Pending OP Response Overheating Issue Resolved - Enter Yet Another Problem

  • Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Virus removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

furious16

PCHF Member
PCHF Member
Dec 5, 2017
27
0
35
#1
First, thank you to the folks here - my overheating issue has been resolved. It was due to the CPU itself overheating - I had applied MX-4 thermal paste, but what I thought was "just enough" turned out to be way too much. Upon pulling the heatsink off my cpu I found that the paste was thick and mushed around like frosting on a cupcake...probably due to the fact that the heatsink was a pain in the ass to get back on to the CPU. I reapplied a very small dot in the middle and have been working fine ever since (3+ weeks).

Now...on to the NEW problem.

Within the past week I have noticed that gameplay is causing severe sputtering, lag and freezing. As you can imagine, this has made game play unbearable, with online games such as WoW once again completely impossible to play. The sputtering & lag can last anywhere from 15 seconds to more than 3 minutes before resuming normal operation. The sputtering and lag does not occur with any sort of pattern (i.e. when a ton of action is happening on screen at once). It occurs randomly and can happen at any point during play. It even happens when using something as simple as Chrome, or when streaming on netflix or watching Youtube.

I have been told by 3 friends that are rather tech savvy and have regularly built their own computers that this is likely GPU or RAM issue. My GPU is absolute garbage, so I wouldn't be surprised to see that it is failing.

When I did a RAM check in System Properties, I saw this:
8.0 GB Installed (3.9 GB usable)
That does not seem normal to me. Less than 4gb out of 8gb installed is available? Could one of the sticks be faulty? I was told by someone on CNET that the RAM is not compatible with my mobo. That seems strange because it was bundled together from NewEgg which guaranteed that the parts were compatible.

Specs from my original thread reposted below:

CPU: AMD FX-8320 Vishera 8-Core 3.5 GHz (4.0 GHz Turbo) Socket AM3+ 125W FD8320FRHKBOX Desktop Processor
MoBo::ASUS M5A97 LE R2.0 AM3+ AMD 970 + SB950 SATA 6Gb/s USB 3.0 ATX AMD Motherboard with UEFI BIOS
PSU: Rosewill RD600 – Stallion Series 600-Watt Power Supply – ATX 12V V2.3, SLI & CrossFire-Ready
RAM: HyperX XMP Blu Red Series 8GB (2 x 4GB) 240-Pin DDR3 SDRAM DDR3 1600 Desktop Memory Model KHX16C9B1RK2/8X
GPU: SAPPHIRE DUAL-X Radeon R9 270 DirectX 11.2 100365L 2GB 256-Bit GDDR5 PCI Express 3.0 Video Card With BOOST & OC
Tower: RAIDMAX Cobra Z ATX-502WBR Black / Red Steel / Plastic ATX Mid Tower Computer Case
Storage:
Seagate Desktop HDD ST1000DM003 1TB 64MB Cache SATA 6.0Gb/s 3.5" Internal Hard Drive Bare Drive
PNY XLR8 2.5" 120GB SATA III Internal Solid State Drive (SSD) SSD9SC120GMDF-RB
OS: Windows 7 64 Home
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,766
490
#2
Lets get some info from your machine, to get things rolling.


Step 1: Reset Host File


  • Click here to download RstHosts v2.0
  • Save the file to your desktop.
  • Right Click and Run as Administrator.
  • Click on Restaurer, then click OK at the prompt.
  • This will restore the default host file.
  • Next Click on Creer Un Rapport.
  • This will open a logfile, post that in your next reply.

Step 2: MiniToolBox Scan


Please download MINITOOLBOX and run it.

Checkmark following boxes:



Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go post the result.



Step 3: HijackThis.



1- Please click HERE to download HijackThis.
2- Run the program.
3- Click on the Main Menu button if not already there.
4- Select Do a system scan and save a logfile.
5- Copy paste the log here.
 

furious16

PCHF Member
PCHF Member
Dec 5, 2017
27
0
35
#3
Everything uploaded as files to avoid wall of text.

So...RstHost is in French. It's a real stretch for me...hell, it's an absolute violation of my #1 rule... to trust any program on my computer in a language that I cannot understand. I followed your directions because I assume you wouldn't steer me wrong, but that's not something I'm ever going to do again.

Hopefully this information helps. Thanks for the quick response and apologies for delay in sending this info.

MiniToolBox by Farbar Version: 17-06-2016

Ran by Mike (administrator) on 15-01-2018 at 11:07:36
Running from "C:\Users\Mike\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: To be filled by O.E.M. Manufacturer: To be filled by O.E.M.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Mike-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : fios-router.home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : fios-router.home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 40-16-7E-AF-54-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::18b2:6e89:355a:d9a7%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.156(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Friday, January 12, 2018 2:00:18 AM
Lease Expires . . . . . . . . . . : Tuesday, January 16, 2018 2:00:24 AM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 239081086
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-1D-27-FD-40-16-7E-AF-54-0B
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.fios-router.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : fios-router.home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5cf2:8c15:18ff:38b5:3f57:fe63(Preferred)
Link-local IPv6 Address . . . . . : fe80::18ff:38b5:3f57:fe63%12(Preferred)
Default Gateway . . . . . . . . . : ::
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: FIOS_Quantum_Gateway.fios-router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:81b::200e
172.217.10.110


Pinging google.com [172.217.10.110] with 32 bytes of data:
Reply from 172.217.10.110: bytes=32 time=10ms TTL=56
Reply from 172.217.10.110: bytes=32 time=4ms TTL=56

Ping statistics for 172.217.10.110:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 10ms, Average = 7ms
Server: FIOS_Quantum_Gateway.fios-router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 2001:4998:44:204::100d
2001:4998:58:2201::73
2001:4998:c:e33::53
98.139.180.180
98.138.252.38
206.190.39.42


Pinging yahoo.com [98.139.180.180] with 32 bytes of data:
Reply from 98.139.180.180: bytes=32 time=21ms TTL=53
Reply from 98.139.180.180: bytes=32 time=15ms TTL=53

Ping statistics for 98.139.180.180:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 15ms, Maximum = 21ms, Average = 18ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...40 16 7e af 54 0b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.156 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.156 266
192.168.1.156 255.255.255.255 On-link 192.168.1.156 266
192.168.1.255 255.255.255.255 On-link 192.168.1.156 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.156 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.156 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
12 58 ::/0 On-link
1 306 ::1/128 On-link
12 58 2001::/32 On-link
12 306 2001:0:5cf2:8c15:18ff:38b5:3f57:fe63/128
On-link
10 266 fe80::/64 On-link
12 306 fe80::/64 On-link
10 266 fe80::18b2:6e89:355a:d9a7/128
On-link
12 306 fe80::18ff:38b5:3f57:fe63/128
On-link
1 306 ff00::/8 On-link
12 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/19/2017 09:59:28 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.23537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: aec

Start Time: 01d3617f64867b82

Termination Time: 0

Application Path: C:\Windows\Explorer.EXE

Report Id: cd3ecda1-cd9e-11e7-afc4-40167eaf540b

Error: (11/15/2017 03:39:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/14/2017 04:01:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/13/2017 02:15:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/11/2017 09:00:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/10/2017 04:24:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/09/2017 11:45:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/08/2017 03:04:05 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/07/2017 03:34:28 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/06/2017 03:34:53 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.


System errors:
=============
Error: (01/15/2018 03:11:15 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/14/2018 03:05:12 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/13/2018 03:58:14 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/12/2018 04:32:48 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (01/12/2018 02:00:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (01/12/2018 02:00:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (01/12/2018 02:00:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (01/12/2018 02:00:36 AM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (01/12/2018 02:00:36 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (01/12/2018 02:00:36 AM) (Source: PNRPSvc) (User: )
Description: 0x80630801


Microsoft Office Sessions:
=========================
Error: (05/13/2017 07:11:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6768.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19624 seconds with 3960 seconds of active time. This session ended with a crash.

Error: (04/28/2016 11:43:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6747.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 42868 seconds with 240 seconds of active time. This session ended with a crash.

Error: (12/06/2015 01:45:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6735.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/06/2015 01:44:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6735.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 93577 seconds with 660 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2017-11-15 16:48:05.000
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:04.598
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:04.211
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:03.842
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:03.450
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:03.058
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:44:04.119
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:44:03.729
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:44:03.136
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7 Days to Die (HKLM\...\Steam App 251570) (Version: - The Fun Pimps)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Belarc Advisor 8.5c (HKLM-x32\...\Belarc Advisor) (Version: 8.5.3.0 - Belarc Inc.)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{D738CA76-E717-EE40-7355-B4E8E142EAE5}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{198ED417-6D1A-3596-B88D-5CB5D1089DBD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{BBC5258D-2A33-79BE-D237-56A1F3CDC701}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{F879810E-C826-7CE7-57D2-77DBC1B9BA06}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{CB483A8B-9AC4-0A47-6A85-577D93EBDDD7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{AEE8E19C-3721-09E0-5AAE-80327AA4C30F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{E08AB0EF-8E5C-0BCD-431F-C34B970D58CA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{85EB8792-559F-BF09-3002-91034D3949D5}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{81BADF74-98E2-B2DD-F81E-20D59AC96B73}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B4E218EA-C92C-164C-A3FB-51BCC8FD7EF7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{3022F0F8-959A-20CA-12B7-580A6053F563}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{2B1E1CC7-7A68-345D-A58A-9F06E51EF347}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{8656EE47-D225-70DA-F823-2244111D75BC}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{3CD7D844-859D-959D-CAE0-907F7140F8C7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{D6425464-8240-55CE-D227-63D485DC5748}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{0B5D95E5-D3D1-489C-3CDB-98DF55C3D290}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{11A31B9D-505E-CFCC-5638-0E37B89C4B20}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{CB142519-4B40-3758-B7BD-F90E676A2C75}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{616DAB60-C547-8DAE-0A7F-93E57C24B6BD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3E133C4E-ED86-A988-8481-EF5300644B05}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B00CAE1D-5E04-B6CA-C957-2FFF7B25B0C3}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version: - EA Los Angeles)
Contagion (HKLM-x32\...\Steam App 238430) (Version: - Monochrome LLC)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead State (HKLM\...\Steam App 239840) (Version: - DoubleBear Productions)
Delicious: Emily's Childhood Memories (HKLM-x32\...\BFG-Delicious - Emilys Childhood Memories) (Version: - )
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version: - Ion Storm)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version: - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon's Lair (HKLM-x32\...\Steam App 227380) (Version: - Digital Leisure Inc.)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version: - WayForward)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow [rev 2653] [2009-02-04] (HKLM\...\ffdshow64_is1) (Version: 1.0 - )
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Firewatch (HKLM\...\Steam App 383870) (Version: - Campo Santo)
Friday the 13th: The Game BETA (HKLM\...\Steam App 569300) (Version: - )
Gone Home (HKLM-x32\...\Steam App 232430) (Version: - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Jurassic Park: The Game (HKLM-x32\...\Steam App 201830) (Version: - Telltale Games)
Killing Time (HKLM\...\Steam App 493320) (Version: - The 3DO Company)
Logitech Gaming Software 8.94 (HKLM\...\Logitech Gaming Software) (Version: 8.94.108 - Logitech Inc.)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.60.16 - Black Tree Gaming)
Nexus: The Jupiter Incident (HKLM-x32\...\Steam App 6420) (Version: - Mithis Games)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.11.2.7 - Symantec Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Performance Profile Client (HKLM-x32\...\{99831D81-ED00-E2EC-02F7-C2197D1854C9}) (Version: 2.3.0.0 - Advanced Micro Devices, Inc.) Hidden
Plague Inc: Evolved (HKLM\...\Steam App 246620) (Version: - Ndemic Creations)
Police Quest Collection (HKLM\...\Steam App 494740) (Version: - Sierra)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.109.526.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)
Sins of a Solar Empire®: Trinity (HKLM-x32\...\Steam App 201290) (Version: - Ironclad Games)
Skyrim Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version: - Full Control Studios)
Space Hulk: Deathwing (HKLM\...\Steam App 298900) (Version: - Streum On Studio)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stranded Deep (HKLM\...\Steam App 313120) (Version: - Beam Team Games)
Talisman: The Horus Heresy (HKLM\...\Steam App 358460) (Version: - Nomad Games)
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version: - 2K Marin)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version: - Snowblind Studios)
The Room (HKLM\...\Steam App 288160) (Version: - Fireproof Games)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version: - The Creative Assembly)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vampire: The Masquerade - Redemption (HKLM\...\Steam App 559680) (Version: - Nihilistic Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warhammer 40,000: Eternal Crusade (HKLM\...\Steam App 375230) (Version: - Behaviour Digital Inc.)
Warhammer 40,000: Regicide (HKLM\...\Steam App 322910) (Version: - Hammerfall Publishing)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XCOM 2 (HKLM\...\Steam App 268500) (Version: - Firaxis)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)

========================= Devices: ================================

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Device ID: ROOT\LEGACY_AODDRIVER4.2.0\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: AODDriver4.3.0
Description: AODDriver4.3.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.3.0
Device ID: ROOT\LEGACY_AODDRIVER4.3.0\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 52%
Total physical RAM: 3996.84 MB
Available physical RAM: 1883.45 MB
Total Virtual: 7991.87 MB
Available Virtual: 4968.27 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:111.69 GB) (Free:37.56 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:411.7 GB) NTFS

========================= Users: ========================================

User accounts for \\MIKE-PC

Administrator Guest Mcx1-MIKE-PC
Mike


**** End of log ****



Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24


Platform: x64 Windows 7 (Home Premium), 6.1.7601, Service Pack: 1
Time: 15.01.2018 - 11:16
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Mike (group: Administrator) on MIKE-PC

Chrome: 63.0.3239.132
Internet Explorer: 11.0.9600.18860

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2 C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\nis.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\WinZip\FAHWindow64.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Program Files\Windows Sidebar\sidebar.exe
1 C:\Users\Mike\Downloads\HiJackThis\HiJackThis.exe
2 C:\Windows\SysWOW64\notepad.exe
1 C:\Windows\System32\SearchFilterHost.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\SearchProtocolHost.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
15 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
2 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
2 C:\Windows\explorer.exe

R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B} - (no name) - (no URL)
R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - Google - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUM_enUS590
R4 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes: DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (no name) - (no URL)
R4 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B} - Google - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\coIEPlg.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2-32 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2-32 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2-32 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2-32 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll
O2-32 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL (file missing)
O2-32 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\coIEPlg.dll
O3-32 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3-32 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll
O4 - Global User Startup: FAH.lnk -> C:\Program Files (x86)\WinZip\FAHConsole.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKU\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKU\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKU\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKU\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk - C:\Program Files (x86)\WinZip\FAH\FAHConsole.exe (2016/05/31) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (2016/05/31) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Notifier.lnk - C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe (2018/01/04) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk - C:\Program Files (x86)\WinZip\WzPreloader.exe (2018/01/04) (file missing)
O4 - MSConfig\startupfolder: C:^Users^Mike^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verizon Wireless Software Utility Application for Android – Samsung.lnk - C:\Users\Mike\AppData\Roaming\VERIZON\UA_ar\UA.exe (2015/09/28) (file missing)
O4 - MSConfig\startupreg: [AIM for Windows] C:\Users\Mike\AppData\Local\AOL\AIM\aim.exe (file missing) (HKCU) (2015/05/24)
O4 - MSConfig\startupreg: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe (file missing) (HKLM) (2015/05/24)
O4 - MSConfig\startupreg: [Bria Stretto] C:\Program Files (x86)\CounterPath\Bria Stretto\BriaStretto.exe (file missing) (HKCU) (2016/06/01)
O4 - MSConfig\startupreg: [EADM] E:\Origin\Origin.exe -AutoStart (file missing) (HKCU) (2015/05/24)
O4 - MSConfig\startupreg: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide (HKLM) (2018/01/04)
O4 - MSConfig\startupreg: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized (HKLM) (2018/01/04)
O4 - MSConfig\startupreg: [PlaysTV] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe --startup (file missing) (HKLM) (2016/06/01)
O4 - MSConfig\startupreg: [Raptr] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup (file missing) (HKLM) (2016/06/01)
O4 - MSConfig\startupreg: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (HKLM) (2016/06/01)
O4 - MSConfig\startupreg: [SpybotPostWindows10UpgradeReInstall] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (HKCU) (2016/06/01)
O4 - MSConfig\startupreg: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2016/06/01)
O9-32 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Extra 'Tools' menuitem: S&end to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9-32 - Extra button: Blog This - HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Extra button: Research - HKLM\..\{92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9-32 - Extra button: Send to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O17 - DHCP DNS - 1: 192.168.1.1
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20-32 - Winlogon Notify: SDWinLogon - (file missing)
O21 - ShellIconOverlayIdentifiers: OverlayExcluded - {4433A54A-1AC8-432F-90FC-85F045CF383C} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\buShell.dll
O21 - ShellIconOverlayIdentifiers: OverlayPending - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\buShell.dll
O21 - ShellIconOverlayIdentifiers: OverlayProtected - {476D0EA3-80F9-48B5-B70B-05E677C9C148} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\buShell.dll
O21 - ShellIconOverlayIdentifiers: SkyDrive1 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
O21 - ShellIconOverlayIdentifiers: SkyDrive2 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
O21 - ShellIconOverlayIdentifiers: SkyDrive3 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64\SkyDriveShell64.dll
O21-32 - ShellIconOverlayIdentifiers: OverlayExcluded - {4433A54A-1AC8-432F-90FC-85F045CF383C} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\buShell.dll
O21-32 - ShellIconOverlayIdentifiers: OverlayPending - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\buShell.dll
O21-32 - ShellIconOverlayIdentifiers: OverlayProtected - {476D0EA3-80F9-48B5-B70B-05E677C9C148} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\buShell.dll
O21-32 - ShellIconOverlayIdentifiers: SkyDrive1 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
O21-32 - ShellIconOverlayIdentifiers: SkyDrive2 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
O21-32 - ShellIconOverlayIdentifiers: SkyDrive3 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\SkyDriveShell.dll
O22 - Task (Queued): Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task (Queued): \Safer-Networking\Spybot - Search and Destroy\Check for updates - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
O22 - Task (Ready): Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (Ready): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Ready): Norton WSC Integration - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\WSCStub.exe /taskschd
O22 - Task (Ready): StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task (Ready): WinZip Update Notifier - C:\Program Files\WinZip\WZUpdateNotifier.exe
O22 - Task (Ready): WinZipBackGroundToolsTask - C:\Program Files\WinZip\WzBGTools.exe
O22 - Task (Ready): ZookaWare registration reminder - C:\Program Files (x86)\ZookaWare\ZookawareUpdater.exe --showregisterreminder (file missing)
O22 - Task (Ready): Zookaware Scheduled Update Check - C:\Program Files (x86)\ZookaWare\ZookaWare.exe /checkforupdates (file missing)
O22 - Task (Ready): \ASUS\ASUS Product Register Service - C:\Program Files (x86)\ASUS\APRP\aprp.exe
O22 - Task (Ready): \ASUS\RunDAOD - C:\Windows\DAODx.exe
O22 - Task (Ready): \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - C:\Program Files (x86)\Windows Live\SOXE\wlsoxe.dll
O22 - Task (Ready): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe
O22 - Task (Ready): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance
O22 - Task (Ready): \Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-MIKE-PC - C:\Windows\ehome\McxTask.exe -acl S-1-5-21-491581378-2402689455-2613464800-1005
O22 - Task (Ready): \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\Windows\ehome\mcupdate.exe -crl -hms -pscn 15
O22 - Task (Ready): \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run
O22 - Task (Ready): \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task (Ready): \Norton Internet Security\Norton Internet Security Error Analyzer - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\SymErr.exe /analyze
O22 - Task (Ready): \Norton Internet Security\Norton Internet Security Error Processor - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\SymErr.exe /submit
O22 - Task (Ready): \Remediation\AntimalwareMigrationTask - C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe /upgrade /user_logon
O22 - Task (Ready): {ABF8DB55-2624-4AA2-A494-30A75C880CC3} - C:\Windows\system32\pcalua.exe -a "C:\Users\Mike\Documents\[Guru3D.com]-DDU\Display Driver Uninstaller.exe" -d C:\Users\Mike\Documents\[Guru3D.com]-DDU
O23 - Service R2: AMD External Events Utility - C:\Windows\system32\atiesrxx.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Norton Internet Security - (NIS) - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\NIS.exe
O23 - Service R2: Windows Defender - (WinDefend) - C:\Windows\System32\svchost.exe; "ServiceDll" = C:\Program Files\Windows Defender\mpsvc.dll
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service S3: Dragon Age: Origins - Content Updater - (DAUpdaterSvc) - E:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
O23 - Service S3: Google Software Updater - (gusvc) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (file missing)

--
End of file - Time spent: 5 sec. - 31520 bytes, CRC32: FFFFFFFF. Sign: ㋧᱖
 

Attachments

Last edited by a moderator:

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,766
490
#4
Please use Geek Uninstaller to remove the following programs.

ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)

Hijack This Fix.

Start HijackThis , Right Click Run as Admin.
Close all other open programs prior to running this tool!!

Click System Scan Only.
Then check mark the items listed below.


R4 - HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B} - (no name) - (no URL)
R4 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes: DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (no name) - (no URL)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O2-32 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
O3-32 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - Global User Startup: FAH.lnk -> C:\Program Files (x86)\WinZip\FAHConsole.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [Logitech Download Assistant] C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
O4 - HKU\S-1-5-19\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
O4 - HKU\S-1-5-20\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe /autoRun
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FAH.lnk - C:\Program Files (x86)\WinZip\FAH\FAHConsole.exe (2016/05/31) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (2016/05/31) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update Notifier.lnk - C:\Program Files (x86)\WinZip\WZUpdateNotifier.exe (2018/01/04) (file missing)
O4 - MSConfig\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk - C:\Program Files (x86)\WinZip\WzPreloader.exe (2018/01/04) (file missing)
O4 - MSConfig\startupfolder: C:^Users^Mike^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verizon Wireless Software Utility Application for Android – Samsung.lnk - C:\Users\Mike\AppData\Roaming\VERIZON\UA_ar\UA.exe (2015/09/28) (file missing)
O4 - MSConfig\startupreg: [AIM for Windows] C:\Users\Mike\AppData\Local\AOL\AIM\aim.exe (file missing) (HKCU) (2015/05/24)
O4 - MSConfig\startupreg: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe (file missing) (HKLM) (2015/05/24)
O4 - MSConfig\startupreg: [Bria Stretto] C:\Program Files (x86)\CounterPath\Bria Stretto\BriaStretto.exe (file missing) (HKCU) (2016/06/01)
O4 - MSConfig\startupreg: [EADM] E:\Origin\Origin.exe -AutoStart (file missing) (HKCU) (2015/05/24)
O4 - MSConfig\startupreg: [PlaysTV] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe --startup (file missing) (HKLM) (2016/06/01)
O4 - MSConfig\startupreg: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (HKLM) (2016/06/01)
O4 - MSConfig\startupreg: [SpybotPostWindows10UpgradeReInstall] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe (HKCU) (2016/06/01)
O4 - MSConfig\startupreg: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (HKLM) (2016/06/01)
O20-32 - Winlogon Notify: SDWinLogon - (file missing)
O22 - Task (Queued): \Safer-Networking\Spybot - Search and Destroy\Check for updates - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe /autoupdate /silent /autoclose /background
O22 - Task (Ready): Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (Ready): WinZip Update Notifier - C:\Program Files\WinZip\WZUpdateNotifier.exe
O22 - Task (Ready): WinZipBackGroundToolsTask - C:\Program Files\WinZip\WzBGTools.exe
O22 - Task (Ready): ZookaWare registration reminder - C:\Program Files (x86)\ZookaWare\ZookawareUpdater.exe --showregisterreminder (file missing)
O22 - Task (Ready): Zookaware Scheduled Update Check - C:\Program Files (x86)\ZookaWare\ZookaWare.exe /checkforupdates (file missing)
O22 - Task (Ready): \ASUS\ASUS Product Register Service - C:\Program Files (x86)\ASUS\APRP\aprp.exe
O22 - Task (Ready): \Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-MIKE-PC - C:\Windows\ehome\McxTask.exe -acl S-1-5-21-491581378-2402689455-2613464800-1005
O22 - Task (Ready): \Microsoft\Windows\Media Center\mcupdate_scheduled - C:\Windows\ehome\mcupdate.exe -crl -hms -pscn 15




Now click on fix checked.
After the fix is complete, then reboot your machine.


Temp File Cleaner.


  • Note: This program may very well reboot your machine. Save any work prior to running.
  • Clean up your temp files with TFC.exe
  • Save it to your desktop.
  • Right click run as admin.
  • Please tell me how things are running.
 

Attachments

furious16

PCHF Member
PCHF Member
Dec 5, 2017
27
0
35
#5
Before I do this - plainly out of curiosity, why remove SpyBot? I've been seeing more and more lately that many PC help sites seem to be on a campaign to strike Spybot from the face of the internet, but I can't ever find a solid reason as to why. It always seemed to be very good at clearing out the crap.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,766
490
#6
Resource waste, it adds thousands of entries to your host file, and this will slow your internet down and also your machine. Detection rates are lower than 80 percent of programs of its kind.

The info at MVPs HOSTS (SOURCE)
  1. Warns that "in most cases a large HOSTS file (over 135 kb) tends to slow down the machine";
  2. Advises setting the DNS Client to manual;
  3. But warns that Network Discovery requires the service.
 
Likes: gus

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,766
490
#7
Plus.... I know what I am doing, and I want you to come back, so.... telling you some BS is not in my agenda. :)
 
Likes: furious16

gus

Aussie, Aussie, Aussie
Administrator
Security Team
PCHF Donator
Jul 19, 2016
2,839
1,552
Sydney, Australia
pchelpforum.net
#8
@furious16, as you have come here for help would suggest you accept it. Spybot as described by a very experienced malware and PC cleaner is a very resource hungry, and sub standard application when compared to other free security offerings. Take the time to scroll down this page and have a look at the crap tasks, startups, services and other resource hogging junk that is part of Spybot.

http://www.shouldiremoveit.com/Spybot-Search-Destroy-5385-program.aspx

I followed your directions because I assume you wouldn't steer me wrong, but that's not something I'm ever going to do again.
Please let us know if you wish to accept the helpers advice or not?
 
Last edited:
Likes: Malnutrition

furious16

PCHF Member
PCHF Member
Dec 5, 2017
27
0
35
#9
Plus.... I know what I am doing, and I want you to come back, so.... telling you some BS is not in my agenda. :)
No doubt. I wasn't calling your advice into question, I was legitimately curious about your personal thoughts - I see A LOT of people these days advising to avoid spybot at all costs, and/or get rid of it immediately if its already installed on your machine. Spybot seems to have a sharply divided opinion. I used to favor it over my other antivirus years back.
 

furious16

PCHF Member
PCHF Member
Dec 5, 2017
27
0
35
#10
**Update**

I have followed all steps as instructed. So far, so good. I still get sputtering, however the sputtering I get now is directly related to my GPU (a momentary lag with a dragged out noise). I'm going to be replacing my gpu within the next few months so I anticipate that issue will go away as well.

I hesitate to mark this resolved, only because I have been too busy with work to give this a good uninterrupted run. I managed to squeeze in an hour tonight and did not have any issues, but I'll report back when I've had an opportunity to go for a few 30 - 60 minute sessions without incident.
 

furious16

PCHF Member
PCHF Member
Dec 5, 2017
27
0
35
#11
@furious16, as you have come here for help would suggest you accept it. Spybot as described by a very experienced malware and PC cleaner is a very resource hungry, and sub standard application when compared to other free security offerings. Take the time to scroll down this page and have a look at the crap tasks, startups, services and other resource hogging junk that is part of Spybot.

http://www.shouldiremoveit.com/Spybot-Search-Destroy-5385-program.aspx



Please let us know if you wish to accept the helpers advice or not?
Gus, that statement was referring only to launching a program on my computer that is entirely in a foreign language, NOT the suggested steps themselves. I am very uncomfortable doing that, no matter who suggests it to me. I had no doubt that it would be problem-free.
 

furious16

PCHF Member
PCHF Member
Dec 5, 2017
27
0
35
#14
Apologies for the delay. The flu ripped through my house over the past 2 weeks, so when I wasn't laid up in bed hallucinating from fever dreams, I was taking care of the wife and daughter. Needless to say, this issue was last on my mind and this is the first time i'm turning the computer on since last week. I'm up and about today finally, but catching up on quite a bit of missed work. I will post an update from the requested software in about 24 hours, or whenever I have free time. In the meantime, here is what I discovered before I went on bed rest:

Chrome Issue - I have found that running Chrome while a game is running contributes significantly to the issues. This never happened before, and is sudden. I used to be able to tab out back and forth between desktop and games with ease, having over 10+ tabs open on chrome at any given time. As of now, this is completely impossible to do. Having Chrome open will cause the issue at hand to worsen, and similarly if I have a game running, Chrome is completely unusable. Again, this is completely new and has never happened in the past.

Overall Issue Status: I'd say about 70% resolved. I still get the sputtering which is likely from my garbage GPU, but the halting/delaying which was the main problem at hand does still occur to some degree. As mentioned earlier, Chrome contributes significantly to this, where it never has in the past. However, marked improvement in playability - I was able to run a few 30 - 60 minute gaming sessions over the course of a week without major incident. This was completely impossible previously.

Thanks again and please bear with me - I understand that another report is needed from these programs, but my job is far more important than that. I have a lot to catch up on, so it will have to wait.
 

Malnutrition

Malnurished Mod
Moderator
Security Team
Malware Teacher
Jul 22, 2016
2,766
490
#16
Take your time... I recently had the flu for the first time. Terrible experience!! They say there was some kind of super flu going around.
 

furious16

PCHF Member
PCHF Member
Dec 5, 2017
27
0
35
#19
Many apologies, and thank you again. Being thrown off by illness really screwed me up at work. Had to salvage a client that my team was unable to treat properly in my absence. Issues that I have noticed in the past few weeks are:

Resurgence of BSOD - very frequent - 1 to 3 times per day. This had previously been 100% resolved. No clue as to why, as nothing has changed - no new programs installed, no major changes made.

Google Chrome - if open when trying to run a game or other resource intensive program, Chrome completely destroys functionality in my PC. Windows comes to a grinding halt, for several minutes. This is new since we first ran these tests.

Requested updates below:

MiniToolBox Log 2-7-18
(wall of text incoming)


MiniToolBox by Farbar Version: 17-06-2016
Ran by Mike (administrator) on 07-02-2018 at 21:01:45
Running from "C:\Users\Mike\Downloads"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: To be filled by O.E.M. Manufacturer: To be filled by O.E.M.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : Mike-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : fios-router.home

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : fios-router.home
Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
Physical Address. . . . . . . . . : 40-16-7E-AF-54-0B
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::18b2:6e89:355a:d9a7%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.156(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, February 05, 2018 1:42:45 AM
Lease Expires . . . . . . . . . . : Thursday, February 08, 2018 8:37:09 PM
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 239081086
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1B-1D-27-FD-40-16-7E-AF-54-0B
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.fios-router.home:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : fios-router.home
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: FIOS_Quantum_Gateway.fios-router.home
Address: 192.168.1.1

Name: google.com
Addresses: 2607:f8b0:4006:811::200e
172.217.7.14


Pinging google.com [172.217.7.14] with 32 bytes of data:
Reply from 172.217.7.14: bytes=32 time=4ms TTL=56
Reply from 172.217.7.14: bytes=32 time=9ms TTL=56

Ping statistics for 172.217.7.14:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 9ms, Average = 6ms
Server: FIOS_Quantum_Gateway.fios-router.home
Address: 192.168.1.1

Name: yahoo.com
Addresses: 2001:4998:c:e33::53
2001:4998:44:204::100d
2001:4998:58:2201::73
98.138.252.38
98.139.180.180
206.190.39.42


Pinging yahoo.com [98.138.252.38] with 32 bytes of data:
Reply from 98.138.252.38: bytes=32 time=32ms TTL=54
Reply from 98.138.252.38: bytes=32 time=34ms TTL=54

Ping statistics for 98.138.252.38:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 32ms, Maximum = 34ms, Average = 33ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...40 16 7e af 54 0b ......Realtek PCIe GBE Family Controller
1...........................Software Loopback Interface 1
11...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.156 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.156 266
192.168.1.156 255.255.255.255 On-link 192.168.1.156 266
192.168.1.255 255.255.255.255 On-link 192.168.1.156 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.156 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.156 266
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 266 fe80::/64 On-link
10 266 fe80::18b2:6e89:355a:d9a7/128
On-link
1 306 ff00::/8 On-link
10 266 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/04/2018 02:00:41 AM) (Source: Application Hang) (User: )
Description: The program Wow-64.exe version 7.3.5.25961 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 488

Start Time: 01d39d77ee40ddd7

Termination Time: 107

Application Path: E:\Program Files (x86)\World of Warcraft\World of Warcraft\Wow-64.exe

Report Id: 1acb14f6-0979-11e8-89c5-40167eaf540b

Error: (02/02/2018 11:02:49 AM) (Source: Application Error) (User: )
Description: Faulting application name: Wow-64.exe, version: 7.3.5.25961, time stamp: 0x5a736ed7
Faulting module name: Wow-64.exe, version: 7.3.5.25961, time stamp: 0x5a736ed7
Exception code: 0xc0000005
Fault offset: 0x0000000000f4d94d
Faulting process id: 0x1190
Faulting application start time: 0xWow-64.exe0
Faulting application path: Wow-64.exe1
Faulting module path: Wow-64.exe2
Report Id: Wow-64.exe3

Error: (02/02/2018 09:46:54 AM) (Source: Application Error) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: atidxx64.dll, version: 22.19.677.257, time stamp: 0x59c572b1
Exception code: 0xc0000005
Fault offset: 0x0000000000095705
Faulting process id: 0xb54
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (11/19/2017 09:59:28 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.1.7601.23537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: aec

Start Time: 01d3617f64867b82

Termination Time: 0

Application Path: C:\Windows\Explorer.EXE

Report Id: cd3ecda1-cd9e-11e7-afc4-40167eaf540b

Error: (11/15/2017 03:39:45 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/14/2017 04:01:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/13/2017 02:15:26 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/11/2017 09:00:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/10/2017 04:24:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (11/09/2017 11:45:40 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.


System errors:
=============
Error: (02/07/2018 09:00:01 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (02/05/2018 08:37:08 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (02/05/2018 08:37:08 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (02/05/2018 08:37:08 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (02/05/2018 08:37:05 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (02/05/2018 08:37:05 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (02/05/2018 08:37:05 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801

Error: (02/05/2018 03:41:15 PM) (Source: Service Control Manager) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (02/05/2018 03:41:15 PM) (Source: Service Control Manager) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (02/05/2018 03:41:15 PM) (Source: PNRPSvc) (User: )
Description: 0x80630801


Microsoft Office Sessions:
=========================
Error: (05/13/2017 07:11:37 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6768.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 19624 seconds with 3960 seconds of active time. This session ended with a crash.

Error: (04/28/2016 11:43:49 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6747.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 42868 seconds with 240 seconds of active time. This session ended with a crash.

Error: (12/06/2015 01:45:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6735.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.

Error: (12/06/2015 01:44:25 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6735.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 93577 seconds with 660 seconds of active time. This session ended with a crash.


CodeIntegrity Errors:
===================================
Date: 2017-11-15 16:48:05.000
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:04.598
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:04.211
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:03.842
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:03.450
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:48:03.058
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:44:04.119
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:44:03.729
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.

Date: 2017-11-15 16:44:03.136
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\SETD2E0.tmp because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7 Days to Die (HKLM\...\Steam App 251570) (Version: - The Fun Pimps)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{D738CA76-E717-EE40-7355-B4E8E142EAE5}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{198ED417-6D1A-3596-B88D-5CB5D1089DBD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{BBC5258D-2A33-79BE-D237-56A1F3CDC701}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{F879810E-C826-7CE7-57D2-77DBC1B9BA06}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{CB483A8B-9AC4-0A47-6A85-577D93EBDDD7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{AEE8E19C-3721-09E0-5AAE-80327AA4C30F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{E08AB0EF-8E5C-0BCD-431F-C34B970D58CA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{85EB8792-559F-BF09-3002-91034D3949D5}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{81BADF74-98E2-B2DD-F81E-20D59AC96B73}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{B4E218EA-C92C-164C-A3FB-51BCC8FD7EF7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{3022F0F8-959A-20CA-12B7-580A6053F563}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{2B1E1CC7-7A68-345D-A58A-9F06E51EF347}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{8656EE47-D225-70DA-F823-2244111D75BC}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{3CD7D844-859D-959D-CAE0-907F7140F8C7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{D6425464-8240-55CE-D227-63D485DC5748}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{0B5D95E5-D3D1-489C-3CDB-98DF55C3D290}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{11A31B9D-505E-CFCC-5638-0E37B89C4B20}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{CB142519-4B40-3758-B7BD-F90E676A2C75}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{616DAB60-C547-8DAE-0A7F-93E57C24B6BD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{3E133C4E-ED86-A988-8481-EF5300644B05}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B00CAE1D-5E04-B6CA-C957-2FFF7B25B0C3}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version: - EA Los Angeles)
Contagion (HKLM-x32\...\Steam App 238430) (Version: - Monochrome LLC)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead State (HKLM\...\Steam App 239840) (Version: - DoubleBear Productions)
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version: - Ion Storm)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version: - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version: - Eidos Montreal)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version: - BioWare)
Dragon's Lair (HKLM-x32\...\Steam App 227380) (Version: - Digital Leisure Inc.)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version: - WayForward)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ffdshow [rev 2653] [2009-02-04] (HKLM\...\ffdshow64_is1) (Version: 1.0 - )
File Association Helper (HKLM\...\{C168639F-5810-4EC8-B1E8-0251AA8A771C}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
Firewatch (HKLM\...\Steam App 383870) (Version: - Campo Santo)
Friday the 13th: The Game BETA (HKLM\...\Steam App 569300) (Version: - )
Gone Home (HKLM-x32\...\Steam App 232430) (Version: - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.140 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Jurassic Park: The Game (HKLM-x32\...\Steam App 201830) (Version: - Telltale Games)
Killing Time (HKLM\...\Steam App 493320) (Version: - The 3DO Company)
Logitech Gaming Software 8.94 (HKLM\...\Logitech Gaming Software) (Version: 8.94.108 - Logitech Inc.)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
Marvel Heroes 2015 (HKLM-x32\...\Steam App 226320) (Version: - Gazillion Entertainment)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4035.0328 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.60.16 - Black Tree Gaming)
Nexus: The Jupiter Incident (HKLM-x32\...\Steam App 6420) (Version: - Mithis Games)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 22.11.2.7 - Symantec Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Outlast (HKLM-x32\...\Steam App 238320) (Version: - Red Barrels)
Performance Profile Client (HKLM-x32\...\{99831D81-ED00-E2EC-02F7-C2197D1854C9}) (Version: 2.3.0.0 - Advanced Micro Devices, Inc.) Hidden
Plague Inc: Evolved (HKLM\...\Steam App 246620) (Version: - Ndemic Creations)
Police Quest Collection (HKLM\...\Steam App 494740) (Version: - Sierra)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.109.526.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7023 - Realtek Semiconductor Corp.)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)
Sins of a Solar Empire®: Trinity (HKLM-x32\...\Steam App 201290) (Version: - Ironclad Games)
Skyrim Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Space Hulk (HKLM-x32\...\Steam App 242570) (Version: - Full Control Studios)
Space Hulk: Deathwing (HKLM\...\Steam App 298900) (Version: - Streum On Studio)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stranded Deep (HKLM\...\Steam App 313120) (Version: - Beam Team Games)
Talisman: The Horus Heresy (HKLM\...\Steam App 358460) (Version: - Nomad Games)
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version: - 2K Marin)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Forest (HKLM\...\Steam App 242760) (Version: - Endnight Games Ltd)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version: - Snowblind Studios)
The Room (HKLM\...\Steam App 288160) (Version: - Fireproof Games)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version: - CD Projekt RED)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
Total War: SHOGUN 2 (HKLM\...\Steam App 34330) (Version: - The Creative Assembly)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vampire: The Masquerade - Redemption (HKLM\...\Steam App 559680) (Version: - Nihilistic Software)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Warhammer 40,000: Eternal Crusade (HKLM\...\Steam App 375230) (Version: - Behaviour Digital Inc.)
Warhammer 40,000: Regicide (HKLM\...\Steam App 322910) (Version: - Hammerfall Publishing)
Warhammer® 40,000™: Dawn of War® II - Chaos Rising™ (HKLM-x32\...\Steam App 20570) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version: - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II (HKLM-x32\...\Steam App 15620) (Version: - Relic Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinZip 21.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C2410D}) (Version: 21.0.12288 - WinZip Computing, S.L. )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
XCOM 2 (HKLM\...\Steam App 268500) (Version: - Firaxis)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)

========================= Devices: ================================

Name: AODDriver4.2.0
Description: AODDriver4.2.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.2.0
Device ID: ROOT\LEGACY_AODDRIVER4.2.0\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: AODDriver4.3.0
Description: AODDriver4.3.0
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.3.0
Device ID: ROOT\LEGACY_AODDRIVER4.3.0\0000
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 3996.84 MB
Available physical RAM: 2345.07 MB
Total Virtual: 7991.87 MB
Available Virtual: 5723.38 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:111.69 GB) (Free:38.72 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:384.61 GB) NTFS

========================= Users: ========================================

User accounts for \\MIKE-PC

Administrator Guest Mcx1-MIKE-PC
Mike


**** End of log ****


HijackThis Log
(wall of text incoming)


Logfile of HiJackThis Fork (Alpha) by Alex Dragokas v.2.6.4.24

Platform: x64 Windows 7 (Home Premium), 6.1.7601, Service Pack: 1
Time: 07.02.2018 - 21:09
Language: OS: English (0x409). Display: English (0x409). Non-Unicode: English (0x409)
Elevated: Yes
Ran by: Mike (group: Administrator) on MIKE-PC

Chrome: 64.0.3282.140
Internet Explorer: 11.0.9600.18860

Boot mode: Normal

Running processes:
Number | Path
1 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
6 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
2 C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\nis.exe
1 C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
1 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
1 C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
1 C:\Program Files\Windows Media Player\wmpnetwk.exe
1 C:\Users\Mike\Downloads\HiJackThis\HiJackThis.exe
1 C:\Windows\DAODx.exe
1 C:\Windows\System32\SearchIndexer.exe
1 C:\Windows\System32\atieclxx.exe
1 C:\Windows\System32\atiesrxx.exe
1 C:\Windows\System32\audiodg.exe
2 C:\Windows\System32\csrss.exe
1 C:\Windows\System32\dllhost.exe
1 C:\Windows\System32\dwm.exe
1 C:\Windows\System32\lsass.exe
1 C:\Windows\System32\lsm.exe
1 C:\Windows\System32\services.exe
1 C:\Windows\System32\smss.exe
1 C:\Windows\System32\spoolsv.exe
15 C:\Windows\System32\svchost.exe
1 C:\Windows\System32\taskeng.exe
1 C:\Windows\System32\taskhost.exe
1 C:\Windows\System32\wininit.exe
1 C:\Windows\System32\winlogon.exe
1 C:\Windows\explorer.exe
1 C:\Windows\servicing\TrustedInstaller.exe

R4 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes: DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (no name) - (no URL)
R4 - HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B} - Google -
http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}
&sourceid=ie7
O2 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine
\22.11.2.7\coIEPlg.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2-32 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2-32 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2-32 - BHO: Norton Identity Safety - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security
\Engine32\22.11.2.7\coIEPlg.dll
O2-32 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security
\Engine\21.7.0.11\IPS\IPSBHO.DLL (file missing)
O2-32 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine
\22.11.2.7\coIEPlg.dll
O3-32 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security
\Engine32\22.11.2.7\coIEPlg.dll
O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
O4 - HKU\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - HKU\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
O4 - MSConfig\startupreg: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide (HKLM) (2018/01/04)
O4 - MSConfig\startupreg: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized (HKLM) (2018/01/04)
O4 - MSConfig\startupreg: [Raptr] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup (file missing) (HKLM) (2016/06/01)
O9-32 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files
(x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9-32 - Extra 'Tools' menuitem: S&end to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft
Office\Office12\ONBttnIE.dll
O9-32 - Extra button: Blog This - HKLM\..\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer
\WriterBrowserExtension.dll
O9-32 - Extra button: Research - HKLM\..\{92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office
\Office12\REFIEBAR.DLL
O9-32 - Extra button: Send to OneNote - HKLM\..\{2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office
\Office12\ONBttnIE.dll
O17 - DHCP DNS - 1: 192.168.1.1
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery
\AlbumDownloadProtocolHandler.dll
O21 - ShellIconOverlayIdentifiers: OverlayExcluded - {4433A54A-1AC8-432F-90FC-85F045CF383C} - C:\Program Files (x86)\Norton Internet
Security\Engine\22.11.2.7\buShell.dll
O21 - ShellIconOverlayIdentifiers: OverlayPending - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} - C:\Program Files (x86)\Norton Internet
Security\Engine\22.11.2.7\buShell.dll
O21 - ShellIconOverlayIdentifiers: OverlayProtected - {476D0EA3-80F9-48B5-B70B-05E677C9C148} - C:\Program Files (x86)\Norton Internet
Security\Engine\22.11.2.7\buShell.dll
O21 - ShellIconOverlayIdentifiers: SkyDrive1 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive
\17.0.4035.0328\amd64\SkyDriveShell64.dll
O21 - ShellIconOverlayIdentifiers: SkyDrive2 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive
\17.0.4035.0328\amd64\SkyDriveShell64.dll
O21 - ShellIconOverlayIdentifiers: SkyDrive3 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive
\17.0.4035.0328\amd64\SkyDriveShell64.dll
O21-32 - ShellIconOverlayIdentifiers: OverlayExcluded - {4433A54A-1AC8-432F-90FC-85F045CF383C} - C:\Program Files (x86)\Norton Internet
Security\Engine32\22.11.2.7\buShell.dll
O21-32 - ShellIconOverlayIdentifiers: OverlayPending - {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} - C:\Program Files (x86)\Norton Internet
Security\Engine32\22.11.2.7\buShell.dll
O21-32 - ShellIconOverlayIdentifiers: OverlayProtected - {476D0EA3-80F9-48B5-B70B-05E677C9C148} - C:\Program Files (x86)\Norton Internet
Security\Engine32\22.11.2.7\buShell.dll
O21-32 - ShellIconOverlayIdentifiers: SkyDrive1 - {F241C880-6982-4CE5-8CF7-7085BA96DA5A} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive
\17.0.4035.0328\SkyDriveShell.dll
O21-32 - ShellIconOverlayIdentifiers: SkyDrive2 - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive
\17.0.4035.0328\SkyDriveShell.dll
O21-32 - ShellIconOverlayIdentifiers: SkyDrive3 - {BBACC218-34EA-4666-9D7A-C78F2274A524} - C:\Users\Mike\AppData\Local\Microsoft\SkyDrive
\17.0.4035.0328\SkyDriveShell.dll
O22 - Task (Queued): Adobe Acrobat Update Task - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O22 - Task (Ready): Adobe Flash Player Updater - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O22 - Task (Ready): GoogleUpdateTaskMachineCore - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
O22 - Task (Ready): GoogleUpdateTaskMachineUA - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
O22 - Task (Ready): Norton WSC Integration - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\WSCStub.exe /taskschd
O22 - Task (Ready): StartCN - C:\Program Files\AMD\CNext\CNext\cncmd.exe startwithdelay
O22 - Task (Ready): \Microsoft\Windows Live\SOXE\Extractor Definitions Update Task - {3519154C-227E-47F3-9CC9-12C3F05817F1} - C:\Program
Files (x86)\Windows Live\SOXE\wlsoxe.dll
O22 - Task (Ready): \Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser - C:\Windows\system32\CompatTelRunner.exe
O22 - Task (Ready): \Microsoft\Windows\Application Experience\ProgramDataUpdater - C:\Windows\system32\compattelrunner.exe -maintenance
O22 - Task (Ready): \Microsoft\Windows\Windows Activation Technologies\ValidationTask - C:\Windows\system32\Wat\WatAdminSvc.exe /run
O22 - Task (Ready): \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline - C:\Windows\system32\schtasks.exe /run /I
/TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask"
O22 - Task (Ready): \Norton Internet Security\Norton Internet Security Error Analyzer - C:\Program Files (x86)\Norton Internet Security
\Engine\22.11.2.7\SymErr.exe /analyze
O22 - Task (Ready): \Norton Internet Security\Norton Internet Security Error Processor - C:\Program Files (x86)\Norton Internet Security
\Engine\22.11.2.7\SymErr.exe /submit
O22 - Task (Ready): \Remediation\AntimalwareMigrationTask - C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe /upgrade
/user_logon
O22 - Task (Ready): {ABF8DB55-2624-4AA2-A494-30A75C880CC3} - C:\Windows\system32\pcalua.exe -a "C:\Users\Mike\Documents\[Guru3D.com]-DDU
\Display Driver Uninstaller.exe" -d C:\Users\Mike\Documents\[Guru3D.com]-DDU
O22 - Task (Running): \ASUS\RunDAOD - C:\Windows\DAODx.exe
O23 - Service R2: AMD External Events Utility - C:\Windows\system32\atiesrxx.exe
O23 - Service R2: Adobe Acrobat Update Service - (AdobeARMservice) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service R2: Norton Internet Security - (NIS) - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\NIS.exe
O23 - Service R2: Windows Defender - (WinDefend) - C:\Windows\System32\svchost.exe; "ServiceDll" = C:\Program Files\Windows Defender
\mpsvc.dll
O23 - Service S2: Google Update Service (gupdate) - (gupdate) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Adobe Flash Player Update Service - (AdobeFlashPlayerUpdateSvc) - C:\Windows\SysWOW64\Macromed\Flash
\FlashPlayerUpdateService.exe
O23 - Service S3: Dragon Age: Origins - Content Updater - (DAUpdaterSvc) - E:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship
\DAUpdaterSvc.Service.exe
O23 - Service S3: Google Update Service (gupdatem) - (gupdatem) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service S3: Steam Client Service - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (file missing)

--
End of file - Time spent: 1 sec. - 21638 bytes, CRC32: FFFFFFFF. Sign: 똫Ͳ