Hello, a friend advised that I post on here.
I'm running windows 10 on an HP pavillion 64 it ( I expect that info is in the documents tho)
I ran a full AVG scan but it didn't find anything.
My computer has been freezing on log in - started to hang just before or after entering password.
Sometimes I can log in then things are slow.
Copying folders is almost impossible, I'll select a folder, hit 'copy this file' at the top of the screen and nothing will happen.
I tried opening task manager to see what was going on and often it would freeze there too.
The most noticeable thing is that type appears at much lower quality online. Really jagged.
I tried to do a reset and keep my personal files but it told me some kernel files were missing or damaged ( no idea how that happened as I do not muck about with that stuff and this is why I thought it might be malware). I managed to download the iso of windows 10 onto a usb and the computer is now back to how it was before the reset with all the slowness and log in problems.
As I was pasting the txt files a good example of the slowness and unresponsiveness - took about 5 minutes to get the notepad window to recognise that I was clicking on EDIT and to select the text and again to copy it. I am still trying to paste the additions in now. EDIT is unresponsive and right clicking on the selected text does nothing. Hoping it will eventually copy.
UPDATE - I cannot copy the text from the additions file. File edit etc will not work. Ok I opened the file in libreoffice writer and have pasted it after the FRST one. I'm baffled that the text editor had problems and the word one didn't.
Any advice would be wonderful - I'm tempted to wipe everything and reinstall windows but I'm sure that won't be as simple as it sounds.
Here are the txt files:
ADDITIONS
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2017 01
Ran by Xoe (19-04-2017 13:31:51)
Running from C:\Users\Xoe\Desktop
Windows 10 Home Version 1607 (X64) (2016-08-16 03:27:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2512842997-4247233269-2972442051-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2512842997-4247233269-2972442051-503 - Limited - Disabled)
Guest (S-1-5-21-2512842997-4247233269-2972442051-501 - Limited - Disabled) => C:\Users\Guest
Xoe (S-1-5-21-2512842997-4247233269-2972442051-1001 - Administrator - Enabled) => C:\Users\Xoe
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.148 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.2.172 - Adobe Systems, Inc.)
Amazon Kindle (HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\Amazon Kindle) (Version: 1.15.0.43061 - Amazon)
Amazon Send to Kindle (HKLM-x32\...\SendToKindle) (Version: 1.1.0.243 - Amazon)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 3.3867232.1996558569.0 - Audible, Inc.)
AVG (Version: 16.71.7597 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4769 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.71.7597 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.7.452 - AVG Technologies)
AxiomCoders FB Limiter version 1.6.0 (HKLM\...\AxiomCoders FB Limiter_is1) (Version: 1.6.0 - AxiomCoders)
Backblaze (HKLM-x32\...\Backblaze) (Version: - Backblaze, Inc)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG3100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG3100_series) (Version: - Canon Inc.)
Canon MG3100 series On-screen Manual (HKLM-x32\...\Canon MG3100 series On-screen Manual) (Version: - )
Canon MG3100 series User Registration (HKLM-x32\...\Canon MG3100 series User Registration) (Version: - )
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Cold Turkey (Basic) (HKLM-x32\...\{6498E673-B9C2-4544-A722-1E854B5B573E}_is1) (Version: 1.2.5 Basic - Felix Belzile)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.7.4023 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.1.5406 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.1.5406 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.7.4016 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.1.3121 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.1.3121 - CyberLink Corp.) Hidden
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.4.4223 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.4.4218 - CyberLink Corp.)
Darksiders II Deathinitive Edition (HKLM\...\Steam App 388410) (Version: - Gunfire Games)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Don't Starve (HKLM\...\Steam App 219740) (Version: - Klei Entertainment)
Dropbox (HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\Dropbox) (Version: 23.4.19 - Dropbox, Inc.)
Duplicate File Finder (HKLM-x32\...\{1041487C-12E6-47FE-B83A-E9891782C8FE}}_is1) (Version: 6.3 - Ashisoft)
Duplicate Photo Cleaner (HKLM\...\Duplicate Photo Cleaner_is1) (Version: - WebMinds, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
EPUB File Reader (HKLM-x32\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - epubfilereader.com)
f.lux (HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\Flux) (Version: - )
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FMW 1 (Version: 1.82.3 - AVG Technologies) Hidden
foobar2000 v1.3.9 (HKLM-x32\...\foobar2000) (Version: 1.3.9 - Peter Pawlowski)
Foxit PhantomPDF (HKLM-x32\...\{00CD7D62-056A-4F0F-9143-44522D44E6DD}) (Version: 6.0.32.507 - Foxit Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.3.5254 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Chrome Canary (HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\Google Chrome SxS) (Version: 60.0.3073.0 - Google Inc.)
Google Drive (HKLM-x32\...\{A1238426-ECDF-4639-BE2F-8D12A97AE23C}) (Version: 2.34.5075.1619 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.33.3 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{13133E99-B0D5-4143-B832-AAD55C62A41C}) (Version: 6.0.19.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.11 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.6.14.19 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{8B4EE87E-6D40-4C91-B5E8-0DC77DC412F1}) (Version: 1.4.1 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{DCD5C599-5CCC-4E37-8938-FBB548D780C6}) (Version: 2.5.3 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.11 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.11 - Softex Inc.) Hidden
Intel® Chipset Device Software (x32 Version: 10.1.1.7 - Intel® Corporation) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.9.1000 - Intel Corporation)
Intel® Smart Connect Technology (HKLM\...\{51AC86D3-C431-48AD-9195-0D6C930D07CD}) (Version: 4.2.41.2710 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LibreOffice 4.3.5.2 (HKLM-x32\...\{1D4E90DA-C33C-40ED-BA00-75F6E6DF9CB0}) (Version: 4.3.5.2 - The Document Foundation)
Malware Protection Live (HKLM-x32\...\MalwareProtectionLive) (Version: - ) <==== ATTENTION
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.523.1 - McAfee, Inc.)
Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)
Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Mozilla Firefox 47.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 47.0.2 (x86 en-US)) (Version: 47.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.2.6148 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nectar Toolbar (HKLM-x32\...\Nectar Toolbar) (Version: 1.1.1 - AIMIA Coalition Loyalty UK Ltd)
NetWorx 5.5.2 (HKLM\...\NetWorx_is1) (Version: - Softperfect)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.1 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.16 - Nikon)
Portal (HKLM-x32\...\Steam App 400) (Version: - Valve)
PyQt GPL v5.5.1 for Python v3.4 (x32) (HKLM-x32\...\PyQt GPL v5.5.1 for Python v3.4 (x32)) (Version: 5.5.1 - )
Python 3.2.3 (HKLM-x32\...\{789C9644-9F82-44d3-B4CA-AC31F46F5882}) (Version: 3.2.3150 - Python Software Foundation)
Python 3.3.4 (64-bit) (HKLM\...\{D7E79BB6-DBE5-33C5-B105-CE6871C59DB6}) (Version: 3.3.4150 - Python Software Foundation)
Python 3.4.3 (64-bit) (HKLM\...\{9529565f-e693-3f11-b3bf-8cd545f5f9a0}) (Version: 3.4.3150 - Python Software Foundation)
Python 3.5.0 (32-bit) (HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\{1197d2bb-6cf8-488a-b994-d5bf6d7efe7b}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 Add to Path (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Documentation (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Launcher (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (32-bit) (x32 Version: 3.5.150.0 - Python Software Foundation) Hidden
qBittorrent 3.3.11 (HKLM-x32\...\qBittorrent) (Version: 3.3.11 - The qBittorrent project)
Quake (HKLM-x32\...\Steam App 2310) (Version: - id Software)
Quake II (HKLM-x32\...\Steam App 2320) (Version: - id Software)
Quake II: Ground Zero (HKLM-x32\...\Steam App 2340) (Version: - Rogue Entertainment)
Quake II: The Reckoning (HKLM-x32\...\Steam App 2330) (Version: - Xatrix Entertainment)
Quake Mission Pack 1: Scourge of Armagon (HKLM-x32\...\Steam App 9040) (Version: - Ritual Entertainment)
Quake Mission Pack 2: Dissolution of Eternity (HKLM-x32\...\Steam App 9030) (Version: - Rogue Entertainment)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.17 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.273.49 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7553 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.0.0.33 - REALTEK Semiconductor Corp.)
RTSpect 2.6 (HKLM-x32\...\RTSpect_is1) (Version: - Mark Huckvale)
ScreenRuler (HKLM-x32\...\{46243C14-2485-45EE-9B4E-609B71B5D5FF}) (Version: 3.0.5 - Claro Software)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
SolidCapture (HKLM-x32\...\{1978BDCF-E266-480F-9D91-B2971C464C30}) (Version: 3.0.218.0 - SolidDocuments)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Spotify (HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
SuperCollider Version 3.8.0 (HKLM-x32\...\SuperCollider-3.8.0) (Version: 3.8.0 - SuperCollider Community)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
The Simsâ„¢ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.28.25.1020 - Electronic Arts Inc.)
TreeSize Free V4.0.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 4.0.1 - JAM Software)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.3 - Nikon)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - CACE Technologies)
WinZip 19.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E9}) (Version: 19.5.11475 - WinZip Computing, S.L. )
Wondershare Filmora(Build 8.1.0) (HKLM\...\Wondershare Filmora_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
Wondershare Video Converter Ultimate(Build 8.8.0.3) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.8.0.3 - Wondershare Software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\Xoe\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\Xoe\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Xoe\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2512842997-4247233269-2972442051-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Xoe\AppData\Roaming\Dropbox\bin\DropboxExt64.15.0.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {016D22D8-F632-41B8-9600-228DC633391B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {034F5240-1EC9-495D-B253-552B71C0D90F} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {13A48114-16B0-4E11-AD32-F111F722C9C5} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {13ECBD0B-0E86-467C-9A8B-D7D51DFC2A2E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2512842997-4247233269-2972442051-1001UA => C:\Users\Xoe\AppData\Local\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
Task: {1E38A96A-EA27-4A47-93C3-8E74C007B00F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-04-17] (Microsoft Corporation)
Task: {21F2FDF2-37D1-44CE-9A29-BD4F8C83490C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2492DB33-EAEE-4166-AF0C-02317D1B5B36} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2512842997-4247233269-2972442051-1001UA1d23798eaf41b64 => C:\Users\Xoe\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {33297879-B0DF-447B-A75F-EF431412EDB6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {3AE5B2E9-BA48-4337-B5B8-E6753160B99C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {48477B06-2D65-41D4-99B2-47B3B8CC2D1D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4FB10F90-58E7-4A9A-858B-CABE3E34C7F1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {55E0EC16-40A1-4AB5-BF94-067B715A5B03} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2512842997-4247233269-2972442051-1001Core => C:\Users\Xoe\AppData\Local\Google\Update\GoogleUpdate.exe [2017-04-09] (Google Inc.)
Task: {5649536D-AD76-4DA7-91F3-7EC41806CED2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {5A384448-D291-4775-BB6E-64B90ED1ACF4} - System32\Tasks\0215tb_RML => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_0215tb.exe
Task: {5B1EDF40-8639-4AE7-A3DF-A9B7F185BA95} - System32\Tasks\0116avUpdateInfo => C:\ProgramData\Avg_Update_0116av\0116av_AVG-Secure-Search-Update.exe [2016-01-10] ()
Task: {639C5F3E-C88B-4B47-9991-44B8279B2C03} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {63FE5442-5851-4D65-9DE8-4D44B03D206C} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-06-18] (CyberLink Corp.)
Task: {75CDEDC9-C1CD-417F-B40A-1A20C20B1891} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {7C324DAD-FEC5-44D1-A61A-A878F20E2EF9} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {7EC8CD97-F66A-4F0D-9477-DEE0F7EC70BD} - System32\Tasks\0215tbUpdateInfo => C:\ProgramData\Avg_Update_0215tb\0215tb_{E51D9B53-94E1-41B9-98B9-B960FD685A31}.exe [2015-03-20] ()
Task: {94C3EF05-37C6-45BC-B510-77E8AF5CC225} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-05] (Google Inc.)
Task: {9EE8F73F-7CC2-4EB4-849B-4B4B8FCC3196} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {A53B577E-4831-4B75-A1DD-ABFDC1CFE42B} - System32\Tasks\{AE298DBA-E1C3-4CFD-AA11-46DAD4CAECB8} => pcalua.exe -a "C:\Users\Xoe\Documents\M364 dvd\M364.EXE" -d "C:\Users\Xoe\Documents\M364 dvd"
Task: {A807E312-F60D-4F25-9542-C74EE5D54B2E} - System32\Tasks\{CAF2B9BC-4D7B-4408-B7C6-03309C25AFDD} => pcalua.exe -a C:\Users\Xoe\Downloads\AM_CDBurner.exe -d C:\Users\Xoe\Downloads
Task: {BE396489-6BCF-42D9-9565-DA1D54756958} - System32\Tasks\{FB677C32-23B3-4D5D-989C-DDFE941B1423} => pcalua.exe -a "C:\Program Files (x86)\Common Files\EAInstaller\The Sims 4\Cleanup.exe" -c uninstall_game -autologging
Task: {C18D0269-F9E7-4D5A-91AF-02C78ABD2D12} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2512842997-4247233269-2972442051-1001Core1d23798ea9e4694 => C:\Users\Xoe\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {DB88ECD9-EAD2-4E72-A3E6-DD82FF9AF599} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-05] (Google Inc.)
Task: {FA3E7698-4286-47F4-AA25-EF14F28ECFA1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-04-11] (Adobe Systems Incorporated)
Task: {FA5A22AA-77F7-4E15-9B3F-6F4314B8DCC6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\0215tbUpdateInfo.job => C:\ProgramData\Avg_Update_0215tb\0215tb_{E51D9B53-94E1-41B9-98B9-B960FD685A31}.exe
Task: C:\WINDOWS\Tasks\0215tb_RML.job => C:\Program Files (x86)\AVG Web TuneUp\AVG-Secure-Search-Update_0215tb.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2512842997-4247233269-2972442051-1001Core1d23798ea9e4694.job => C:\Users\Xoe\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2512842997-4247233269-2972442051-1001UA1d23798eaf41b64.job => C:\Users\Xoe\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForXoe.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-16 13:21 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-03-17 14:21 - 2017-02-06 22:34 - 00981576 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2014-03-28 13:31 - 2014-03-28 13:31 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-28 13:27 - 2014-03-28 13:27 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-28 13:48 - 2014-03-28 13:48 - 00712080 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2015-12-27 23:33 - 2017-04-17 14:16 - 00443112 _____ () C:\Program Files (x86)\Backblaze\bzserv.exe
2014-11-24 19:31 - 2014-07-04 12:24 - 00094936 ____N () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-12-17 19:38 - 2015-12-17 19:38 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-24 20:01 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2017-03-16 13:21 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-16 16:52 - 2016-08-16 16:52 - 00959168 _____ () C:\Users\Xoe\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2014-05-01 15:13 - 2016-09-10 15:21 - 00592384 _____ () C:\Users\Xoe\AppData\Local\MEGAsync\ShellExtX64.dll
2016-08-25 10:56 - 2015-02-27 14:38 - 00721263 _____ () C:\WINDOWS\SysWoW64\WSCM64.dll
2016-09-18 21:04 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 13:20 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 13:21 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 13:21 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 13:21 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-16 13:21 - 2017-03-04 07:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-16 13:21 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-16 13:21 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-03-28 13:36 - 2014-03-28 13:36 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2016-03-01 22:14 - 2016-02-16 15:04 - 00806400 _____ () C:\Program Files\NetWorx\sqlite.dll
2015-12-27 23:33 - 2017-04-17 14:16 - 00595176 _____ () C:\Program Files (x86)\Backblaze\bzbui.exe
2015-02-02 21:35 - 2017-02-06 22:34 - 02183752 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2015-12-27 23:33 - 2017-04-17 14:16 - 04463848 _____ () C:\Program Files (x86)\Backblaze\x64\bztransmit64.exe
2017-04-17 12:52 - 2017-04-17 11:02 - 03807064 _____ () C:\Users\Xoe\AppData\Local\Google\Chrome SxS\Application\60.0.3073.0\libglesv2.dll
2017-04-17 12:52 - 2017-04-17 11:02 - 00100184 _____ () C:\Users\Xoe\AppData\Local\Google\Chrome SxS\Application\60.0.3073.0\libegl.dll
2017-04-10 09:21 - 2017-04-10 09:22 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-04-10 09:21 - 2017-04-10 09:22 - 00189952 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-04-10 09:21 - 2017-04-10 09:22 - 42507264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-04-10 09:21 - 2017-04-10 09:22 - 02334184 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.13.133.0_x64__kzf8qxf38zg5c\skypert.dll
2017-04-19 10:52 - 2017-04-19 10:52 - 00098816 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32api.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00110080 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\pywintypes27.dll
2017-04-19 10:52 - 2017-04-19 10:52 - 00364544 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\pythoncom27.dll
2017-04-19 10:52 - 2017-04-19 10:52 - 00320512 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32com.shell.shell.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00914432 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\_hashlib.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 01176576 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\wx._core_.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00806400 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\wx._gdi_.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00816128 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\wx._windows_.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 01067008 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\wx._controls_.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00733184 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\wx._misc_.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00682496 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\pysqlite2._sqlite.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00088064 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\_ctypes.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00686080 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\unicodedata.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00119808 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32file.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00108544 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32security.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00007168 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\hashobjs_ext.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00017920 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\thumbnails_ext.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00088064 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\usb_ext.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00012800 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\common.time34.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00018432 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32event.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00167936 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32gui.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00046080 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\_socket.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 01303552 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\_ssl.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00128512 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\_elementtree.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00127488 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\pyexpat.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00038912 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32inet.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00036864 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\_psutil_windows.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00524248 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\windows._lib_cacheinvalidation.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00011264 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32crypt.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00123392 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\wx._wizard.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00077312 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\wx._html2.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00027648 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\_multiprocessing.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00020480 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\_yappi.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00035840 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32process.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00078848 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\wx._animate.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00024064 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32pipe.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00010240 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\select.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00025600 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32pdh.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00017408 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32profile.pyd
2017-04-19 10:52 - 2017-04-19 10:52 - 00022528 ____R () C:\Users\Xoe\AppData\Local\Temp\_MEI69442\win32ts.pyd
2014-11-24 19:21 - 2013-12-10 16:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2017-04-06 12:19 - 2017-03-29 03:04 - 02187096 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libglesv2.dll
2017-04-06 12:19 - 2017-03-29 03:04 - 00086360 _____ () C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:0FF263E8 [273]
AlternateDataStreams: C:\ProgramData\Temp:5C305AE2 [196]
AlternateDataStreams: C:\Users\Xoe\Documents\Principles for Physical Fitness.pdf:com.dropbox.attributes [168]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 14:25 - 2017-04-14 17:33 - 00000879 ____A C:\WINDOWS\system32\Drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Xoe\Pictures\Saved Pictures\DSC_0357.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "SimplePass"
HKLM\...\StartupApproved\Run: => "OPBHOBroker"
HKLM\...\StartupApproved\Run: => "OPBHOBrokerDesktop"
HKLM\...\StartupApproved\Run: => "CanonMyPrinter"
HKLM\...\StartupApproved\Run32: => "HPMessageService"
HKLM\...\StartupApproved\Run32: => "CanonSolutionMenuEx"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_9FB6F71DDDB7A5BB2591700729459C29"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\Run: => "SolidCapture"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_26BD5E01A8E32BE058D9A9AFA222BFE9"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2512842997-4247233269-2972442051-1001\...\StartupApproved\Run: => "Sony PC Companion"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{1D5F2CC4-0303-4020-B363-BDE02B2AB36F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BCFDF90D-A4E4-4084-AC38-F5EF62106266}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{3D7BF6A2-25B6-4FCF-89E5-430FEF5DD1AC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{0AC479CD-EDF4-4977-BF38-5F8408680BB0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{3C3DDD66-093D-4FE6-8BFB-CE6743E2196B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{5E8EC04C-CCBA-4F4C-82E4-608B319691C8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{413747F6-8C7C-4D67-9731-A9DF8EE2221B}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{21A2E9E2-E423-4268-B0E1-6B4E3DCAB663}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{74FED47F-DD82-40A1-9795-A63C64019AF0}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{DE12853F-A620-472E-96C4-35892C5388A0}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{FEEE96B7-3EAE-4581-B8C3-927D7C468848}] => (Allow) C:\Program Files\NetWorx\networx.exe
FirewallRules: [{CC018D92-0137-4907-AA98-F7F1EA24D481}] => (Block) C:\users\xoe\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [{EC3C912E-4209-4074-8898-EAB0EFFCA7F4}] => (Block) C:\users\xoe\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{91ACC3EB-C24F-44A8-9EA4-921052455035}C:\users\xoe\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\xoe\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{AC639CAF-188E-4696-9DC7-B2CB9D026856}C:\users\xoe\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe] => (Allow) C:\users\xoe\appdata\local\programs\blackboard\blackboard collaborate launcher\resources\java\jre1.7.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{2A17DCCF-71BC-433A-BA2F-DF9D4736EE95}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [TCP Query User{7AB8E8B4-BE64-40C8-936A-78A20028CF02}C:\program files (x86)\sony\media go\mediago.exe] => (Allow) C:\program files (x86)\sony\media go\mediago.exe
FirewallRules: [{1653A56F-7417-42AC-AC2D-4D3979A971F1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{C26D51B0-0E51-41AE-8A35-F8F70476E9F0}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{49F0AE7D-6344-42F2-AC80-0E2A273CD30B}] => (Block) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{7A63436B-9A30-4D79-A676-CE05C7932E8C}] => (Block) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [UDP Query User{3470DFC1-470A-45AF-BFDC-B9701F84C592}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{559591FB-AEA8-449C-8A79-7D9EF8E5F258}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{660D1221-5351-4ADE-AA2E-0C2B84A25782}] => (Block) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{F61A8DE8-44D7-4AC3-8345-5A2C94A01ECB}] => (Block) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{BAC4DC6B-3957-4224-B93B-AFBAC5ADD8EC}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{6143FDC2-BF15-46D0-8E25-624772A835D9}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{4AC3AFD7-7B19-41E0-B640-4EFFD0AAEE22}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [{0D04F7E3-7CA3-45AE-BD8A-F528F74508F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Hammerwatch\editor\HammerEditor.exe
FirewallRules: [UDP Query User{D59050B8-16E1-48C1-844A-B7970EC509CD}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [TCP Query User{E29F7A28-C9CA-407A-9E92-CB48295037F7}C:\program files (x86)\ccp\eve\bin\exefile.exe] => (Allow) C:\program files (x86)\ccp\eve\bin\exefile.exe
FirewallRules: [{585B3842-289B-44AB-8579-B6CC426B3281}] => (Allow) C:\Users\Xoe\AppData\Local\Temp\nsr8DD7.tmp\CnetInstaller-10205472.exe
FirewallRules: [{87659A92-2D05-4D60-B335-030D8BA71B3C}] => (Allow) C:\Users\Xoe\AppData\Local\Temp\nsr8DD7.tmp\CnetInstaller-10205472.exe
FirewallRules: [{3798FFF8-DA00-4E61-B4C5-D033FE98F957}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7CDD343C-A38C-445B-B97E-A7B166E2072D}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D04B0CCB-5F2F-4995-94FB-C068145FC8C7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2E900793-3892-440B-AAFB-3D969C2B22A3}] => (Block) C:\program files (x86)\java\jre1.8.0_40\bin\java.exe
FirewallRules: [{DF5C38FD-8780-424B-B414-A258B0BB5E58}] => (Block) C:\program files (x86)\java\jre1.8.0_40\bin\java.exe
FirewallRules: [UDP Query User{40C71687-FB98-466D-B036-C81412CC2BD8}C:\program files (x86)\java\jre1.8.0_40\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\java.exe
FirewallRules: [TCP Query User{87C9504B-E462-4CAA-BCC6-1410B71597CF}C:\program files (x86)\java\jre1.8.0_40\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\java.exe
FirewallRules: [{3DD1FA1D-0D76-45A4-8360-05B426D6535E}] => (Allow) LPort=51001
FirewallRules: [UDP Query User{D211D089-2C97-4682-AB57-FC9C3F93A6A5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A262E51E-7AF1-4BE7-9E08-A6B78A09F33B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{97A1F59F-CC7B-49B5-B1FA-BA8546E3A32F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Jazzpunk\windows\Jazzpunk.exe
FirewallRules: [{857CFE9F-B108-4189-8D14-7FD2E9CF7F4D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CFAF3537-46A5-42A3-870A-3F2EE7B9E7CF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BFF68C09-8F13-4650-92A4-1D7FB1A1478C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2E63625E-F3DF-4F9F-9050-C8AE0C4987E3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{C9CACC00-6116-4099-B4AC-756C0C9F57EF}C:\windows\system32\runtimebroker.exe] => (Block) C:\windows\system32\runtimebroker.exe
FirewallRules: [UDP Query User{63A21CD6-7803-4CED-A1DE-7533133AF4E4}C:\windows\system32\runtimebroker.exe] => (Block) C:\windows\system32\runtimebroker.exe
FirewallRules: [TCP Query User{CBE8A7C3-2BA7-4490-8DB7-7450F46FF4F5}C:\program files (x86)\supercollider-3.8.0\sclang.exe] => (Allow) C:\program files (x86)\supercollider-3.8.0\sclang.exe
FirewallRules: [UDP Query User{D3173867-CAAB-458A-858F-17D3B32B46AA}C:\program files (x86)\supercollider-3.8.0\sclang.exe] => (Allow) C:\program files (x86)\supercollider-3.8.0\sclang.exe
FirewallRules: [{02E72998-0C44-4482-AD12-207D2ACDF57C}] => (Block) C:\program files (x86)\supercollider-3.8.0\sclang.exe
FirewallRules: [{85DA8C5A-B0E8-42B1-9EB7-A12AA0247D85}] => (Block) C:\program files (x86)\supercollider-3.8.0\sclang.exe
FirewallRules: [TCP Query User{A6621C52-4554-41C6-AD14-1E13B2B2CE0C}C:\program files (x86)\supercollider-3.8.0\scsynth.exe] => (Allow) C:\program files (x86)\supercollider-3.8.0\scsynth.exe
FirewallRules: [UDP Query User{B1FF8614-6B4A-462E-BA91-B58279D6C779}C:\program files (x86)\supercollider-3.8.0\scsynth.exe] => (Allow) C:\program files (x86)\supercollider-3.8.0\scsynth.exe
FirewallRules: [{B28134D5-A719-401F-BD0F-5CC78CF78816}] => (Block) C:\program files (x86)\supercollider-3.8.0\scsynth.exe
FirewallRules: [{8C8B4D71-FBED-4D3F-BCEB-604D022E7A2A}] => (Block) C:\program files (x86)\supercollider-3.8.0\scsynth.exe
FirewallRules: [{095140AA-3FAD-419E-8510-9EFEB6A91E4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{30FF71D3-C1A7-4B91-886F-F8F28D4DB20B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Darksiders II Deathinitive Edition\Darksiders2.exe
FirewallRules: [{A5A1685B-B504-4897-9828-9436BE4B290F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DB3F70F-1CFC-4DE4-8A8F-3D0BCE871365}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{48522CB4-CC04-4A23-99F3-BF6B957E9F42}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{8622E36E-0A18-4EC9-8DA1-9CC2ADA9382B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BB988252-E147-44B2-AAC0-06BE4BFA6E3C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [{4F3F82A3-5E84-4891-AAF5-D3B997FFC115}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dont_starve\bin\dontstarve_steam.exe
FirewallRules: [TCP Query User{A1C978B3-8870-49E7-86AA-BC3543929D43}C:\users\xoe\documents\arduino-1.8.1\java\bin\javaw.exe] => (Block) C:\users\xoe\documents\arduino-1.8.1\java\bin\javaw.exe
FirewallRules: [UDP Query User{929F7C98-95E8-44A0-83E2-E41ECF6BAA00}C:\users\xoe\documents\arduino-1.8.1\java\bin\javaw.exe] => (Block) C:\users\xoe\documents\arduino-1.8.1\java\bin\javaw.exe
FirewallRules: [TCP Query User{A2E0315C-95FE-41FC-86F4-1514B7BBC3D1}C:\users\xoe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\xoe\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{114E61D9-983F-4F16-B806-59FA82371849}C:\users\xoe\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\xoe\appdata\roaming\spotify\spotify.exe
FirewallRules: [{11A0DEC1-E063-4FB4-A1E2-D51E8C8924F1}] => (Block) C:\users\xoe\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A9165CFD-51F0-4B4A-937C-5B8522E76891}] => (Block) C:\users\xoe\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B4D86E37-3772-4DDD-9794-E2152698B397}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{5D3C157F-6E6F-4F0C-9A8D-1F2BB3582688}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TreeOfSavior\release\patch\tos.exe
FirewallRules: [{F108FC50-2491-433A-B971-40EC8D68B927}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{B1BAF9DB-2D59-4553-922B-20C68B1E0845}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe
FirewallRules: [{F713E0E1-AB30-4E3F-BC48-C647F81B2DD2}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{45B9E3AE-7514-4637-865C-C4FF0161874E}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{A1F28A0D-8FB6-4B48-B2F2-C546057BDAA0}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{9A3A3D0B-E9EE-4895-B665-8E4130F9DA59}] => (Allow) C:\Program Files (x86)\R.G. Mechanics\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{6A76F4AE-2730-4427-BEA5-E9A4E53973CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
17-04-2017 14:30:17 Windows Update
17-04-2017 14:33:12 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/19/2017 01:09:34 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:33 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\DCEXEC.EXE".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\100\DTS\Binn\dtshost.exe".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\100\Tools\Binn\SQLdiag.exe".
Dependent Assembly Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\100\DTS\Binn\dtutil.exe".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\100\Tools\Binn\SQLCMD.EXE".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\100\DTS\Binn\DTExec.exe".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\100\COM\qrdrsvc.exe".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\100\COM\logread.exe".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (04/19/2017 01:09:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "c:\Program Files\Microsoft SQL Server\100\COM\DISTRIB.exe".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.1833" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (04/19/2017 01:06:36 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (04/19/2017 12:51:08 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
Error: (04/19/2017 10:54:45 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {784E29F4-5EBE-4279-9948-1E8FE941646D} did not register with DCOM within the required timeout.
Error: (04/19/2017 10:51:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/19/2017 10:51:51 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/19/2017 10:51:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (04/19/2017 10:50:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WsAppService service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (04/19/2017 10:50:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the WsAppService service to connect.
Error: (04/19/2017 10:50:00 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ACProtector service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (04/19/2017 10:50:00 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ACProtector service to connect.
==================== Memory info ===========================
Processor: Intel® Core i5-4288U CPU @ 2.60GHz
Percentage of memory in use: 47%
Total physical RAM: 8122.15 MB
Available physical RAM: 4231.63 MB
Total Virtual: 9402.15 MB
Available Virtual: 4842.16 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:1374.27 GB) (Free:763.15 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.08 GB) (Free:2.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (Expansion Drive) (Fixed) (Total:931.51 GB) (Free:218.52 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 1397.3 GB) (Disk ID: 39ED847C)
Partition: GPT.
========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 0330F74F)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================