continusaly freezing up needs ramturns grayb4 freezing also font shrinks a lot and loses files
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02.01.2018
Ran by Cliff (09-01-2018 06:52:03)
Running from C:\Users\Cliff.MRVN\Desktop
Windows 10 Home Insider Preview Version 1709 17063.1000 (X64) (2018-01-04 04:56:37)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1023311758-2305250523-50345995-500 - Administrator - Disabled)
ally (S-1-5-21-1023311758-2305250523-50345995-1012 - Limited - Enabled) => C:\Users\ally
Cliff (S-1-5-21-1023311758-2305250523-50345995-1010 - Administrator - Enabled) => C:\Users\Cliff
DefaultAccount (S-1-5-21-1023311758-2305250523-50345995-503 - Limited - Disabled)
Guest (S-1-5-21-1023311758-2305250523-50345995-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1023311758-2305250523-50345995-1007 - Limited - Enabled)
mrvn planx (S-1-5-21-1023311758-2305250523-50345995-1002 - Limited - Enabled) => C:\Users\Cliff.MRVN
WDAGUtilityAccount (S-1-5-21-1023311758-2305250523-50345995-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{BDB21711-3628-4159-B1E2-0BF55D105E2E}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{46267326-17DC-4A08-94BB-0FB32E31ACC2}) (Version: 3.1.1.2 - Intel) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Apple Application Support (64-bit) (HKLM\...\{F0C4B709-8BF4-4A72-B527-12E7BF5482F8}) (Version: 6.2.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BD6778C5-6FA5-492A-ADD6-E706339C2A7B}) (Version: 11.0.2.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Application Verifier x64 External Package (HKLM\...\{1CF73668-6325-07F7-A612-A69894189424}) (Version: 10.1.16299.91 - Microsoft) Hidden
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.18 - ASUS)
Azure AD Authentication Connected Service (HKLM-x32\...\{8A1AD070-269F-4A15-AAB5-76AB896EF195}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (HKLM-x32\...\{B2429EA1-767E-4947-A458-F2204A2AA1BB}) (Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (HKLM-x32\...\{37E53780-3944-4A6A-842F-727128E8616E}) (Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools for Windows 10 - ENU (HKLM-x32\...\{E5C9A6AC-6AB9-455C-B8AF-FAC95908D0DF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (HKLM-x32\...\{3DF885A3-8834-49EB-8390-15DCD84DC5FB}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Chrome Remote Desktop Host (HKLM-x32\...\{D61C8E6E-A4F3-4CD8-8568-51CEB5660C89}) (Version: 63.0.3239.32 - Google Inc.)
Cisco VideoGuard Player (HKLM-x32\...\{eb841aaa-19f5-40db-93af-850cf64f61c3}) (Version: 6.8 - Cisco Systems, Inc)
CodedUITestUAP (HKLM-x32\...\{0AB83CFE-A321-364C-8F78-A79084EC90D4}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.22.0 (HKLM-x32\...\{60018889-9E0F-43E8-9B89-29E8C828B40A}) (Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
iCloud (HKLM\...\{99868C9C-C141-4DDE-A2C7-9DDF00F68F17}) (Version: 7.2.0.67 - Apple Inc.)
IDE Tools for Windows 10 - ENU (HKLM-x32\...\{5FAE69D5-D9A7-469A-A021-2EB40F4FE0AB}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (HKLM-x32\...\{F255D538-8ECB-4ED1-9670-E195D403BCCF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Imaging Tools Support (HKLM-x32\...\{9F257400-1142-9DA7-08B1-3C7943367929}) (Version: 10.1.16299.15 - Microsoft) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4653 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{35fa0dcf-eda2-402b-b1f0-64973bb1938a}) (Version: 3.1.1.2 - Intel)
Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (HKLM-x32\...\{26D23C60-AC47-46E5-8EDF-D19F41CAB666}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
iTunes (HKLM\...\{D7D4465C-B3B6-4BC1-B336-2803FB57BFAF}) (Version: 12.7.2.60 - Apple Inc.)
Kits Configuration Installer (HKLM-x32\...\{86E59C8F-61D5-1782-A3CE-60AE7E4D7791}) (Version: 10.1.16299.15 - Microsoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 Targeting Pack (HKLM-x32\...\{69F0E673-85B6-43D2-ACFB-8C7A60EADECA}) (Version: 4.7.02556 - Microsoft Corporation)
Microsoft Filter Pack 2.0 (HKLM\...\{95140000-2000-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft Office Word 2007 Get Started Tab (HKLM-x32\...\{68B52EFD-86CC-486E-A8D0-A3A1554CB5BC}) (Version: 12.0.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1023311758-2305250523-50345995-1002\...\OneDriveSetup.exe) (Version: 17.3.7290.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1023311758-2305250523-50345995-1010\...\OneDriveSetup.exe) (Version: 17.3.7290.1212 - Microsoft Corporation)
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs (HKLM-x32\...\{90120000-00B2-0409-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Microsoft Web Platform Installer 5.0 (HKLM\...\{4D84C195-86F0-4B34-8FDE-4A17EB41306A}) (Version: 5.0.50430.0 - Microsoft Corporation)
MSBuild/NuGet Integration 14.0 (x86) (HKLM-x32\...\{128C1654-3B9E-4959-8BFB-CE6F09C0A01D}) (Version: 14.0.25420 - Microsoft Corporation) Hidden
MSI Development Tools (HKLM-x32\...\{F551B269-FF46-3C3B-5CFC-75F28DC25A06}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
MTP Porting Kit (HKLM-x32\...\{353B1E6D-7073-4450-8C80-699BD8FCFB49}) (Version: 12.0.0 - Microsoft Corp)
Multi-Device Hybrid Apps using C# - Templates - ENU (HKLM-x32\...\{12D99739-FFD3-3761-8AA6-F929E0FE407E}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
PreEmptive Analytics Visual Studio Components (HKLM-x32\...\{436A18DD-5F2C-4B3C-985E-AD3C13B0CC25}) (Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (HKLM-x32\...\{31F41F21-21C1-4A52-AFA7-B7D7F6B181AF}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (HKLM-x32\...\{35BD3B44-C9E4-457D-8260-41566E8BEFE2}) (Version: 14.0.25527 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (HKLM-x32\...\{6970C7E1-F99D-388D-8903-DF8FCE677FED}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (HKLM-x32\...\{6C1985E7-E1C5-3A95-86EF-2C62465F15C3}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
SDK ARM Additions (HKLM-x32\...\{7D684A91-397D-8E77-2AEE-74437D01DFCC}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
SDK ARM Additions EULA (HKLM-x32\...\{D3E6667F-C123-9F65-DABD-E6EEC9426A33}) (Version: 10.1.16299.15 - Microsoft Corporations) Hidden
SDK ARM Redistributables (HKLM-x32\...\{FDC20155-5938-D71D-8970-7D4615CD1564}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
SDK Debuggers (HKLM-x32\...\{A04E8C05-289A-DC80-264D-63EC822D549B}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
SDK Debuggers ARM (HKLM-x32\...\{6DDCC07A-1F4B-60F9-59DC-AEB216EAE0B2}) (Version: 10.1.16299.15 - Microsoft Corporation) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Team Explorer for Microsoft Visual Studio 2015 Update 3.1 (HKLM-x32\...\{7A95671A-759E-3B83-B763-4289D1D24D73}) (Version: 14.102.25619 - Microsoft) Hidden
Test Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{9EABBFE1-7EED-47D9-8FB8-21D7E4808057}) (Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (HKLM-x32\...\{465ACA24-B8D6-4FEC-A42D-9EFCB92CD560}) (Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{BA5762C7-D35F-4725-A4BD-525854127018}) (Version: 1.8.36.0 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{1FBCBC17-4527-2340-0832-B1D49C41FF67}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{21E6C5D9-5A78-AB46-967C-798A13019B9C}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{284FA9A0-CEDD-81D3-5A19-5858E95FD0C4}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (HKLM-x32\...\{F6483AD1-9703-F95E-B07B-6BB7A3DA7B71}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{8BFBEC30-33CC-13B4-849F-3B036F27466A}) (Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{96FB0EE4-8F7E-595E-B5CF-BFCC6BF26014}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{A3D29773-DB48-A5CB-0824-A5A617E26312}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (HKLM-x32\...\{ABD37F71-FC3F-F525-C7B3-BDD95F684C51}) (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (HKLM-x32\...\{18000E31-195C-BBE3-AB19-36DC5E479154}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (HKLM\...\{DCB0DC05-DBBB-0AF1-45A9-00BCD22D1021}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (HKLM-x32\...\{A1A20AC3-EFA4-86AC-E0A2-BC1133B09B53}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{0CA0EE46-8DCB-8CF1-31C3-D0BC93A543AE}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
Universal General MIDI DLS Extension SDK (HKLM-x32\...\{87F42CC0-5403-3698-87D9-3C2A04E476E1}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (HKLM-x32\...\{B2918D01-1D89-34D3-87EF-A28121BC6EB7}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
vs_update3notification (HKLM-x32\...\{AB3DF932-C990-34D4-BF43-970F760DA3CD}) (Version: 14.0.25431 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (HKLM-x32\...\{DB85E7BD-B2DD-43D4-B3C0-23D7B527B597}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{0A3B508E-5638-4471-BCC9-954E1868CB86}) (Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{00B7A934-4D10-5915-F07D-46DD344A883E}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinAppDeploy (HKLM-x32\...\{1182888E-EDC9-05C5-33BD-B61DA5B1F916}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22334 - Microsoft Corporation)
Windows Driver Kit - Windows 10.0.16299.15 (HKLM-x32\...\{083703eb-746f-4d31-87e5-fdd5c2a01146}) (Version: 10.1.16299.15 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.14393.33 (HKLM-x32\...\{f23f94c5-8bba-4202-85ad-c83d4402cdc1}) (Version: 10.1.14393.33 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.16299.91 (HKLM-x32\...\{41c167b6-586a-42d2-9c2c-e21fd64fe76d}) (Version: 10.1.16299.91 - Microsoft Corporation)
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{01F53182-F1C8-8A72-5C86-B6612BDD4815}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - en-us (HKLM-x32\...\{706F9534-71E4-1787-8580-9DC985088696}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{2AC000E5-E5E6-75B7-7FC2-9ECA8C57CA98}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{62DD211D-0675-80B9-AB81-86948034F50B}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{6DF5B5E1-A8A0-B617-AADB-31C3709A3C41}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (HKLM-x32\...\{A18BFD0C-F821-13E4-5DD0-7ABBCB815030}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{1AAB8359-4433-FF39-D420-0AD429993AD7}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{950E5FD1-5F35-D015-7AA9-B86661EB3F42}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense Mobile - en-us (HKLM-x32\...\{518F44A6-97D5-2E6A-A244-9AABEC3E5056}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{7A220688-8759-2207-02FE-AC4A883F4F29}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (HKLM-x32\...\{CB7AC790-0E8B-D6C9-CE1E-655793E7D541}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{3AAAA2EB-49CB-DC86-33FF-F9218CB6EAA9}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{87775501-5259-6A7C-51A6-71C832DB7ABA}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{BBE15D99-F7ED-61C6-8DEC-8F5A126B9838}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (HKLM-x32\...\{CFD0294B-945D-62E4-7959-9B22A160496F}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{919ADF57-6412-FAF8-03A4-1882FC29A0F3}) (Version: 10.1.16299.91 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{F75FD5E5-1F33-AE2B-715A-F829F8A8F51D}) (Version: 10.1.14393.33 - Microsoft Corporation) Hidden
WLPC Content (HKLM-x32\...\{65EF1893-0B6C-00D9-5F16-F0E30B928DD4}) (Version: 10.1.16299.15 - Microsoft) Hidden
WLPC Versioned Content (HKLM-x32\...\{3F306B93-818C-1A0B-B74A-C2B273B08750}) (Version: 10.1.16299.15 - Microsoft) Hidden
WPT Redistributables (HKLM-x32\...\{DCE5F50C-7452-BFC6-12A5-6ABE887A3BA3}) (Version: 10.1.16299.91 - Microsoft) Hidden
WPTx64 (HKLM-x32\...\{308F8742-B37E-6D15-85D1-4EC5E0DDBC5E}) (Version: 10.1.16299.91 - Microsoft) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1023311758-2305250523-50345995-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-95929EB157FE}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => No File
CustomCLSID: HKU\S-1-5-21-1023311758-2305250523-50345995-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-1023311758-2305250523-50345995-1010_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-12-08] (Apple Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-18] (Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04438307-B6EE-4135-918E-E3F39C1D8257} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-25] (Google Inc.)
Task: {36A0B2C9-F3E4-4C90-931F-9D148C327828} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-25] (Google Inc.)
Task: {39CD8570-0698-47B5-961A-0BE51BEA9E2A} - System32\Tasks\Microsoft\Windows\WaaSMedic\PerformRemediation
Task: {3E822BAD-5F7C-4890-85B7-8B13207A2C2A} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2017-12-08] (Apple Inc.)
Task: {4087C800-4072-4D8F-BC41-0DE516C9D5D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-10-12] (Apple Inc.)
Task: {42BB2A84-0762-4F36-BDE0-8F4F1DD2E12D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-03-09] (AsusTek)
Task: {42DD1243-8291-43E2-87BE-E7E81C190CC8} - System32\Tasks\Adobe Uninstaller => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2017-09-20] (Adobe Systems Incorporated)
Task: {59A59AC4-8BDE-41DB-AD44-BAACAA25B2FB} - System32\Tasks\Norton Product Installer => C:\ProgramData\NortonInstaller\NSSInstallStub.exe [2017-05-11] (Symantec Corporation)
Task: {722FF023-C8F8-4301-A28E-73D5BF444C5A} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {7B4B21F0-FB09-44E4-9828-82AA2601B649} - System32\Tasks\Microsoft\Windows\Speech\HeadsetButtonPress => C:\WINDOWS\system32\speech_onecore\common\SpeechRuntime.exe [2017-12-14] (Microsoft Corporation)
Task: {8CA4E8EF-D888-4D52-B66A-282EF96B573D} - System32\Tasks\Microsoft\Windows\LanguageComponentsInstaller\ReconcileLanguageResources
Task: {A8E9E6B3-FE20-4AC7-8662-22440C043D80} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe
Task: {B52885E5-0FD3-4EC1-9FB4-A5AD5457780F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {B7E22CCC-066E-49F2-B6FA-42A6852D7E39} - System32\Tasks\Microsoft\Windows\DirectX\DXGIAdapterCache => C:\WINDOWS\system32\dxgiadaptercache.exe [2017-12-14] (Microsoft Corporation)
Task: {CFE6A3E4-E83B-4474-A5A5-CA9875D75C83} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {D2E66C69-7A8D-4A67-A5CA-8410FCAF4089} - System32\Tasks\Norton Product InstallerIdle => C:\ProgramData\NortonInstaller\NSSInstallStub.exe [2017-05-11] (Symantec Corporation)
Task: {E327DB93-A0CD-4A2B-ACDE-7328736872C8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2017-12-14] ()
Task: {FC523F87-4D1B-4462-A38C-1A57CBA0F536} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Norton Product Installer.job => C:\ProgramData\NortonInstaller\NSSInstallStub.exe
Task: C:\WINDOWS\Tasks\Norton Product InstallerIdle.job => C:\ProgramData\NortonInstaller\NSSInstallStub.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Cliff\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
==================== Loaded Modules (Whitelisted) ==============
2017-12-14 04:46 - 2017-12-14 04:46 - 000403904 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-12-08 01:48 - 2017-12-08 01:48 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000181992 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2017-09-26 02:52 - 2017-09-26 02:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-12-14 04:46 - 2017-12-14 04:46 - 000471552 _____ () C:\Windows\ShellExperiences\TileControl.dll
2017-12-14 04:46 - 2017-12-14 04:46 - 002399744 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2017-12-14 04:47 - 2017-12-14 06:24 - 002094592 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-12-14 04:46 - 2017-12-14 04:46 - 000031232 _____ () C:\WINDOWS\system32\Windows.WARP.JITService.exe
2017-12-11 11:05 - 2017-12-11 11:05 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2017-12-11 11:05 - 2017-12-11 11:05 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-01-04 19:53 - 2018-01-03 03:20 - 004063064 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libglesv2.dll
2018-01-04 19:53 - 2018-01-03 03:20 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\libegl.dll
2017-09-26 02:52 - 2017-09-26 02:52 - 034879568 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2017-12-07 23:29 - 2017-12-07 23:29 - 000885992 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2017-12-07 23:29 - 2017-12-07 23:29 - 002309864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000270056 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000260328 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000306920 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000231144 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000277736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000638696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000212200 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000447208 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000375528 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000609512 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000295144 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sampler_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000248040 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2017-12-07 23:29 - 2017-12-07 23:29 - 000708328 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-01-03 23:40 - 2018-01-03 23:43 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-03 23:40 - 2018-01-03 23:43 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-09-20 02:42 - 2017-09-20 02:42 - 067115616 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2017-09-06 18:11 - 2017-09-06 18:11 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-20 03:04 - 2017-09-20 03:04 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-06 18:11 - 2017-09-06 18:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\fs-ext\build\Release\fs-ext.node
2017-09-12 20:10 - 2017-09-12 20:10 - 000117760 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ref\build\Release\binding.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000125440 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\ffi\build\Release\ffi_bindings.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2017-09-20 02:59 - 2017-09-20 02:59 - 000099424 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2017-09-12 20:11 - 2017-09-12 20:11 - 000098816 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\bufferutil\build\Release\bufferutil.node
2017-09-12 20:11 - 2017-09-12 20:11 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioEndpointBuilder => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AudioSrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudAddService.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HdAudBus.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\usbaudio.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => ""="Media"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96C-E325-11CE-BFC1-08002BE10318} => "SafeBootDrivers"="1"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-12-24 15:47 - 2017-12-24 15:44 - 000000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1023311758-2305250523-50345995-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Cliff.MRVN\pictures\2017-12-24\071.jpg
HKU\S-1-5-21-1023311758-2305250523-50345995-1010\Control Panel\Desktop\\Wallpaper -> C:\Users\Cliff\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\071.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKU\S-1-5-21-1023311758-2305250523-50345995-1002\...\StartupApproved\Run: => "WarThunderLauncher"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe
FirewallRules: [{CF5D05FC-B4A1-45AB-9E58-BD74BEB007DA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2B11D1DF-CED9-4CF9-9C14-9A9D90F83C0E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F8B9DF09-5371-4A72-99FE-99EC9DE61ABC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{008EF18F-F082-4048-B279-B37227512195}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D11D7850-E15F-46C6-9146-91C5AB119609}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E4A8A979-FC72-4E50-88E7-C82591B3CA16}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{2903DDC2-1B0E-46FB-B37D-109ABDAD0B01}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{16694A27-2546-4E8A-A186-159E6A1F6DCF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{3DF7066E-448C-41A3-8A54-3085103FED14}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{57FB744E-F5A8-4DF4-BC70-DBD16FA0E17F}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A3C1D235-A9F6-47DA-A8D3-4DC916B792E4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B007B2F2-BE8E-4F8D-9C59-8ACAAEB11F97}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C5E63473-4DDA-46B4-920C-136F08D290E6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{C23ED322-880B-4F69-8FFC-E46A1BC4C2A7}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{AFEA5500-FDBD-4AB0-BDEF-0DDD9A3C83D4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{8A1EB08C-65BF-4A08-98AA-6C988269C7B8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.70.388.0_x86__zpdnekdrzrea0\SpotifyWebHelper.exe
FirewallRules: [{06701B86-419F-4481-B622-31240C1ECA4B}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\63.0.3239.32\remoting_host.exe
FirewallRules: [{CF35FB81-6394-4373-8A81-D8CE99A78820}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{A551B0CC-17A6-447D-A08C-075F2FF30042}C:\users\cliff.mrvn\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\cliff.mrvn\appdata\local\warthunder\launcher.exe
FirewallRules: [UDP Query User{25E6E285-0847-4090-B5B2-26D6C8416573}C:\users\cliff.mrvn\appdata\local\warthunder\launcher.exe] => (Allow) C:\users\cliff.mrvn\appdata\local\warthunder\launcher.exe
FirewallRules: [{A908C64D-0410-4EFF-AF4F-60FBF6E4AC24}] => (Block) C:\users\cliff.mrvn\appdata\local\warthunder\launcher.exe
FirewallRules: [{9DA6B54C-2FA2-4987-AECA-271AC647CFBF}] => (Block) C:\users\cliff.mrvn\appdata\local\warthunder\launcher.exe
FirewallRules: [{DC5FD9C4-0C1A-4C14-B611-1F639B9F6B4F}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{A0D1BE2F-A2C4-4E2C-907E-E54575DBD492}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{11B6E171-7ECE-48E2-BC21-298F9AE3DF00}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{A3679BAA-1EEC-413E-8CA4-656709B8B2E9}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [TCP Query User{A54940DC-C14E-4A96-B104-88DDE26EA93F}C:\program files (x86)\switcher\switchercast\switcherwindows.exe] => (Allow) C:\program files (x86)\switcher\switchercast\switcherwindows.exe
FirewallRules: [UDP Query User{DFE1CF65-EFEB-453C-A19E-1D1C12CCA315}C:\program files (x86)\switcher\switchercast\switcherwindows.exe] => (Allow) C:\program files (x86)\switcher\switchercast\switcherwindows.exe
==================== Restore Points =========================
04-01-2018 12:57:58 Installed Chrome Remote Desktop Host
06-01-2018 04:40:05 Intel® Driver & Support Assistant
07-01-2018 17:41:56 Removed Adobe Acrobat DC.
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (01/09/2018 06:34:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17063.1000, time stamp: 0xcb02ffda
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17063.1000, time stamp: 0xc1f00731
Exception code: 0xc000027b
Fault offset: 0x0000000000719a46
Faulting process id: 0x162c
Faulting application start time: 0x01d3894627a8734c
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 8199e245-b495-4596-960a-7b80b45b7593
Faulting package full name: windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Error: (01/09/2018 06:34:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17063.1000, time stamp: 0xcb02ffda
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17063.1000, time stamp: 0xc1f00731
Exception code: 0xc000027b
Fault offset: 0x0000000000719a46
Faulting process id: 0x1920
Faulting application start time: 0x01d389461fd97d1a
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 82086ab9-38bb-4d80-8482-8268aabf9f65
Faulting package full name: windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Error: (01/09/2018 06:33:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17063.1000, time stamp: 0xcb02ffda
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17063.1000, time stamp: 0xc1f00731
Exception code: 0xc000027b
Fault offset: 0x0000000000719a46
Faulting process id: 0xb78
Faulting application start time: 0x01d3894608d65e07
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 2e39379a-f037-4413-a733-70e466699dd4
Faulting package full name: windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Error: (01/09/2018 06:32:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17063.1000, time stamp: 0xcb02ffda
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17063.1000, time stamp: 0xc1f00731
Exception code: 0xc000027b
Fault offset: 0x0000000000719a46
Faulting process id: 0x7a4
Faulting application start time: 0x01d38945d8b5934a
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 52c4ac20-6760-4ab1-81c8-b622f35c3e1c
Faulting package full name: windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Error: (01/09/2018 06:30:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17063.1000, time stamp: 0xcb02ffda
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17063.1000, time stamp: 0xc1f00731
Exception code: 0xc000027b
Fault offset: 0x0000000000719a46
Faulting process id: 0x1b90
Faulting application start time: 0x01d38945817041b4
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: cbf71f21-e660-4b17-9579-6dd40e49e1a7
Faulting package full name: windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Error: (01/09/2018 06:28:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17063.1000, time stamp: 0xcb02ffda
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17063.1000, time stamp: 0xc1f00731
Exception code: 0xc000027b
Fault offset: 0x0000000000719a46
Faulting process id: 0xcd4
Faulting application start time: 0x01d389455fd297b2
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: e86d274a-0f74-4717-9528-4393bb10935f
Faulting package full name: windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Error: (01/09/2018 06:27:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17063.1000, time stamp: 0xcb02ffda
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17063.1000, time stamp: 0xc1f00731
Exception code: 0xc000027b
Fault offset: 0x0000000000719a46
Faulting process id: 0x3508
Faulting application start time: 0x01d3894544992553
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 10e2c8bf-22bd-4adf-932d-2b96bd563fe0
Faulting package full name: windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Error: (01/09/2018 06:26:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemSettings.exe, version: 10.0.17063.1000, time stamp: 0xcb02ffda
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.17063.1000, time stamp: 0xc1f00731
Exception code: 0xc000027b
Fault offset: 0x0000000000719a46
Faulting process id: 0x450
Faulting application start time: 0x01d389451b673f9b
Faulting application path: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 03fb6fcd-39a5-4d94-a200-1a3d44fae98b
Faulting package full name: windows.immersivecontrolpanel_10.0.1.1000_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: microsoft.windows.immersivecontrolpanel
Error: (01/09/2018 06:01:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_LicenseManager, version: 10.0.17063.1000, time stamp: 0xcfa34705
Faulting module name: KERNELBASE.dll, version: 10.0.17063.1000, time stamp: 0xe8bea37b
Exception code: 0xe06d7363
Fault offset: 0x0000000000041068
Faulting process id: 0xfa8
Faulting application start time: 0x01d38941842b3e55
Faulting application path: C:\WINDOWS\System32\svchost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: eab6220f-653e-4ec4-869f-b2e381fe0472
Faulting package full name:
Faulting package-relative application ID:
Error: (01/09/2018 05:55:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_LicenseManager, version: 10.0.17063.1000, time stamp: 0xcfa34705
Faulting module name: KERNELBASE.dll, version: 10.0.17063.1000, time stamp: 0xe8bea37b
Exception code: 0xe06d7363
Fault offset: 0x0000000000041068
Faulting process id: 0xb08
Faulting application start time: 0x01d38940cc71db07
Faulting application path: c:\windows\system32\svchost.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: e461b267-2820-4dd5-af48-17d83c7a0080
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (01/09/2018 06:11:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/09/2018 06:05:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/09/2018 06:01:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows License Manager Service service terminated unexpectedly. It has done this 2 time(s).
Error: (01/09/2018 05:58:12 AM) (Source: DCOM) (EventID: 10016) (User: MRVN12)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user MRVN12\mrvn planx SID (S-1-5-21-1023311758-2305250523-50345995-1002) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (01/09/2018 05:56:08 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Windows License Manager Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/09/2018 05:55:59 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [IKEv2] failed to initialize. The request is not supported.
Error: (01/09/2018 05:55:59 AM) (Source: RemoteAccess) (EventID: 20063) (User: )
Description: Remote Access Connection Manager failed to start because the Protocol engine [rasgreeng.dll] failed to initialize. The specified module could not be found.
Error: (01/09/2018 05:55:55 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The OctBroker service terminated with the following error:
The request is not supported.
Error: (01/09/2018 05:55:54 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (01/09/2018 05:55:51 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:54:27 AM on 1/9/2018 was unexpected.
CodeIntegrity:
===================================
Date: 2018-01-09 01:10:11.511
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 15:18:26.579
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Norton Security\Engine\22.9.3.13\wscstub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-07 15:18:26.352
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Norton Security\Engine\22.9.3.13\wscstub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-07 15:18:26.064
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Norton Security\Engine\22.9.3.13\wscstub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-07 15:18:25.846
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Norton Security\Engine\22.9.3.13\wscstub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-07 15:18:25.622
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Norton Security\Engine\22.9.3.13\wscstub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-07 15:18:25.395
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Norton Security\Engine\22.9.3.13\wscstub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-07 12:51:40.586
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll that did not meet the Microsoft signing level requirements.
Date: 2018-01-07 12:31:38.999
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Norton Security\Engine\22.8.0.50\wscstub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2018-01-07 12:31:38.842
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Norton Security\Engine\22.8.0.50\wscstub.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i3-3217U CPU @ 1.80GHz
Percentage of memory in use: 75%
Total physical RAM: 3981.74 MB
Available physical RAM: 976.72 MB
Total Virtual: 6157.74 MB
Available Virtual: 2002.05 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:185.87 GB) (Free:60.1 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (DATA) (Fixed) (Total:258.34 GB) (Free:256.65 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 568814A2)
Partition: GPT.
==================== End of Addition.txt ============================