Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-03-2017 Ran by Sam (01-03-2017 14:24:43) Running from C:\Users\Sam\Downloads\Programs Windows 10 Pro Version 1607 (X64) (2016-09-08 07:39:55) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3653366589-2136393034-3949511618-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3653366589-2136393034-3949511618-503 - Limited - Disabled) Guest (S-1-5-21-3653366589-2136393034-3949511618-501 - Limited - Disabled) Sam (S-1-5-21-3653366589-2136393034-3949511618-1001 - Administrator - Enabled) => C:\Users\Sam ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Ableton Live 9 Suite (HKLM\...\{4AC7A239-9921-492D-A32E-171B88EA8C14}) (Version: 9.0.0.0 - Ableton) Adblock Plus for IE (32-bit and 64-bit) (HKLM\...\{0F347A49-E36C-4639-8D2E-003AD408B8B2}) (Version: 1.5 - Eyeo GmbH) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.233 - Adobe Systems Incorporated) Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.205 - Adobe Systems Incorporated) AIDA64 Extreme v4.50 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.50 - FinalWire Ltd.) Alien: Isolation (HKLM\...\Steam App 214490) (Version: - Creative Assembly) Analog Lab 2 2.0.2 (HKLM-x32\...\Analog Lab 2_is1) (Version: 2.0.2 - Arturia) Ansel (Version: 378.66 - NVIDIA Corporation) Hidden Apple Application Support (32-bit) (HKLM-x32\...\{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 - Apple Inc.) Apple Application Support (64-bit) (HKLM\...\{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 - Apple Inc.) ARP2600 V2 2.0 (HKLM-x32\...\ARP2600 V2_is1) (Version: - Arturia) Arturia Software Center 1.1.9 (HKLM-x32\...\Arturia Software Center_is1) (Version: 1.1.9 - Arturia) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.13 - Michael Tippach) Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield™ 1 (HKLM-x32\...\{335B50BC-6130-4BAF-9A6A-F1561270587B}) (Version: 1.0.49.14731 - Electronic Arts) Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB) Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.0 - Bethesda Softworks) BioShock Remastered (HKLM\...\Steam App 409710) (Version: - 2K Boston) BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team) BR-80 Driver (HKLM\...\RolandRDID0118) (Version: - Roland Corporation) Brass 2.0.5 (HKLM-x32\...\Brass 2.0.5_is1) (Version: - Arturia) Bulk Image Downloader v4.98.0.0 (HKLM-x32\...\Bulk Image Downloader_is1) (Version: - Antibody Software) CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) CPUID CPU-Z 1.78 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - ) Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited) Creative Media Toolbox 6 (HKLM-x32\...\{F1A14CB2-A048-45A6-AFDA-3571296E1D76}) (Version: 6.02 - Creative Technology Limited) Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited) Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited) Crucial Storage Executive (HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\Crucial Storage Executive 3.20.042015.06) (Version: 3.20.042015.06 - Crucial) CrystalDiskInfo 6.5.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.5.2 - Crystal Dew World) CS-80V2 2.0 (HKLM-x32\...\CS-80V2_is1) (Version: - Arturia) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0114 - Disc Soft Ltd) DARK SOULS III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.) dBpoweramp (HKLM-x32\...\dBpoweramp) (Version: Release 15.1 - Illustrate) dBpoweramp DSP Effects (HKLM-x32\...\dBpoweramp DSP Effects) (Version: Release 11 - Illustrate) Discord (HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited) DOOM (HKLM\...\Steam App 379720) (Version: - id Software) DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited) eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH) Epic Games Launcher (HKLM-x32\...\{2DE76AAC-8061-4D9B-B7BA-A7CFBE0F8048}) (Version: 1.1.86.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden FabFilter Pro-Q VST RTAS v1.0.1.6 (HKLM-x32\...\FabFilter Pro-Q VST RTAS_is1) (Version: - TEAM AiR) Fallout Shelter (HKLM-x32\...\Fallout Shelter) (Version: - Bethesda Softworks) foobar2000 v1.3.8 (HKLM-x32\...\foobar2000) (Version: 1.3.8 - Peter Pawlowski) Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - ) Futuremark SystemInfo (HKLM-x32\...\{70690D9E-3D00-47D6-9CE9-BC3B6F900447}) (Version: 4.41.563.0 - Futuremark) GameRanger (HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\GameRanger) (Version: - GameRanger Technologies) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden GoPro VR Player 2.0 (HKLM\...\GoPro VR Player 2.0) (Version: V2.0.2 - GoPro) Grand Theft Auto V (HKLM\...\Steam App 271590) (Version: - Rockstar North) Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music) Gwent (HKLM-x32\...\1971477531_is1) (Version: 2.0.0.0 - GOG.com) HF pAppLoc version 1.2 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.2 - Inquisitor) Hotline Miami 2: Wrong Number (HKLM\...\Steam App 274170) (Version: - Dennaton Games) IdleMaster (HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\1d85483b1c982d8c) (Version: 1.4.0.0 - IdleMaster) Indiana Jones and the Fate of Atlantis (HKLM\...\Steam App 6010) (Version: - LucasArts) Intel Driver Update Utility (HKLM-x32\...\{fe92d390-13ee-4660-a2f8-39a066fdffe0}) (Version: 2.2.0.5 - Intel) Intel(R) Chipset Device Software (x32 Version: 10.1.2.9 - Intel(R) Corporation) Hidden Intel(R) Driver Update Utility 2.2.0.5 (x32 Version: 2.2.0.1 - Intel) Hidden Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation) Intel(R) Network Connections 19.3.141.0 (HKLM\...\PROSetDX) (Version: 19.3.141.0 - Intel) Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) iTunes (HKLM\...\{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 - Apple Inc.) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) JPEXS Free Flash Decompiler (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 9.0.0 - JPEXS) Jupiter-8V2 2.0 (HKLM-x32\...\Jupiter-8V2_is1) (Version: - Arturia) Just Cause 3 (HKLM\...\Steam App 225540) (Version: - Avalanche Studios) K-Lite Mega Codec Pack 12.2.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 12.2.2 - KLCP) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden Logitech Gaming Software 8.75 (HKLM\...\Logitech Gaming Software) (Version: 8.75.30 - Logitech Inc.) LOOT version 0.10.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.10.1 - LOOT Team) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) METAL GEAR SOLID V: THE PHANTOM PAIN (HKLM-x32\...\Steam App 287700) (Version: - Konami Digital Entertainment) Metro 2033 Redux (HKLM\...\Steam App 286690) (Version: - 4A GAMES) Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation) Microsoft Server Speech Recognition Language - TELE (en-US) (HKLM-x32\...\{66D57636-BD4B-402F-9E7D-5E89C28C8136}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Server Speech Text to Speech Voice (en-US, Helen) (HKLM-x32\...\{8466EAED-7024-4AEE-9D13-F3A55B98D114}) (Version: 11.0.7400.335 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - ) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) Minecraft1.8.8 (HKLM-x32\...\Minecraft1.8.8) (Version: - ) minimoog V2 2.0 (HKLM-x32\...\minimoog V2_is1) (Version: - Arturia) Moog Modular V 2.5 (HKLM-x32\...\Moog Modular V 2_is1) (Version: - Arturia) MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD) MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.1.02 - MSI) MSI ECO Center (HKLM-x32\...\{1E55202F-4D31-498A-8F72-97DCBA9F2866}_is1) (Version: 1.0.0.35 - MSI) MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.5 - MSI) MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.009 - MSI) Native Instruments Abbey Road 60s Drums (HKLM-x32\...\Native Instruments Abbey Road 60s Drums) (Version: - Native Instruments) Native Instruments Abbey Road 70s Drums (HKLM-x32\...\Native Instruments Abbey Road 70s Drums) (Version: - Native Instruments) Native Instruments Abbey Road 80s Drums (HKLM-x32\...\Native Instruments Abbey Road 80s Drums) (Version: - Native Instruments) Native Instruments Abbey Road Modern Drums (HKLM-x32\...\Native Instruments Abbey Road Modern Drums) (Version: - Native Instruments) Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: - Native Instruments) Native Instruments Action Strings (HKLM-x32\...\Native Instruments Action Strings) (Version: - Native Instruments) Native Instruments Alicias Keys (HKLM-x32\...\Native Instruments Alicias Keys) (Version: - Native Instruments) Native Instruments Balinese Gamelan (HKLM-x32\...\Native Instruments Balinese Gamelan) (Version: - Native Instruments) Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version: - Native Instruments) Native Instruments Battery Library Importer for Maschine (HKLM-x32\...\Native Instruments Battery Library Importer for Maschine) (Version: - Native Instruments) Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version: - Native Instruments) Native Instruments Evolve Mutations (HKLM-x32\...\Native Instruments Evolve Mutations) (Version: - Native Instruments) Native Instruments Evolve Mutations 2 (HKLM-x32\...\Native Instruments Evolve Mutations 2) (Version: - Native Instruments) Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: - Native Instruments) Native Instruments George Duke Soul Treasures (HKLM-x32\...\Native Instruments George Duke Soul Treasures) (Version: - Native Instruments) Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: - Native Instruments) Native Instruments Komplete 8 Ultimate (HKLM-x32\...\Native Instruments Komplete 8 Ultimate) (Version: - Native Instruments) Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: - Native Instruments) Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: - Native Instruments) Native Instruments Maschine Drum Selection (HKLM-x32\...\Native Instruments Maschine Drum Selection) (Version: - Native Instruments) Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: - Native Instruments) Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version: - Native Instruments) Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: - Native Instruments) Native Instruments Razor (HKLM-x32\...\Native Instruments Razor) (Version: - Native Instruments) Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: - Native Instruments) Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: - Native Instruments) Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: - Native Instruments) Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: - Native Instruments) Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: - Native Instruments) Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version: - Native Instruments) Native Instruments Scarbee Jay-Bass (HKLM-x32\...\Native Instruments Scarbee Jay-Bass) (Version: - Native Instruments) Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: - Native Instruments) Native Instruments Scarbee MM-Bass Amped (HKLM-x32\...\Native Instruments Scarbee MM-Bass Amped) (Version: - Native Instruments) Native Instruments Scarbee Pre-Bass (HKLM-x32\...\Native Instruments Scarbee Pre-Bass) (Version: - Native Instruments) Native Instruments Scarbee Pre-Bass Amped (HKLM-x32\...\Native Instruments Scarbee Pre-Bass Amped) (Version: - Native Instruments) Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: - Native Instruments) Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments) Native Instruments Session Strings Pro (HKLM-x32\...\Native Instruments Session Strings Pro) (Version: - Native Instruments) Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: - Native Instruments) Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: - Native Instruments) Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: - Native Instruments) Native Instruments The Mouth (HKLM-x32\...\Native Instruments The Mouth) (Version: - Native Instruments) Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: - Native Instruments) Native Instruments Transient Master (HKLM-x32\...\Native Instruments Transient Master) (Version: - Native Instruments) Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version: - Native Instruments) Native Instruments VC 160 (HKLM-x32\...\Native Instruments VC 160) (Version: - Native Instruments) Native Instruments VC 2A (HKLM-x32\...\Native Instruments VC 2A) (Version: - Native Instruments) Native Instruments VC 76 (HKLM-x32\...\Native Instruments VC 76) (Version: - Native Instruments) Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version: - Native Instruments) Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: - Native Instruments) Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: - Native Instruments) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.13 - Black Tree Gaming) Nike+ Connect (HKLM-x32\...\Nike+ Connect) (Version: 6.6.34 - Nike) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team) NVIDIA GeForce Experience 3.3.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.3.0.95 - NVIDIA Corporation) NVIDIA Graphics Driver 378.66 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 378.66 - NVIDIA Corporation) NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation) NvNodejs (Version: 3.3.0.95 - NVIDIA Corporation) Hidden NvTelemetry (Version: 2.3.5.0 - NVIDIA Corporation) Hidden NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.) Papers, Please (HKLM\...\Steam App 239030) (Version: - 3909) PCM Native Reverb VST Plug-in (HKLM-x32\...\PCM Native Reverb VST Plug-in) (Version: - Lexicon) PCM Native Reverb VST Plug-in (x32 Version: 1.0.0 - Lexicon) Hidden piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS) Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.) QUAD-CAPTURE Driver (HKLM\...\RolandRDID0117) (Version: - Roland Corporation) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8010 - Realtek Semiconductor Corp.) reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version: - ) Resident Evil / biohazard HD REMASTER (HKLM\...\Steam App 304240) (Version: - CAPCOM Co., Ltd.) RESIDENT EVIL 7 biohazard / BIOHAZARD 7 resident evil (HKLM\...\Steam App 418370) (Version: - CAPCOM Co., Ltd.) RivaTuner Statistics Server 6.5.0 (HKLM-x32\...\RTSS) (Version: 6.5.0 - Unwinder) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.4 - Rockstar Games) SEGA Mega Drive & Genesis Classics (HKLM\...\Steam App 34270) (Version: - Sega) SHIELD Streaming (Version: 7.1.0351 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 3.3.0.95 - NVIDIA Corporation) Hidden Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.) Star Citizen Launcher (HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games) STAR WARS™ Battlefront™ II (HKLM\...\Steam App 6060) (Version: - Pandemic Studios) STAR WARS™: Dark Forces (HKLM\...\Steam App 32400) (Version: - LucasArts) STAR WARS™: Knights of the Old Republic™ (HKLM\...\Steam App 32370) (Version: - BioWare) Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.8.0.10 - GOG.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stranded Deep (HKLM\...\Steam App 313120) (Version: - Beam Team Games) SunsetScreen (HKLM\...\{155DF28A-39B0-4447-BA5F-4347AC6A3197}) (Version: - Skytopia) Swiff Player 1.7.2 (HKLM-x32\...\Swiff Player_is1) (Version: 1.7.2 - GlobFX Technologies) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) The Chronicles of Riddick - Assault on Dark Athena (HKLM-x32\...\1207659070_is1) (Version: 2.1.0.14 - GOG.com) The Dig (HKLM\...\Steam App 6040) (Version: - LucasArts) The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version: - Bethesda Game Studios) The Witcher 3 - Wild Hunt - Game of the Year Edition (HKLM-x32\...\1495134320_is1) (Version: 1.30.0.0 - GOG.com) TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version: - Jonathan Lermitage) UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.) <==== ATTENTION Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft) VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN) Volume Panel (HKLM-x32\...\Creative Volume Panel) (Version: 2.21 - Creative Technology Limited) Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Vuze (HKLM-x32\...\8461-7759-5462-8226) (Version: 5.7.4.0 - Azureus Software, Inc.) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) WinDirStat 1.1.2 (HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\WinDirStat) (Version: - ) Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17354 - Microsoft Corporation) WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH) Wireless AC1200 Dual Band USB Adapter (HKLM-x32\...\{5F1C0C6E-0E47-4D60-8971-6EF9FC439B8B}) (Version: 1 - D-Link) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {12EE0B8D-BE32-4BD0-95FF-DD7F59BA3742} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-01-20] (NVIDIA Corporation) Task: {2149CB45-ECDA-4EE5-9AEA-25409616B473} - System32\Tasks\Silepir => C:\PROGRA~1\Ozardevi\Muxuduii.bat <==== ATTENTION Task: {221293B5-509F-4A10-82A0-F228A92888BF} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation) Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe Task: {3BDA89A7-BF6A-47BE-9F78-192D311852FA} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2016-10-20] () Task: {40FA0988-5E69-40F6-8352-45E4D9BA64F3} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2016-10-24] () Task: {430791AF-8F05-4B1C-8D5E-C1F8110072A1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation) Task: {495B4F3E-FA3B-4B2E-9400-0890A4A5FD71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.) Task: {607BAA33-9097-42FC-A05C-0C0C0015CE24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.) Task: {64B7D928-0CC2-4F2F-AFD9-14995D8A3676} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-01-20] (NVIDIA Corporation) Task: {65549611-0B5D-45B2-89FC-C0AC75E3B7D2} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2016-01-11] (@ByELDI) Task: {6B865807-5E7C-42B8-9082-DA8D160F7192} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-02-23] (Microsoft Corporation) Task: {6EB716AB-6A22-4430-95B9-C8011DB9C4F0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-07] (Piriform Ltd) Task: {76E08FC3-AABF-4FF9-8674-083833D51685} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-01-20] (NVIDIA Corporation) Task: {7D51782E-B47C-42FB-9C80-0FAECBDCC9DF} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-06-23] () Task: {A3BD9556-51F8-4388-A091-4E0902C8F784} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-01-20] (NVIDIA Corporation) Task: {A9DCC5FA-A2E0-43DD-915C-04079914EE8D} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-01-20] (NVIDIA Corporation) Task: {AFE0D13D-0D20-48CB-BA89-71B0026404E2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {BBD5E15C-E9BA-4F40-9257-880D328691D7} - System32\Tasks\EVGAPrecisionX => C:\Program Files (x86)\EVGA\Precision XOC\PrecisionX_x64.exe Task: {BD78E594-50C7-46D8-B06D-375005672C29} - System32\Tasks\{EEBEDF8F-5915-6824-A70F-FB7272479753} => C:\ProgramData\{21301EF0-969B-A95B-0C3C-7CCCAFE4D1B6}\67DBE9B8-D070-5E13-69F8-CB4D7382A1CD.exe <==== ATTENTION Task: {D163AD6A-3154-45A4-B240-51FF8E79B715} - System32\Tasks\{2352A6B5-085C-2375-8455-BF522F057B2E} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\696f9ea6\cfec8d3.dll" <==== ATTENTION Task: {D1D6B0F6-0924-4B6D-B0BF-86F7F733C63E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation) Task: {DFE00B17-FE26-4E1F-8E23-50C94FC86A72} - \{080C0947-090C-790B-0C11-0E7D040A117D} -> No File <==== ATTENTION Task: {FAD52AEE-46D0-4826-BE6B-BB8128087564} - \SessionAgent -> No File <==== ATTENTION (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) Shortcut: C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TikiOne Steam Cleaner\TikiOne Steam Cleaner.lnk -> C:\Program Files (x86)\TikiOne Steam Cleaner\tikione-steam-cleaner.bat () Shortcut: C:\Users\Sam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Sam\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat () ==================== Loaded Modules (Whitelisted) ============== 2016-07-16 05:42 - 2016-07-16 05:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-12-15 01:09 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2017-02-20 11:27 - 2017-01-20 12:39 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-20 11:27 - 2017-01-20 12:39 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll 2017-02-22 13:38 - 2015-10-01 15:54 - 00048856 _____ () C:\Windows\runSW.exe 2016-10-15 22:21 - 2016-10-15 22:21 - 00076152 _____ () C:\WINDOWS\SysWoW64\PnkBstrA.exe 2016-09-27 01:10 - 2017-02-09 16:57 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-04-10 17:02 - 2016-04-10 17:02 - 00003584 _____ () C:\WINDOWS\SECOH-QAD.dll 2014-11-09 05:37 - 2016-10-20 16:55 - 00186880 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll 2016-10-24 04:03 - 2016-10-24 04:03 - 00589512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe 2016-10-20 16:56 - 2016-10-20 16:56 - 00206024 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe 2016-12-15 01:09 - 2016-12-09 04:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-09-08 01:53 - 2016-09-08 01:53 - 00959168 _____ () C:\Users\Sam\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2014-05-01 08:13 - 2017-02-21 15:49 - 00592384 _____ () C:\Users\Sam\AppData\Local\MEGAsync\ShellExtX64.dll 2016-05-17 16:42 - 2016-05-17 16:42 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2016-09-15 01:13 - 2016-09-06 22:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2017-01-10 19:03 - 2016-12-21 01:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2017-01-10 19:02 - 2016-12-21 00:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2017-01-10 19:02 - 2016-12-21 00:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2017-01-10 19:02 - 2016-12-21 00:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2017-01-10 19:02 - 2016-12-21 00:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2017-01-10 19:02 - 2016-12-21 00:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2017-01-10 19:02 - 2016-12-21 00:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-10-20 16:55 - 2016-10-20 16:55 - 00032768 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe 2016-10-20 16:55 - 2016-10-20 16:55 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe 2017-01-10 19:02 - 2016-12-21 00:47 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll 2015-03-06 18:07 - 2015-03-06 18:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-10-14 10:35 - 2015-10-14 10:35 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-06 18:07 - 2015-03-06 18:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-10-14 10:35 - 2015-10-14 10:35 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-08-29 17:43 - 2005-07-18 11:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll 2016-08-05 13:00 - 2017-02-14 10:35 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll 2016-09-27 01:11 - 2017-01-20 12:39 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2017-02-20 11:27 - 2017-01-20 12:39 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll 2017-02-20 11:27 - 2017-01-20 12:39 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll 2014-11-09 05:37 - 2016-10-20 16:55 - 00165376 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll 2016-10-10 10:46 - 2016-10-10 10:46 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll 2016-10-10 10:46 - 2016-10-10 10:46 - 00228864 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll 2016-10-10 10:46 - 2016-10-10 10:46 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll 2016-10-10 10:46 - 2016-10-10 10:46 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll 2016-10-10 10:46 - 2016-10-10 10:46 - 00526848 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll 2016-10-20 16:54 - 2016-10-20 16:54 - 00055808 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll 2016-10-20 16:55 - 2016-10-20 16:55 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll 2016-10-20 16:55 - 2016-10-20 16:55 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll 2015-12-18 23:49 - 2015-12-18 23:49 - 00002560 _____ () C:\WINDOWS\System32\CTXFIRES.DLL ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 07:25 - 2016-04-09 11:46 - 00001212 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sam\Pictures\Ykepsct.jpg DNS Servers: 172.16.1.254 - 142.165.21.5 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: Apple Mobile Device Service => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: iPod Service => 3 HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk" HKLM\...\StartupApproved\Run: => "RTHDVCPL" HKLM\...\StartupApproved\Run: => "ShadowPlay" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run: => "SoftEther VPN Client UI Helper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "Live Update" HKLM\...\StartupApproved\Run32: => "Command Center" HKLM\...\StartupApproved\Run32: => "Fast Boot" HKLM\...\StartupApproved\Run32: => "Super Charger" HKLM\...\StartupApproved\Run32: => "DE670C" HKLM\...\StartupApproved\Run32: => "FreedomeAutoStart" HKLM\...\StartupApproved\Run32: => "Nike+ Connect" HKLM\...\StartupApproved\Run32: => "HTC Store User Content Helper" HKLM\...\StartupApproved\Run32: => "VolPanel" HKLM\...\StartupApproved\Run32: => "VIAxHCUtl" HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\StartupApproved\Run: => "GalaxyClient" HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\StartupApproved\Run: => "Free Download Manager" HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-3653366589-2136393034-3949511618-1001\...\StartupApproved\Run: => "Skype" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{FB847B61-664D-45A9-925D-6A7D3E876EE9}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [TCP Query User{1438D221-D90E-42CC-9449-9F55AB672923}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe FirewallRules: [UDP Query User{E1D3960D-C2A4-4B60-8D82-54A00414EB04}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [TCP Query User{57CEC7CA-93B5-4038-A8BF-CAFFE68ACAA3}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe FirewallRules: [{8324D8A1-8E29-4401-8938-6AF5D45A3AF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{542A808E-30EC-45A1-8383-67E7482B15D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\MGS_TPP\mgsvtpp.exe FirewallRules: [{44FA98E2-3C8B-41F7-B190-61D280F24810}] => (Allow) H:\SteamLibrary\steamapps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{9D1E97EB-C5B3-4392-9588-04C0F71E367A}] => (Allow) H:\SteamLibrary\steamapps\common\Hotline Miami 2\HotlineMiami2.exe FirewallRules: [{E77ABE32-90B1-4823-8159-3CF75A1BC374}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{648238BA-95C9-4E20-B723-B39299C3E13F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{A2031A03-AF46-43AD-A6C1-B2F506C21F1A}] => (Allow) D:2\SteamLibrary\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{03F71125-025B-4A3B-A2D9-04BF4528D60E}] => (Allow) D:2\SteamLibrary\steamapps\common\insurgency2\insurgency.exe FirewallRules: [{6C8A7349-2D69-4356-B51B-3CD47DAB8ADB}] => (Allow) D:2\SteamLibrary\steamapps\common\Indiana Jones and the Last Crusade\Indiana Jones and the Last Crusade.exe FirewallRules: [{137D93F1-A4CC-4284-9E4B-39433EEBA5F4}] => (Allow) D:2\SteamLibrary\steamapps\common\Indiana Jones and the Last Crusade\Indiana Jones and the Last Crusade.exe FirewallRules: [{B181445D-FBEA-4DB0-8124-F7C825F3DFC7}] => (Allow) D:2\SteamLibrary\steamapps\common\Indiana Jones and the Fate of Atlantis\Indiana Jones and the Fate of Atlantis.exe FirewallRules: [{B893D3A8-96F3-466E-9476-1C93C49DB527}] => (Allow) D:2\SteamLibrary\steamapps\common\Indiana Jones and the Fate of Atlantis\Indiana Jones and the Fate of Atlantis.exe FirewallRules: [{44C12BF0-A9F0-4496-BA62-E7756E921CC3}] => (Allow) D:2\SteamLibrary\steamapps\common\Alien Isolation\AI.exe FirewallRules: [{AE454F49-2941-4E74-BA23-A2DFB16F2EBF}] => (Allow) D:2\SteamLibrary\steamapps\common\Alien Isolation\AI.exe FirewallRules: [UDP Query User{886CD925-2317-4E88-B248-022D6E92BCC9}D:2\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:2\steamlibrary\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [TCP Query User{70C52BE5-E5E1-4E1C-B871-5A2A1AD8DF3F}D:2\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:2\steamlibrary\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{815B0F1D-EC34-4DBA-9959-96CF2F8055AE}] => (Allow) D:2\SteamLibrary\steamapps\common\Apotheon\Apotheon.exe FirewallRules: [{CE2D4CC1-6BFD-48C7-8E39-9413B3A89486}] => (Allow) D:2\SteamLibrary\steamapps\common\Apotheon\Apotheon.exe FirewallRules: [{E818D86F-309B-4E6D-BA43-49DA6FEEF0CD}] => (Allow) D:2\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{4F5A8019-22BF-47A2-B44E-D47678DA2123}] => (Allow) D:2\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{79C05F76-3972-4085-9C40-2FBBB164BD30}] => (Allow) D:2\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{0C455333-A713-4146-87A6-5E01AA58641B}] => (Allow) D:2\SteamLibrary\steamapps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [UDP Query User{E8ACEAEE-4D95-499F-A1D7-1081460E5AAC}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [TCP Query User{AAE77D23-B34B-4688-B35C-BC572CAE545E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe FirewallRules: [UDP Query User{5BFBBB4B-BE56-4652-836B-C3D6C508EBA7}C:\program files (x86)\steam\steamapps\common\doom\doomx64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64.exe FirewallRules: [TCP Query User{2B67BA21-B4E5-4711-BE8B-3F4E491BB0F4}C:\program files (x86)\steam\steamapps\common\doom\doomx64.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64.exe FirewallRules: [{42B8B7EE-EE2F-4BB2-BA03-74314C9682DF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C5A7EBE4-3466-4EA3-B5C6-3B8BAC0557A9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [UDP Query User{65B46043-98AD-46FA-9C07-FAFA278C3B8F}F:\program files (x86)\vuze\azureus.exe] => (Allow) F:\program files (x86)\vuze\azureus.exe FirewallRules: [TCP Query User{4A16DA65-C1E2-4E7A-ABE1-0E0DF41FBF58}F:\program files (x86)\vuze\azureus.exe] => (Allow) F:\program files (x86)\vuze\azureus.exe FirewallRules: [UDP Query User{35EC8864-3FC8-4A7D-AC17-AAE10588742B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{94788B7F-B689-438F-B5F5-0692FB9BD5D4}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [TCP Query User{A828819F-97E7-4B65-B8D7-0E951147A3D1}D:2\me_level\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:2\me_level\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [UDP Query User{500DD24B-0DF0-45FD-8708-3CD2CBB207B7}D:2\me_level\engine\binaries\win64\ue4game-win64-shipping.exe] => (Allow) D:2\me_level\engine\binaries\win64\ue4game-win64-shipping.exe FirewallRules: [TCP Query User{39B1FEFF-8167-45C0-B204-47538C766F6F}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe FirewallRules: [UDP Query User{7E0E87D3-28BE-419E-8263-6CB52F47ACB4}C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\doom\doomx64vk.exe FirewallRules: [{DE4D1FB8-8E70-4B48-8ED5-7C54DF0EF509}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{A1F2F7D7-E7E3-4230-84C5-94E27B2FF7AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{C60AB54B-C082-41F5-B895-57138CA413F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{E29AF9F7-7E47-49D4-86B7-D099382659E7}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{5384A591-7FA8-42A5-A742-6FF43AE66115}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{4D89D1A6-25B1-4C40-850C-91825CA67F6A}] => (Allow) H:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe FirewallRules: [{7E31E997-05E8-4E75-B97E-BD5FC991E7F9}] => (Allow) H:\SteamLibrary\steamapps\common\Skyrim Special Edition\SkyrimSELauncher.exe FirewallRules: [TCP Query User{3CEAB2F9-BC00-45CB-AF83-640736EED4D0}C:\program files (x86)\galaxyclient\games\gwent\gwent.exe] => (Allow) C:\program files (x86)\galaxyclient\games\gwent\gwent.exe FirewallRules: [UDP Query User{40C47CA9-F27B-40A3-ACCA-ED692B9BAA13}C:\program files (x86)\galaxyclient\games\gwent\gwent.exe] => (Allow) C:\program files (x86)\galaxyclient\games\gwent\gwent.exe FirewallRules: [{DAA6544E-221D-4081-B43F-B5BC71957AFC}] => (Allow) F:\Program Files (x86)\Vuze\Azureus.exe FirewallRules: [{996262F3-010A-4332-8291-1A2420C3E2DE}] => (Allow) F:\Program Files (x86)\Vuze\Azureus.exe FirewallRules: [{625BB8EF-EEAF-4689-A420-B8816AE0B1D0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{0C481241-1C9A-40F5-B907-70DF1A6F3588}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [TCP Query User{1D1200C5-A6F9-48A9-8699-D7ED1EF98076}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [UDP Query User{CAAD278F-E6BA-4535-B99E-83F32FF48BCD}C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{DABCB2EC-FFB8-458E-8DDE-D867A205E594}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [UDP Query User{A71B3A43-5B0F-4FFE-9D03-63DC2ED90DE0}C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) C:\program files (x86)\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe FirewallRules: [{2B48D27B-08E6-45F7-8CA1-8A783C4E5DE7}] => (Allow) H:\SteamLibrary\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe FirewallRules: [{4835D2CC-1E05-42DF-BB55-DDA2A15AD782}] => (Allow) H:\SteamLibrary\steamapps\common\BioShock Remastered\Build\Final\BioshockHD.exe FirewallRules: [{AF1CD171-656F-4A08-A740-DAF608FFA156}] => (Allow) E:\Program Files\iTunes\iTunes.exe FirewallRules: [{D6175337-3555-4E9A-B4AB-8ED84C3846C0}] => (Allow) H:\SteamLibrary\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe FirewallRules: [{F22B952D-D296-4A9E-B0C5-F264B4B94C22}] => (Allow) H:\SteamLibrary\steamapps\common\RESIDENT EVIL 7 biohazard\re7.exe FirewallRules: [{707A286E-FD80-4390-B9E8-4CF561E399F2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{1F26D24C-CD2B-495B-92C1-D8085DB03178}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [{298CE397-A732-4108-99C6-2551ED0D3142}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DARK SOULS III\Game\DarkSoulsIII.exe FirewallRules: [{8DF12E97-0FA4-4811-9776-721035747591}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{E75C3EA2-5ECE-4E30-8458-21C7432CE93F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1Trial.exe FirewallRules: [{E5433689-3890-431C-A265-89CB0EF2FB3E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{86159A0E-F844-4BD3-85FB-E0760EC86B48}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1\bf1.exe FirewallRules: [{8D471E3D-3D3F-4578-A1C6-F8B00908C53A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{DA7A9A64-A233-4809-BFE4-0F06050FE220}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe FirewallRules: [{1050C496-CA1F-4EB2-A57C-7D7F297283B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{6103E79C-8C81-46DC-A402-478A42A3A6A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{8FCA246A-35B1-44AC-9332-A3771C0810C3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E6970156-B4E1-4D98-8532-DADC2A4C1E05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe FirewallRules: [{B9B2D9EC-EC5B-4B57-88EE-E236670F7586}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe FirewallRules: [{453DD7AF-80DD-43FA-A287-EC8351047D95}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Forces\DosBox\dosbox.exe FirewallRules: [{18CA8EC1-BBB1-4C52-96A3-65AB3957F407}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dark Forces\DosBox\dosbox.exe FirewallRules: [{4FF2C2EF-EA06-42A1-9A0F-EFC152BF7377}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{09F9F673-5ABF-4E07-B3AA-B77D084A3245}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PapersPlease\PapersPlease.exe FirewallRules: [{069F4342-77E8-417F-8947-5101D3E6FEA9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\swkotor\swkotor.exe FirewallRules: [{B8FC87CA-3874-4BC3-B708-8D187C1891CC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\swkotor\swkotor.exe FirewallRules: [{6E387280-A31C-456F-B945-45498D2C2359}] => (Allow) H:\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe FirewallRules: [{852F254E-D638-404E-B59D-29A51BE7C801}] => (Allow) H:\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe FirewallRules: [{BABEA1D8-19F7-45A1-98B5-8FB601BF6959}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [{F7A7F6EC-A169-48D5-BBDF-3D7A9657F21C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe FirewallRules: [TCP Query User{DAD3D92D-C8EA-4913-BB11-6AAC5F24C2B8}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [UDP Query User{8258DC26-E4FD-49E0-A7AC-F70A24A02713}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe FirewallRules: [{E916B342-6EDD-41BF-AC41-F8A6EE1EA115}] => (Allow) H:\SteamLibrary\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{18503C26-B063-494B-B894-2859C63B09A0}] => (Allow) H:\SteamLibrary\steamapps\common\Just Cause 3\JustCause3.exe FirewallRules: [{0C045A32-F38B-4184-A054-4E813E822A17}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033 Redux\metro.exe FirewallRules: [{A146D954-A651-4BA8-9280-2508DFE76E07}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Metro 2033 Redux\metro.exe FirewallRules: [{FF059BB7-7E8C-4B98-BAFB-53ADBFDF2F7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe FirewallRules: [{80E44675-56B4-4B64-A2F1-9BFBC180E95E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe FirewallRules: [{71BCFAA2-E63E-48F4-8F97-51B999A2E613}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe FirewallRules: [{4E2A2B4F-2538-404E-AD5E-B6954E044715}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe FirewallRules: [{5422F002-FCF3-4FB4-A600-2990626B0DFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe FirewallRules: [{37E3B3A7-81DD-4AE0-9DB4-0915A54E75AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x64.exe FirewallRules: [{08E4AC33-9881-4A52-83F6-9E9AF7BCE64B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Dig\The Dig.exe FirewallRules: [{2FDA442C-DFCE-4721-B36A-D2585FFB354B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Dig\The Dig.exe FirewallRules: [{39F90C17-7FAF-47EC-9EBE-4E38D18B6BD0}] => (Allow) H:\SteamLibrary\steamapps\common\Alien Isolation\AI.exe FirewallRules: [{7DD9597D-DE93-4041-9AD2-6FF7D5C5F352}] => (Allow) H:\SteamLibrary\steamapps\common\Alien Isolation\AI.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3 ==================== Restore Points ========================= 22-02-2017 13:29:02 Installed Wireless AC1200 Dual Band USB Adapter 22-02-2017 21:34:58 Installed EVGA Precision XOC. 22-02-2017 21:47:01 Removed EVGA Precision XOC. 22-02-2017 21:47:33 Removed EVGA Precision XOC. ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/01/2017 10:33:29 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ECO_Service.exe, version: 1.0.0.35, time stamp: 0x55150cfd Faulting module name: ECO_Service.exe, version: 1.0.0.35, time stamp: 0x55150cfd Exception code: 0xc0000005 Fault offset: 0x0000c934 Faulting process ID: 0xa18 Faulting application start time: 0x01d292624af1a943 Faulting application path: C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe Faulting module path: C:\Program Files (x86)\MSI\ECO Center\ECO_Service.exe Report ID: b89056a9-6817-44cb-b1d2-bc9a4858d8f4 Faulting package full name: Faulting package-relative application ID: Error: (03/01/2017 02:54:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program GTA5.exe version 1.0.944.2 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2a8 Start Time: 01d2926579137e1b Termination Time: 4294967295 Application Path: C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe Report Id: ada45a05-fe5c-11e6-842d-d8cb8a179c30 Faulting package full name: Faulting package-relative application ID: Error: (03/01/2017 02:52:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: subprocess.exe, version: 1.2.1.4, time stamp: 0x589b3f02 Faulting module name: libcef.dll, version: 3.2704.1431.0, time stamp: 0x57644782 Exception code: 0x80000003 Fault offset: 0x0000000000b91f27 Faulting process ID: 0x1524 Faulting application start time: 0x01d29265744981a7 Faulting application path: C:\Program Files\Rockstar Games\Social Club\subprocess.exe Faulting module path: C:\Program Files\Rockstar Games\Social Club\libcef.dll Report ID: d989129b-76bb-407e-81a5-b4fa3e95902c Faulting package full name: Faulting package-relative application ID: Error: (03/01/2017 02:37:52 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: subprocess.exe, version: 1.2.1.4, time stamp: 0x589b3f02 Faulting module name: libcef.dll, version: 3.2704.1431.0, time stamp: 0x57644782 Exception code: 0x80000003 Fault offset: 0x0000000000b91f27 Faulting process ID: 0x1680 Faulting application start time: 0x01d292658971e7da Faulting application path: C:\Program Files\Rockstar Games\Social Club\subprocess.exe Faulting module path: C:\Program Files\Rockstar Games\Social Club\libcef.dll Report ID: f4934c8b-e4ad-4d59-ac76-1487611ff481 Faulting package full name: Faulting package-relative application ID: Error: (03/01/2017 02:05:05 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: bhd.exe, version: 0.0.0.0, time stamp: 0x5465c323 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process ID: 0x19c4 Faulting application start time: 0x01d2926284db2f8d Faulting application path: H:\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe Faulting module path: unknown Report ID: f9d2d4a6-6307-44c3-8b38-ba61bfb058dc Faulting package full name: Faulting package-relative application ID: Error: (03/01/2017 01:54:09 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: bhd.exe, version: 0.0.0.0, time stamp: 0x5465c323 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00000000 Faulting process ID: 0x2314 Faulting application start time: 0x01d2926101598c70 Faulting application path: H:\SteamLibrary\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe Faulting module path: unknown Report ID: 9b079308-427a-4493-bafb-6fef0ac09c21 Faulting package full name: Faulting package-relative application ID: Error: (02/28/2017 05:39:04 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code. Error: (02/28/2017 05:02:37 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine QueryFullProcessImageNameW. hr = 0x8007001f, A device attached to the system is not functioning. . Operation: Executing Asynchronous Operation Context: Current State: DoSnapshotSet Error: (02/28/2017 05:02:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (02/28/2017 05:02:27 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {cac20b70-2725-4c59-9faa-df0c900c4b91} System errors: ============= Error: (03/01/2017 02:23:41 PM) (Source: Microsoft-Windows-EnhancedStorage-EhStorTcgDrv) (EventID: 10) (User: NT AUTHORITY) Description: A TCG Command has returned an error. Desc: AuthenticateSession Param1: 0x1 Param2: 0x60000001c Param3: 0x900000006 Param4: 0x0 Status: 0x12 Error: (03/01/2017 02:23:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (03/01/2017 02:23:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s). Error: (03/01/2017 02:23:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s). Error: (03/01/2017 02:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Service KMSELDI service terminated unexpectedly. It has done this 1 time(s). Error: (03/01/2017 02:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Origin Web Helper Service service terminated unexpectedly. It has done this 1 time(s). Error: (03/01/2017 02:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MSIDDR_CC service terminated unexpectedly. It has done this 1 time(s). Error: (03/01/2017 02:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The RunSwUSB service terminated unexpectedly. It has done this 1 time(s). Error: (03/01/2017 02:23:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA Telemetry Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. Error: (03/01/2017 02:23:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MSI_LiveUpdate_Service service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-02-27 12:04:06.305 Description: Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume9\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2016-09-08 12:27:30.968 Description: Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume9\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. Date: 2016-09-08 12:27:30.712 Description: Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume9\Windows\System32\nvspcap64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-5930K CPU @ 3.50GHz Percentage of memory in use: 13% Total physical RAM: 16284.14 MB Available physical RAM: 14150.71 MB Total Virtual: 36836.14 MB Available Virtual: 34592.26 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:475.98 GB) (Free:13.24 GB) NTFS Drive d: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.33 GB) NTFS Drive e: (Main) (Fixed) (Total:929.87 GB) (Free:569.38 GB) NTFS Drive f: () (Fixed) (Total:931.17 GB) (Free:45.02 GB) NTFS Drive h: (Games) (Fixed) (Total:223.44 GB) (Free:32.5 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: E97DD208) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 3 (Size: 476.9 GB) (Disk ID: E97DD215) Partition: GPT. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. ==================== End of Addition.txt ============================