Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-01-2017
Ran by Germain (31-01-2017 16:47:26)
Running from C:\Users\Germain\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-09-21 18:53:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2196324403-2920740886-392819837-500 - Administrator - Disabled)
Germain (S-1-5-21-2196324403-2920740886-392819837-1000 - Administrator - Enabled) => C:\Users\Germain
Guest (S-1-5-21-2196324403-2920740886-392819837-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2196324403-2920740886-392819837-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2196324403-2920740886-392819837-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Darkest Dungeon (HKLM\...\Steam App 262060) (Version: - Red Hook Studios)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
DriversCloud.com (64 bits) (HKLM\...\{8EAF4E0A-3F78-4E31-A09D-88E8235A1FA8}) (Version: 10.0.0.3 - Cybelsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.1.40 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Professionnel 2016 - fr-fr (HKLM\...\ProfessionalRetail - fr-fr) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2196324403-2920740886-392819837-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 51.0.1 (x64 fr)) (Version: 51.0.1 - Mozilla)
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.05 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.05 - MSI)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Update 23.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.1.0.0 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 2016 KMS Activator Ultimate v1.2 Final (HKLM\...\Office 2016 KMS Activator Ultimate v1.2 Final_is1) (Version: v1.2 Final - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version: - Firaxis)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2196324403-2920740886-392819837-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Germain\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2F063F60-9FDA-4331-99A6-51D8505920F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-13] (Google Inc.)
Task: {307C65EA-9660-4107-A1F4-49CF2F14B59E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-13] (Google Inc.)
Task: {335CCB19-ACDF-4C64-BDAD-0F2391E63925} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {4CD8A1E2-2479-4A09-90D0-19DFAB77FCAD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {590F20C0-B26D-4735-8966-509D8BB7A963} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {5DB2DF45-9AE7-43EC-97E0-7954F7E46D47} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {632D3059-455A-4C5F-906C-70724D663E49} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {65B7DFF6-9391-40ED-95F3-BD3D2E963411} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {8630DA44-B307-4D4B-B2B7-5E4C96086F3C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {8829E0D4-980F-4348-9EE3-B162A38C6932} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {8B8E7AB7-750C-4050-A683-5E347D88B436} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {B7C1BB59-2177-4588-95E0-737C335EF290} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {E61E0A1E-FC1C-499E-A8D5-AAB5E7B1E500} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {E976DED1-10A1-48FF-98E9-8B00951E6A04} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-01-04 19:34 - 2017-01-04 19:34 - 00959168 _____ () C:\Users\Germain\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-28 11:39 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-28 11:39 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-28 11:39 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-28 00:15 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-30 19:32 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-04-01 11:30 - 2016-10-20 12:08 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2017-01-25 11:53 - 2017-01-25 11:53 - 02899960 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.36\deploy\LoLLauncher.exe
2017-01-25 11:53 - 2017-01-25 11:53 - 05048312 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.76\deploy\LoLPatcher.exe
2016-10-20 12:10 - 2016-10-20 12:10 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.239\deploy\LolClient.exe
2016-07-14 11:25 - 2017-01-15 14:23 - 00176408 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2016-07-14 11:25 - 2017-01-15 14:23 - 00107288 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2016-07-14 11:25 - 2017-01-15 14:23 - 00118040 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2016-07-14 11:26 - 2017-01-15 14:23 - 00486680 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-07-14 11:26 - 2017-01-15 14:23 - 00319768 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2016-12-02 11:02 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-09-28 11:39 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-28 11:39 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-28 11:39 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-28 11:39 - 2016-11-17 14:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-09-28 11:39 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-28 11:39 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2015-08-07 00:09 - 2015-08-07 00:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-25 11:53 - 2017-01-25 11:53 - 00604664 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.76\deploy\RiotLauncher.dll
2017-01-04 19:34 - 2017-01-04 19:34 - 00679624 _____ () C:\Users\Germain\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-10-20 12:08 - 2016-10-20 12:08 - 04887216 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.239\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2016-10-20 12:08 - 2016-10-20 12:08 - 19397808 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.239\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2017-01-06 18:09 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2196324403-2920740886-392819837-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Germain\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6CE8C3FC-462E-4E9F-B0A9-1DFD2ED0C921}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5863592-7EC3-4A0A-A1B7-8EA17339BBB2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4F41412-5EAD-42AF-A877-530F791CD37F}] => C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{45B7D8DC-AC0E-496E-BF36-BCBECBE080A4}] => C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{A35E514C-812C-4E99-9DF7-B080CC44D7D3}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{4CCC5B5C-8133-4FE7-B7CA-5166FBF1C283}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{CD6284DA-57A0-4106-85C8-E1EDB790F3F8}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{A3B23D84-1A3D-42BC-AC7E-37B56BE6BAD7}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{C72B90FB-5346-4A4A-8387-496D842CD1FA}C:\users\germain\appdata\roaming\utorrent\utorrent.exe] => C:\users\germain\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C9D7FC88-4742-4166-A832-577FCBCA6C6C}C:\users\germain\appdata\roaming\utorrent\utorrent.exe] => C:\users\germain\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{CB5E205D-FB2B-4BCB-821C-049B72D80A06}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{BF9D377A-2EED-470D-A2EA-CE6622E5E2CE}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{96D61893-151F-486C-BEB6-F7C1F2AD2050}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{40CB845F-EFFE-47E2-9249-F160480F1CD2}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{84942781-D836-4490-BA6D-9FDBA2183639}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{43D2D58C-90EE-466D-B375-884E0B390123}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{04E50135-23CE-4560-86FE-2B49901C8C4D}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{068AFEA4-C23C-41E6-B030-5EBAAA3588EC}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{2B98D7A6-A868-4AC3-9099-AA988A3359D4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1B287A09-6D3C-4FB4-859A-43AF99068E0F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{76D6E208-9E02-4CFC-8528-F9620907443E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14AF9839-0F47-4661-B751-E3F211D8D51D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E8888AEA-0D32-4B19-B3AB-4DC3606B2519}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{861663CD-3437-49FA-B345-C634451DA5FA}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5D8D3632-5EA3-478E-AD92-9CE950310C1C}] => C:\Windows\system32\rundll32.exe
FirewallRules: [{F34EF472-38A2-44C8-A725-4D704DCF2C8D}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{F168D5D9-27B2-473F-84C6-0CC11DBBE8F0}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{BCB5068B-774E-4C67-8A9D-F5A119D1C3FA}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{CA99CD62-ADBD-40BC-AA3D-95CF72E10669}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{D04FB72B-40FF-4FD2-B109-2625BA5528F8}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{62E53E62-932C-4D63-B46D-823F82E13178}] => D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{3E89F41F-FA6D-4EF0-955D-77CAF7214745}] => D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{DE86361D-3FA5-4443-95F8-29C094F3065A}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{EC7722A0-BBEF-438F-A9F3-15A40632904C}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{DEF0A08D-BA7A-40FC-8964-CF55A687732D}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{CDE1F318-47D6-4DE0-9971-2122A9432006}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{FA2BF255-869F-417D-BD16-0621EE46FCBA}] => D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1E6BAC62-03F8-43CA-9344-4043314608D8}] => D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F1A98F8F-FD81-4C23-A768-2EED6C3F136D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{47E6C3BA-F62A-44B3-BBE5-64A4E731016C}] => D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{ABFEBE0E-7974-4EBC-915E-8E3439C08C2E}] => D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{2614EBB8-E2A5-47AC-AE1D-9304A262CE0E}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{6657BF6C-6746-41C8-A71B-37F76B631276}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [{91812513-9D8D-4813-A29C-2A5768D72933}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD0A74BD-5E02-4188-A3A9-D00A27F61DDE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0BF8D2A7-79F2-45CC-8777-413EA12AEB7A}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E1FBA541-EC56-4FD7-AC02-DA734B077808}] => C:\Program Files\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
28-01-2017 13:45:35 Scheduled Checkpoint
29-01-2017 21:26:49 Windows Modules Installer
29-01-2017 21:27:21 Windows Modules Installer
31-01-2017 15:29:48 Windows Update
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/31/2017 04:11:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (01/31/2017 03:26:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/30/2017 10:27:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/30/2017 07:57:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/30/2017 05:53:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (01/30/2017 08:35:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/29/2017 10:26:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (01/29/2017 09:30:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/29/2017 12:18:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (01/29/2017 12:03:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (01/28/2017 12:25:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MSI Live Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/27/2017 11:44:40 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (01/26/2017 11:10:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {EA022610-0748-4C24-B229-6C507EBDFDBB} did not register with DCOM within the required timeout.
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
CodeIntegrity:
===================================
Date: 2017-01-31 15:25:12.010
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-31 15:25:11.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-31 15:25:11.963
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-31 15:25:11.932
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 22:26:25.006
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 22:26:24.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 22:26:24.960
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 22:26:24.928
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 19:55:45.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 19:55:45.817
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
Percentage of memory in use: 42%
Total physical RAM: 8124.97 MB
Available physical RAM: 4665.03 MB
Total Virtual: 16248.12 MB
Available Virtual: 12372.87 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:438.96 GB) (Free:275.45 GB) NTFS
Drive d: () (Fixed) (Total:492.06 GB) (Free:451.74 GB) NTFS
Drive g: (PHILIPS UFD) (Removable) (Total:7.21 GB) (Free:7.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D1097A8E)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=439 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=492.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.2 GB) (Disk ID: 49077777)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0C)
==================== End of Addition.txt ============================
Ran by Germain (31-01-2017 16:47:26)
Running from C:\Users\Germain\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-09-21 18:53:10)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2196324403-2920740886-392819837-500 - Administrator - Disabled)
Germain (S-1-5-21-2196324403-2920740886-392819837-1000 - Administrator - Enabled) => C:\Users\Germain
Guest (S-1-5-21-2196324403-2920740886-392819837-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2196324403-2920740886-392819837-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2196324403-2920740886-392819837-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Ansel (Version: 375.70 - NVIDIA Corporation) Hidden
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version: - Studio Wildcard)
Arma 3 (HKLM\...\Steam App 107410) (Version: - Bohemia Interactive)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID HWMonitor 1.30 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Darkest Dungeon (HKLM\...\Steam App 262060) (Version: - Red Hook Studios)
DayZ (HKLM\...\Steam App 221100) (Version: - Bohemia Interactive)
DriversCloud.com (64 bits) (HKLM\...\{8EAF4E0A-3F78-4E31-A09D-88E8235A1FA8}) (Version: 10.0.0.3 - Cybelsoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Network Connections 20.7.67.0 (HKLM\...\PROSetDX) (Version: 20.7.67.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.1.40 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Professionnel 2016 - fr-fr (HKLM\...\ProfessionalRetail - fr-fr) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2196324403-2920740886-392819837-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x64 fr) (HKLM\...\Mozilla Firefox 51.0.1 (x64 fr)) (Version: 51.0.1 - Mozilla)
Mozilla Firefox 51.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-US)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.05 - MSI)
MSIRegister (HKLM-x32\...\{80B995A4-3A86-4690-98A6-563F1A788835}_is1) (Version: 2.0.0.05 - MSI)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 375.70 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.1.2.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.1.2.31 - NVIDIA Corporation)
NVIDIA Graphics Driver 375.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 375.70 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NVIDIA Update 23.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.1.0.0 - NVIDIA Corporation)
NvNodejs (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.0.0.0 - NVIDIA Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 2016 KMS Activator Ultimate v1.2 Final (HKLM\...\Office 2016 KMS Activator Ultimate v1.2 Final_is1) (Version: v1.2 Final - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
RogueKiller version 12.9.6.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.9.6.0 - Adlice Software)
SHIELD Streaming (Version: 7.1.0350 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.1.2.31 - NVIDIA Corporation) Hidden
Sid Meier's Civilization VI (HKLM\...\Steam App 289070) (Version: - Firaxis)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR 5.40 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2196324403-2920740886-392819837-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Germain\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2F063F60-9FDA-4331-99A6-51D8505920F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-13] (Google Inc.)
Task: {307C65EA-9660-4107-A1F4-49CF2F14B59E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-13] (Google Inc.)
Task: {335CCB19-ACDF-4C64-BDAD-0F2391E63925} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-12-13] (NVIDIA Corporation)
Task: {4CD8A1E2-2479-4A09-90D0-19DFAB77FCAD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {590F20C0-B26D-4735-8966-509D8BB7A963} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {5DB2DF45-9AE7-43EC-97E0-7954F7E46D47} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {632D3059-455A-4C5F-906C-70724D663E49} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {65B7DFF6-9391-40ED-95F3-BD3D2E963411} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2016-12-13] (NVIDIA Corporation)
Task: {8630DA44-B307-4D4B-B2B7-5E4C96086F3C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {8829E0D4-980F-4348-9EE3-B162A38C6932} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2016-12-13] (NVIDIA Corporation)
Task: {8B8E7AB7-750C-4050-A683-5E347D88B436} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {B7C1BB59-2177-4588-95E0-737C335EF290} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-10] (Adobe Systems Incorporated)
Task: {E61E0A1E-FC1C-499E-A8D5-AAB5E7B1E500} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2016-12-13] (NVIDIA Corporation)
Task: {E976DED1-10A1-48FF-98E9-8B00951E6A04} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2016-11-17] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-01-04 19:34 - 2017-01-04 19:34 - 00959168 _____ () C:\Users\Germain\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-28 11:39 - 2016-12-13 00:35 - 01147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-28 11:39 - 2016-12-13 00:36 - 04489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-28 11:39 - 2016-11-17 14:45 - 00418752 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem\_nvspserviceplugin64.dll
2016-09-28 00:15 - 2016-10-25 21:17 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-01-30 19:32 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-04-01 11:30 - 2016-10-20 12:08 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2017-01-25 11:53 - 2017-01-25 11:53 - 02899960 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.36\deploy\LoLLauncher.exe
2017-01-25 11:53 - 2017-01-25 11:53 - 05048312 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.76\deploy\LoLPatcher.exe
2016-10-20 12:10 - 2016-10-20 12:10 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.239\deploy\LolClient.exe
2016-07-14 11:25 - 2017-01-15 14:23 - 00176408 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2016-07-14 11:25 - 2017-01-15 14:23 - 00107288 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2016-07-14 11:25 - 2017-01-15 14:23 - 00118040 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2016-07-14 11:26 - 2017-01-15 14:23 - 00486680 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2016-07-14 11:26 - 2017-01-15 14:23 - 00319768 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2016-12-02 11:02 - 2005-07-18 13:43 - 00160256 _____ () C:\Program Files (x86)\MSI\Live Update\unrar.dll
2016-09-28 11:39 - 2016-12-13 00:35 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-28 11:39 - 2016-12-13 00:35 - 00900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-28 11:39 - 2016-12-13 00:35 - 03774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2016-09-28 11:39 - 2016-11-17 14:44 - 60817344 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2016-09-28 11:39 - 2016-11-17 11:20 - 00506424 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSpCapsAPINode.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00252352 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
2016-09-28 11:39 - 2016-11-17 11:20 - 02809912 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00245184 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00436792 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00338488 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
2016-09-28 11:39 - 2016-11-17 11:20 - 00968248 _____ () \\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
2015-08-07 00:09 - 2015-08-07 00:09 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-25 11:53 - 2017-01-25 11:53 - 00604664 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.76\deploy\RiotLauncher.dll
2017-01-04 19:34 - 2017-01-04 19:34 - 00679624 _____ () C:\Users\Germain\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-10-20 12:08 - 2016-10-20 12:08 - 04887216 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.239\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2016-10-20 12:08 - 2016-10-20 12:08 - 19397808 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.239\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2017-01-06 18:09 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2196324403-2920740886-392819837-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Germain\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6CE8C3FC-462E-4E9F-B0A9-1DFD2ED0C921}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5863592-7EC3-4A0A-A1B7-8EA17339BBB2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D4F41412-5EAD-42AF-A877-530F791CD37F}] => C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{45B7D8DC-AC0E-496E-BF36-BCBECBE080A4}] => C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{A35E514C-812C-4E99-9DF7-B080CC44D7D3}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{4CCC5B5C-8133-4FE7-B7CA-5166FBF1C283}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{CD6284DA-57A0-4106-85C8-E1EDB790F3F8}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{A3B23D84-1A3D-42BC-AC7E-37B56BE6BAD7}C:\program files (x86)\overwatch\overwatch.exe] => C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{C72B90FB-5346-4A4A-8387-496D842CD1FA}C:\users\germain\appdata\roaming\utorrent\utorrent.exe] => C:\users\germain\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{C9D7FC88-4742-4166-A832-577FCBCA6C6C}C:\users\germain\appdata\roaming\utorrent\utorrent.exe] => C:\users\germain\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{CB5E205D-FB2B-4BCB-821C-049B72D80A06}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{BF9D377A-2EED-470D-A2EA-CE6622E5E2CE}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{96D61893-151F-486C-BEB6-F7C1F2AD2050}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{40CB845F-EFFE-47E2-9249-F160480F1CD2}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{84942781-D836-4490-BA6D-9FDBA2183639}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{43D2D58C-90EE-466D-B375-884E0B390123}] => C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{04E50135-23CE-4560-86FE-2B49901C8C4D}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{068AFEA4-C23C-41E6-B030-5EBAAA3588EC}] => C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{2B98D7A6-A868-4AC3-9099-AA988A3359D4}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1B287A09-6D3C-4FB4-859A-43AF99068E0F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{76D6E208-9E02-4CFC-8528-F9620907443E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{14AF9839-0F47-4661-B751-E3F211D8D51D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{E8888AEA-0D32-4B19-B3AB-4DC3606B2519}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{861663CD-3437-49FA-B345-C634451DA5FA}] => C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{5D8D3632-5EA3-478E-AD92-9CE950310C1C}] => C:\Windows\system32\rundll32.exe
FirewallRules: [{F34EF472-38A2-44C8-A725-4D704DCF2C8D}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{F168D5D9-27B2-473F-84C6-0CC11DBBE8F0}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{BCB5068B-774E-4C67-8A9D-F5A119D1C3FA}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{CA99CD62-ADBD-40BC-AA3D-95CF72E10669}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{D04FB72B-40FF-4FD2-B109-2625BA5528F8}] => C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{62E53E62-932C-4D63-B46D-823F82E13178}] => D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{3E89F41F-FA6D-4EF0-955D-77CAF7214745}] => D:\SteamLibrary\steamapps\common\DarkestDungeon\_windows\Darkest.exe
FirewallRules: [{DE86361D-3FA5-4443-95F8-29C094F3065A}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{EC7722A0-BBEF-438F-A9F3-15A40632904C}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI.exe
FirewallRules: [{DEF0A08D-BA7A-40FC-8964-CF55A687732D}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{CDE1F318-47D6-4DE0-9971-2122A9432006}] => C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\Base\Binaries\Win64Steam\CivilizationVI_DX12.exe
FirewallRules: [{FA2BF255-869F-417D-BD16-0621EE46FCBA}] => D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{1E6BAC62-03F8-43CA-9344-4043314608D8}] => D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F1A98F8F-FD81-4C23-A768-2EED6C3F136D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{47E6C3BA-F62A-44B3-BBE5-64A4E731016C}] => D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{ABFEBE0E-7974-4EBC-915E-8E3439C08C2E}] => D:\SteamLibrary\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{2614EBB8-E2A5-47AC-AE1D-9304A262CE0E}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{6657BF6C-6746-41C8-A71B-37F76B631276}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [{91812513-9D8D-4813-A29C-2A5768D72933}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AD0A74BD-5E02-4188-A3A9-D00A27F61DDE}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0BF8D2A7-79F2-45CC-8777-413EA12AEB7A}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E1FBA541-EC56-4FD7-AC02-DA734B077808}] => C:\Program Files\Mozilla Firefox\firefox.exe
==================== Restore Points =========================
28-01-2017 13:45:35 Scheduled Checkpoint
29-01-2017 21:26:49 Windows Modules Installer
29-01-2017 21:27:21 Windows Modules Installer
31-01-2017 15:29:48 Windows Update
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/31/2017 04:11:37 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (01/31/2017 03:26:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/30/2017 10:27:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/30/2017 07:57:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/30/2017 05:53:15 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (01/30/2017 08:35:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/29/2017 10:26:28 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (01/29/2017 09:30:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (01/29/2017 12:18:39 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (01/29/2017 12:03:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (01/28/2017 12:25:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MSI Live Update Service service terminated unexpectedly. It has done this 1 time(s).
Error: (01/27/2017 11:44:40 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (01/26/2017 11:10:58 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {EA022610-0748-4C24-B229-6C507EBDFDBB} did not register with DCOM within the required timeout.
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
Error: (01/26/2017 10:46:56 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: Event-ID 13
CodeIntegrity:
===================================
Date: 2017-01-31 15:25:12.010
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-31 15:25:11.994
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-31 15:25:11.963
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-31 15:25:11.932
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 22:26:25.006
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 22:26:24.975
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 22:26:24.960
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 22:26:24.928
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 19:55:45.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-01-30 19:55:45.817
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\api-ms-win-core-synch-l1-2-0.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
Percentage of memory in use: 42%
Total physical RAM: 8124.97 MB
Available physical RAM: 4665.03 MB
Total Virtual: 16248.12 MB
Available Virtual: 12372.87 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:438.96 GB) (Free:275.45 GB) NTFS
Drive d: () (Fixed) (Total:492.06 GB) (Free:451.74 GB) NTFS
Drive g: (PHILIPS UFD) (Removable) (Total:7.21 GB) (Free:7.21 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D1097A8E)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=439 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=492.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.2 GB) (Disk ID: 49077777)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0C)
==================== End of Addition.txt ============================