24 - 000000000 ____D C:\ProgramData\Oracle
2017-09-06 09:14 - 2017-01-17 21:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-09-06 08:50 - 2016-09-11 13:40 - 000000000 ____D C:\Users\Warren\AppData\Roaming\.ACEStream
2017-09-06 08:50 - 2016-09-11 13:38 - 000000000 ____D C:\Users\Warren\AppData\Roaming\ACEStream
2017-09-05 23:48 - 2017-01-20 20:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-04 10:36 - 2016-09-01 18:35 - 000002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-04 10:36 - 2016-09-01 18:35 - 000002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-03 21:27 - 2015-04-07 23:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Files in the root of some directories =======
2010-10-22 14:18 - 2010-07-11 15:49 - 000445440 _____ (Dino Chiesa) C:\Users\Warren\AppData\Roaming\Ionic.Zip.dll
2010-10-22 14:18 - 2010-07-11 15:49 - 000131584 _____ (Wandering Samurai Studios) C:\Users\Warren\AppData\Roaming\MWLL.AutoUpdater.exe
2010-10-22 14:18 - 2010-07-11 15:49 - 000007168 _____ (Wandering Samurai Studios) C:\Users\Warren\AppData\Roaming\MwllLibTorrent.dll
2010-10-22 14:18 - 2010-07-11 15:49 - 001806336 _____ () C:\Users\Warren\AppData\Roaming\mwll_torrent.dll
2011-02-20 15:09 - 2011-05-06 00:59 - 000000231 _____ () C:\Users\Warren\AppData\Roaming\Rim.Desktop.Exception.log
2011-02-20 15:08 - 2011-05-19 10:52 - 000002021 _____ () C:\Users\Warren\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2017-09-06 09:11 - 2017-09-06 09:11 - 000000000 _____ () C:\Users\Warren\AppData\Local\{A1A400C7-BCA5-4FCE-8019-E0CD60AA99CD}
2016-11-09 21:30 - 2016-11-09 21:30 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2017-01-04 23:21 - 2017-01-04 23:24 - 000001075 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-10 00:30
==================== End of FRST.txt ============================
And the Addition scan
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-09-2017 01
Ran by Warren (17-09-2017 21:33:43)
Running from C:\Users\Warren\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-11-10 21:16:49)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-143088597-1759118391-1618591540-500 - Administrator - Disabled)
ASPNET (S-1-5-21-143088597-1759118391-1618591540-1004 - Limited - Enabled)
Guest (S-1-5-21-143088597-1759118391-1618591540-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-143088597-1759118391-1618591540-1002 - Limited - Enabled)
Mcx1-WARREN-PC (S-1-5-21-143088597-1759118391-1618591540-1005 - Limited - Enabled) => C:\Users\Mcx1-WARREN-PC
Warren (S-1-5-21-143088597-1759118391-1618591540-1000 - Administrator - Enabled) => C:\Users\Warren
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{55D55008-E5F6-47D6-B16F-B2A40D4D145F}) (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.0.16600 - Adobe Systems Inc.)
Adobe Flash Player 27 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Reader 9.4.6 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.6 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 384.94 - NVIDIA Corporation) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Xonar DG Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )
Batman: Arkham City™ (HKLM-x32\...\{57520FA0-A73E-4165-BCA2-D71000018301}) (Version: 1.0.0001.131 - WB Games) Hidden
Batman: Arkham City™ (HKLM-x32\...\{57520FA0-A73E-4165-BCA2-D71000038301}) (Version: 1.0.0003.131 - WB Games) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.8.2.48475 - Electronic Arts)
BeerSmith 2 (HKLM-x32\...\BeerSmith 2) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C4500 (HKLM-x32\...\{9DC11D9A-6DCD-4064-8363-63914A0122AB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Castle Crashers (HKLM\...\Steam App 204360) (Version: - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version: - James Athey)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Crypt of the NecroDancer (HKLM\...\Steam App 247080) (Version: - Brace Yourself Games)
CrystalDiskInfo 5.6.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 5.6.2 - Crystal Dew World)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DARK SOULS™ III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
Data Lifeguard Diagnostic for Windows 1.31 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version: - Western Digital Corporation)
dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 7 - Illustrate)
dBpoweramp m4a FDK (AAC) Encoder (HKLM-x32\...\dBpoweramp m4a FDK (AAC) Encoder) (Version: Release 1 (FDK 3.3.3) - Illustrate)
dBpoweramp Music Converter (HKLM-x32\...\dBpoweramp Music Converter) (Version: Release 14.2 - Illustrate)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
Downloader (HKLM-x32\...\Downloader) (Version: - )
Driver Fusion (HKLM-x32\...\{100C8F3B-82D6-4B14-BB7A-5E8C3FF810C8}_is1) (Version: 1.7.0 - Treexy)
Driver Sweeper version 3.2.0 (HKLM-x32\...\{5A67D2EA-FB70-4033-A6F3-606AD85B2015}_is1) (Version: 3.2.0 - Phyxion.net)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version: - )
ffdshow [rev 2527] [2008-12-19] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
FREE EML File Viewer version v2.0 (HKLM-x32\...\{6B16A616-C931-4D4B-B1C5-E04F2D4DDD63}_is1) (Version: v2.0 - www.freeviewer.org)
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart C4500 All-In-One Driver Software 13.0 Rel. 4 (HKLM\...\{AA6F009F-0CCD-4DD6-A462-28419C101D54}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HWiNFO64 Version 5.38 (HKLM\...\HWiNFO64_is1) (Version: 5.38 - Martin Malík - REALiX)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
ImgurDownloader (HKLM-x32\...\{DE5F016E-F566-4A7D-930D-2C03327DFE63}) (Version: 1.0.0 - ImgurDownloader)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
LIMBO (HKLM-x32\...\Steam App 48000) (Version: - )
LOOT version 0.8.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.8.1 - LOOT Team)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mount Your Friends (HKLM\...\Steam App 296470) (Version: - Stegersaurus Software Inc.)
Mozilla Firefox 55.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 en-US)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.9 - Black Tree Gaming)
Nidhogg (HKLM\...\Steam App 94400) (Version: - Messhof)
NVIDIA 3D Vision Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 384.94 - NVIDIA Corporation)
NVIDIA Graphics Driver 384.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 384.94 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 10.4.16.25850 - Electronic Arts, Inc.)
PDF Reading 0.1 (HKLM-x32\...\PDF Reading) (Version: 0.1 - )
PS_AIO_04_C4500_Software_Min (HKLM-x32\...\{CF408B76-8698-4298-B549-5E6A94931B64}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder)
Rocksmith® 2014 Edition - Remastered (HKLM\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.550.0 - SAMSUNG Electronics Co., Ltd.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
SeaTools for Windows 1.4.0.5 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.5 - Seagate Technology)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SlimCleaner (HKLM-x32\...\{6B8D6199-EE44-4FD7-813A-6D8C62C9B384}) (Version: 4.0.30878 - SlimWare Utilities, Inc.)
SlimDrivers (HKLM-x32\...\{A5457401-D56A-43F2-9524-78E54A7FC07A}) (Version: 2.2.32705 - SlimWare Utilities, Inc.)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SOMA (HKLM\...\Steam App 282140) (Version: - Frictional Games)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version: - Valve)
Spotify (HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\Spotify) (Version: 1.0.62.508.g2c497f24 - Spotify AB)
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM\...\Steam App 40800) (Version: - Team Meat)
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version: - )
The Jackbox Party Pack 2 (HKLM\...\Steam App 397460) (Version: - Jackbox Games, Inc.)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - )
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.31.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.24.0.0 - GOG.com)
The Witcher 3: Wild Hunt - Hearts of Stone (HKLM-x32\...\Hearts of Stone_is1) (Version: 1.24.0.0 - GOG.com)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Immersion D'Fusion @Home Web Plug-In (HKLM-x32\...\D'Fusion @Home Web Plug-In) (Version: - Total Immersion)
TP-LINK 150Mbps Wireless N USB Adapter Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 2.1 - Ubisoft)
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC_AR) (HKLM-x32\...\{74B65337-CCF1-4664-A7FC-954A288A4C72}) (Version: 1.10.1002 - SAMSUNG)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{8F704340-27DC-4987-A97A-E04EF3607AF5}) (Version: 2.11.0911 - Samsung Electronics Co., Ltd.)
Video Edit Magic 4.14 (HKLM-x32\...\Video Edit Magic 4_is1) (Version: - Deskshare Inc.)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.00 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.2 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
ContextMenuHandlers1: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => C:\Program Files (x86)\SlimCleaner\SlimShell64.dll [2013-07-10] (Slimware Utilities, Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-12-11] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-12-11] ()
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers3: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => C:\Program Files (x86)\SlimCleaner\SlimShell64.dll [2013-07-10] (Slimware Utilities, Inc.)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
ContextMenuHandlers4: [SlimShellExt] -> {5421BDAF-6C45-4C3A-8B4B-AE5AF31A65AF} => C:\Program Files (x86)\SlimCleaner\SlimShell64.dll [2013-07-10] (Slimware Utilities, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-12-11] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-12-11] ()
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-07-18] (NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-12-11] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-12-11] ()
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {17F127FD-66EB-4E77-8C66-1F7E09C4ED2B} - System32\Tasks\{2C8432D2-C25E-4B51-B709-B77AD29C4362} => C:\Windows\system32\pcalua.exe -a C:\Users\Warren\AppData\Local\Temp\jre-8u91-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {2359F2F3-2BD8-48DA-B121-CB32015C034B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {27FAD6A9-AFA8-41C9-BC00-6D3B41DE7BE4} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {328E9DE3-3369-42E6-B56A-2E85BE3EA6BF} - System32\Tasks\{66B85A28-3871-464C-AB90-54CA5EFEC8D4} => C:\Windows\system32\pcalua.exe -a C:\Users\Warren\AppData\Local\Temp\jre-8u111-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {372BF2F3-35A9-46A3-A10B-F664346E6F18} - System32\Tasks\{6CFF08D3-4E5F-482B-96AE-E63487F2DCC5} => C:\Program Files (x86)\Gruntmods Studios\Dune 2000\Launch Dune 2000.exe
Task: {37E9D756-B9DB-4B6B-A625-7C9BFD8B0A18} - System32\Tasks\{8E015351-767B-4F11-896F-D7E146FC2AD6} => C:\Windows\system32\pcalua.exe -a C:\Users\Warren\AppData\Local\Temp\jre-8u66-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {415D3B77-54D5-4BD2-A3DA-B0D619897B2A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {41EE13F2-9BFF-4852-8E1E-90AAC02C0EB7} - System32\Tasks\{9943B6B3-FCBE-47A8-BC2C-3FEE26D8179F} => C:\Windows\system32\pcalua.exe -a C:\Users\Warren\AppData\Local\Temp\jre-8u77-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {5B651FB7-14CC-4F2E-A9A4-6AFF1A393169} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {5CABD1C3-D056-4570-8827-9CBE5BE0EEA9} - \SidebarExecute -> No File <==== ATTENTION
Task: {5F0E6E25-9CDB-4879-A6EB-D7E8FF1418C8} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {68C91E03-3C79-4B30-B19B-A571D3C65548} - System32\Tasks\{4CC5E489-8A21-42D4-9746-ACBA7399FF7E} => C:\Windows\system32\pcalua.exe -a C:\Users\Warren\AppData\Local\Temp\jre-8u144-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {7598188E-7FF3-4252-B409-5C69D2F22B0A} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2016-03-08] (Piriform Ltd)
Task: {8518DCB7-F2B3-448A-A029-2323394CDED5} - System32\Tasks\{5ED11934-3BEE-4836-B86A-0AA295154C9C} => C:\Windows\system32\pcalua.exe -a "C:\Users\Warren\Desktop\razor skyrim\install.exe" -d "C:\Users\Warren\Desktop\razor skyrim"
Task: {85AC247F-6D4F-4DCD-9013-D90189CA2408} - System32\Tasks\{CCC82356-B4B7-496D-97B5-041FF190F0AE} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.14.59.104/en/abandoninstall?page=tsMain
Task: {8D36BD1B-24FB-431D-9519-34C8D69F0170} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {98164989-1F8B-4088-8D72-0451B1B8E596} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {9A523CDA-E905-4369-BC54-43BF62AF2C83} - System32\Tasks\{99E6FE2D-4FDB-4B3D-87A2-26F4362815FD} => C:\Program Files (x86)\Steam\SteamApps\common\skyrim\DotNetFX\dotnetfx35setup.exe
Task: {B071A57C-D192-456D-ACF9-1FE72BA97C01} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-WARREN-PC => C:\Windows\ehome\McxTask.exe
Task: {B4F3201C-B2FE-4F10-A60B-47CF35D3D1BA} - System32\Tasks\{BD8DE4F2-3B5B-4378-A149-832B7D30737C} => C:\Windows\system32\pcalua.exe -a C:\Users\Warren\Downloads\270.61-desktop-win7-winvista-32bit-english-whql.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {B4F8E588-A22C-4FF9-B2EB-6AEDD4136E84} - System32\Tasks\{5AE6A9D1-51E4-4547-8108-FAEE46AF27A3} => C:\Windows\system32\pcalua.exe -a C:\Users\Warren\AppData\Local\Temp\jre-8u121-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {BFA7F09C-D858-4AEF-A230-A1D93858686B} - System32\Tasks\{12C67D05-C323-4A62-B6FE-62A1FA5466F8} => C:\Windows\system32\pcalua.exe -a "C:\Users\Warren\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1239Z492\jre-6u29-windows-i586-iftw.exe" -d C:\Users\Warren\Desktop
Task: {C194FB67-2370-4019-969A-9BF44713E6F6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {C1E1D9DD-7CA7-4686-8E38-091556C29707} - System32\Tasks\{8DFBF432-DC61-4386-A705-834B38404E1A} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-12-11] (Skype Technologies S.A.)
Task: {CEDDACC6-2B42-42F1-9891-8FBFC5A58FAA} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D19FE7A0-D0A9-4C70-AE04-0816E1CB0D7E} - System32\Tasks\{4D4090A8-2EA4-439A-B086-50A00D59B740} => C:\Windows\system32\pcalua.exe -a C:\Users\Warren\AppData\Local\Temp\jre-8u141-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {DD1731E0-0D88-46C9-A43C-42EABECA150C} - System32\Tasks\{3B9650F3-529C-4674-891F-AABD9E272D3D} => C:\Program Files\ASUS Xonar DG Audio\Customapp\AsusAudioCenter.exe [2012-12-13] (CMedia)
Task: {F83645F1-F272-4759-A0CA-28A5B8083F90} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21] (Oracle Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2014-03-22 22:15 - 2013-10-23 14:24 - 000087600 _____ () C:\Windows\System32\cpwmon64.dll
2010-12-11 12:00 - 2010-12-11 00:01 - 000164352 _____ () C:\Program Files\WinRAR\rarext.dll
2010-07-15 00:44 - 2010-07-15 00:44 - 000020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-09-22 21:17 - 2008-07-11 16:04 - 000200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-09-22 21:17 - 2008-07-11 16:03 - 000282112 ____N () C:\Windows\system\HsMgr64.exe
2017-02-26 14:09 - 2017-02-26 14:09 - 000076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-11-28 15:13 - 2012-11-28 15:13 - 000087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 001242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-19 19:14 - 2012-06-06 10:56 - 000143360 ____N () C:\Program Files\ASUS Xonar DG Audio\Customapp\VmixP8.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:DocumentSummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:SummaryInformation [63]
AlternateDataStreams: C:\Windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\com -> hxxp://www.msi.com
IE trusted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\com.tw -> hxxp://asia.msi.com.tw
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-143088597-1759118391-1618591540-1000\...\123simsen.com -> www.123simsen.com
There are 7742 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2016-11-07 16:55 - 000000826 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-143088597-1759118391-1618591540-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Warren\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{EFE60AA6-05DA-4CA6-A59F-D0C3344D7F34}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{6C360A62-C0F6-4628-B057-2CF725648B37}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{D1DAED4E-9951-4686-BCAA-C535AC3039DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{63116321-54E4-4E75-9009-BDD675457826}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{3EA914F9-09C0-411C-82AB-1DF522EFB185}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{EBB6E90E-8B9D-4BBC-B557-AD0056516CB0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crypt of the NecroDancer\NecroDancer.exe
FirewallRules: [{CA5BF318-4BD7-468D-A55C-6937E03B35D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{92812387-36AE-4F4C-B7C9-F3E1BD0135A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Nidhogg\Nidhogg.exe
FirewallRules: [{55DC3F58-9AC8-40A1-8323-4B8EA9D197CB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{DBFA0D22-B908-428E-A815-30656228142B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [UDP Query User{4415C7BA-F803-4E6C-83D0-3FF552592FD0}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{B7CAA4B4-7274-4555-8C00-5AADF46C0590}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{FC9F7A4F-E72E-4CE3-899F-D7C049B48B64}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3FFA3510-2300-44A2-8C2F-3E492E255B94}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{AD79B9B6-E5DF-4E96-B59A-4D7700EA6022}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{686645B2-7F10-44AA-A938-EA3FDA29751D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\Brothers.exe
FirewallRules: [{E0EA9B1C-EAC0-4D5D-8EB2-C172205C2285}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{59338F7A-D9F5-42E8-B4FE-79D45E37C7D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Brothers - A Tale of Two Sons\Binaries\Win32\BrothersLauncher.exe
FirewallRules: [{4B9B28E6-45BA-468C-A7DA-F060556C669C}] => (Allow) C:\Users\Warren\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C8ADBC62-D8FD-47EE-8E8F-2DD8A9C85103}] => (Allow) C:\Users\Warren\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2927CA11-23FD-48E9-902A-A73B0D4E5AE0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AB3DA62C-8F14-41D2-89F0-41A841313314}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{60BED730-BF76-4B16-BEA2-0CEBCD04977E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{47CC42ED-996F-4F22-AE7B-55E42C891735}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{D5F121C4-35D8-42FC-95B5-E52FDADAC8EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{77F5C121-417A-447B-972B-3D9968E129B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Swapper\TheSwapper.exe
FirewallRules: [{43A3CE80-C54C-4DB9-AF8A-A9B25CC44BA0}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{1E1CC7A1-DD0B-4780-A033-35BFDFEE2847}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{50A8CB2C-62D1-40D0-AE39-978FB8D1D3B7}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{58F42437-BC36-4C99-A21B-17EBB2DF9F9F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{4D2678C4-D427-4166-88EB-3192EC78B8B5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{A9DE5C32-7006-4360-BEBB-A7F61034FE9C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{7E1B89C6-1343-4435-AD19-C7C31751B73F}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{380D3080-9B29-4BB4-A53F-AA81881B03D7}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{18360AF8-1537-4C64-A828-B17B6523E866}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{68E38EAA-3E89-41DC-8179-3999B96C6B44}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{2B71E7FB-16E6-4AA8-9D75-BE2D55FABB81}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{2A73C628-0C83-4F7A-A229-B6CF13C6D15A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{8951FE31-377F-4E5A-8CDA-1557B70DFDCD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{C580982C-20AB-40A1-9D07-049678E644C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{0493164A-77E5-4181-AAC0-0E7CCD14A658}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{1E15B7D7-CD75-4A67-8819-E945A22A2B37}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{F695F4F5-5820-45F7-B907-6897D6826430}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{9A37D92B-FAEF-4DA2-8E2E-EE7009E15B86}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{F2C1E241-2BFA-494A-BD3B-9F28BF77AE4C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{A9106E05-7F53-4C71-8B51-3D1EF1ED2DCC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{0108CA07-4E6E-401B-8EB2-0FDCDD006BEF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{5947722E-9D10-41D7-BE1B-EEF8DE2B9F6E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{34CB6F91-F86F-40F5-85A1-A97174CF26F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{04B3C508-6BAB-4DBE-A2CB-4820D315946B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{2A5754E5-DFF6-4B8A-87CB-49F0C465EECB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{EA6BA482-D24C-495D-A999-0A7F7C5DA0CF}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{47D4E66E-2D98-4B27-B66B-0517AB5E3C93}] => (Allow) C:\Users\Warren\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{465E1DB7-6C21-45E7-A25F-FDBA1ACE7D54}] => (Allow) C:\Users\Warren\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3E39786A-27A5-4E8E-B7D1-CE28D2C830B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{CF1D4673-8676-467E-8587-5FD9C91DE510}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Limbo\limbo.exe
FirewallRules: [{E3BA9F85-B4C2-41EF-8918-A646AC12C48E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9DA85FC9-DDE3-4857-890E-0D106244D1D3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8B209240-1CEB-451D-818E-0807189E2DF8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3ABA4170-CDA2-4815-8A24-DEB4F50C276A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BEDCF048-9062-4E6C-B701-25C5D4CCAD8B}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{C2E9E17F-0048-4B59-9B58-C661D02D954D}] => (Allow) C:\Users\Warren\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{ED97B6FD-4703-4BC8-AEB0-7CBDE0C1A493}] => (Allow) C:\Users\Warren\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{8297D06B-F698-4EC7-85D9-9AFB0AFB3BDC}] => (Allow) C:\Users\Warren\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{68F90F36-DC33-4656-8538-9661AED795A3}] => (Allow) C:\Users\Warren\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D4729366-E159-429D-9A2E-98C7B999E542}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BCB8E0D-453C-4EE5-8FB6-DDE9D3B7E19D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{80385294-0E4C-4A47-8E13-EC746DC20753}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{C6153911-CAF1-470E-9922-80A030FAB350}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SOMA\Soma.exe
FirewallRules: [{57A9C25E-42EF-422A-9D3E-1633B3A5E4BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{1AAD084A-CE06-438A-82D5-33DCEEBE9FB2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SOMA\ModLauncher.exe
FirewallRules: [{B142AED0-5A97-4AB3-A97F-9D4509A901D7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{F8F8197C-26D2-4ACB-BD2C-28F97D5D3E5B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6B12700D-BFD8-4743-AE03-7768F210BA07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F29AE30D-B687-47DA-9BD1-55469B31E4B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9ED7D09D-7792-40BF-8559-4ADA30FD5D4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{AA7C0F38-C097-4495-BEA1-C42D8C04F90F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{8BC26702-D6C7-4007-8AAD-A8A8FABD4B5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe
FirewallRules: [{762ADC12-2CAE-4918-B04B-B34CE595D375}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Jackbox Party Pack 2\The Jackbox Party Pack 2.exe
FirewallRules: [{F9F6C8BF-5DF1-416D-85E7-03D9E42124E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{8B8EEA5D-8E82-4CC8-99AB-41777F87D0D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Mount Your Friends\MountYourFriends.exe
FirewallRules: [{FCC0141E-4C77-46D7-81E6-F75BB57EDD78}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{237ABC08-AB51-416D-AC0B-ED276EAB1663}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{E9A83E2D-3FF6-4C49-8EDA-820D040F89B8}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{A224C1E8-DAAA-42EF-99F2-D4E481A3596B}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{8BFE41F2-94E7-4D44-9C7F-51160773752D}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{767E08AF-DD76-40F6-94CA-4C4D0733F809}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [{BD0B3907-C54C-4AD9-9A37-DADDF686A25F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{08B8DF6C-E703-48FC-8D47-2620D95FAC18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Rocksmith2014\Rocksmith2014.exe
FirewallRules: [{EA5473DC-0C44-45BB-B7E0-631D4D4B4A76}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{8546826E-C9A6-4662-82B7-72B521E4D855}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher.exe
FirewallRules: [{CFA00378-A564-427E-82BA-BCA6533FE5AC}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{C87CB5C1-EF91-4052-97CF-B80FA46BB3AE}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BFLauncher_x86.exe
FirewallRules: [{48EEDBE1-30DB-434E-8201-D5825AA40998}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F8FBBD5C-4A2C-40A7-A436-1AB3B66C505C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
FirewallRules: [{3CC369E4-4148-4748-A299-A75F1BD2EBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DARK SOULS III\Game\DarkSoulsIII.exe
==================== Restore Points =========================
13-09-2017 03:00:13 Windows Update
13-09-2017 04:59:39 Windows Update
14-09-2017 03:00:12 Windows Update
14-09-2017 09:18:10 Windows Update
16-09-2017 03:00:13 Windows Update
16-09-2017 09:16:04 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
16-09-2017 11:25:08 Windows Update
16-09-2017 12:35:41 Windows Update
17-09-2017 03:00:13 Windows Update
17-09-2017 14:22:27 Windows Update
17-09-2017 14:27:57 Windows Update
17-09-2017 14:34:24 Windows Update
17-09-2017 14:40:44 Windows Update
17-09-2017 14:48:38 Windows Update
17-09-2017 14:53:47 Windows Update
17-09-2017 16:45:47 Windows Update
17-09-2017 17:38:04 Windows Update
17-09-2017 19:19:33 Windows Update
17-09-2017 19:44:36 Windows Update
17-09-2017 19:59:30 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/17/2017 07:48:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/17/2017 07:33:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/17/2017 07:28:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/17/2017 07:24:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/16/2017 03:07:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/16/2017 11:38:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/15/2017 08:51:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/13/2017 08:26:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/13/2017 07:47:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/13/2017 04:51:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (09/17/2017 08:03:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x800736b3: 2017-09 Security Monthly Quality Rollup for Windows 7 for x64-based Systems (KB4038777).
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The hpqcxs08 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the hpqcxs08 service to connect.
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The hpqcxs08 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the hpqcxs08 service to connect.
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The hpqcxs08 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the hpqcxs08 service to connect.
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The hpqcxs08 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the hpqcxs08 service to connect.
Error: (09/17/2017 07:48:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The hpqcxs08 service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===================================
Date: 2017-01-18 13:40:11.352
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\USBSTOR.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-01-18 13:40:11.272
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\USBSTOR.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-07-20 19:58:29.397
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-20 19:58:29.268
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-20 19:58:29.120
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-20 19:58:28.996
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-20 19:58:28.851
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Phenom II X4 955 Processor
Percentage of memory in use: 22%
Total physical RAM: 10239.18 MB
Available physical RAM: 7946.7 MB
Total Virtual: 20478.36 MB
Available Virtual: 17884.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:93.67 GB) NTFS
Drive d: (SEAGATE) (CDROM) (Total:0.01 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 4F218257)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================