Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-10-2017 01
Ran by iTzHDz (04-10-2017 02:13:09)
Running from C:\Users\iTzHDz\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-09-19 19:43:19)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3878856725-784265099-1576118965-500 - Administrator - Disabled)
Guest (S-1-5-21-3878856725-784265099-1576118965-501 - Limited - Disabled)
iTzHDz (S-1-5-21-3878856725-784265099-1576118965-1000 - Administrator - Enabled) => C:\Users\iTzHDz
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 385.41 - NVIDIA Corporation) Hidden
ASUS GPU TweakII (HKLM-x32\...\{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.2.8 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU TweakII (HKLM-x32\...\InstallShield_{0075AAC2-EA9F-490E-83F7-5D5F81EB2A43}) (Version: 1.5.2.8 - ASUSTek COMPUTER INC.)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-3878856725-784265099-1576118965-1000\...\Discord) (Version: 0.0.298 - Discord Inc.)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.1.41 - Intel Corporation)
Logitech Gaming Software 8.96 (HKLM\...\Logitech Gaming Software) (Version: 8.96.81 - Logitech Inc.)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 56.0 (x64 en-US) (HKLM\...\Mozilla Firefox 56.0 (x64 en-US)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.3 - Mozilla)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 385.41 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.9.0.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.9.0.97 - NVIDIA Corporation)
NVIDIA Graphics Driver 385.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 385.41 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
osu! (HKLM-x32\...\{ddd51bd8-d254-448d-9f8c-b6051e705966}) (Version: latest - ppy Pty Ltd)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.9 - Power Software Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 7.0.0 Beta 19 (HKLM-x32\...\RTSS) (Version: 7.0.0 Beta 19 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.2.0 - Rockstar Games)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
SteelSeries Engine 3.11.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.4 - SteelSeries ApS)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.3 - Tweaking.com)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Watch_Dogs 2 (HKLM-x32\...\{B0E33297-78B1-4B37-B8C1-39150F2DEE43}_is1) (Version: - Ubisoft)
Windows Driver Package - Microsoft (xusb21) XnaComposite (08/13/2009 2.1.0.1349) (HKLM\...\0AEBEF6F936CFE16E003F7E141631FAB754D9816) (Version: 08/13/2009 2.1.0.1349 - Microsoft)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\.HD stuff\..Tools\Windows tools\winrar\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\.HD stuff\..Tools\Windows tools\winrar\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2017-08-22] (NVIDIA Corporation)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => F:\.HD stuff\..Tools\Windows tools\winrar\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => F:\.HD stuff\..Tools\Windows tools\winrar\rarext32.dll [2013-12-01] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00F49097-8B14-4A07-B830-CE10F8554811} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-10-02] (Adobe Systems Incorporated)
Task: {055397A2-7B8C-4BE0-9E22-3709B165AA07} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-09-19] (NVIDIA Corporation)
Task: {1F558228-F957-41CF-BFDC-1EDED92E41C2} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {470C7F1F-F842-4F8A-8E40-E2CC3723EEF1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-09-19] (NVIDIA Corporation)
Task: {93F9CFFA-5703-425C-9BC5-116B84ACD689} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
Task: {96585C45-FBD8-483D-9CE9-5DCE76D8780A} - System32\Tasks\GPU Tweak II => C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe [2017-08-25] (TODO: <Company name>)
Task: {9DD9AA76-0C6E-4F5B-BE14-B3819D333129} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {AA9C6C8A-E4E9-42C3-B467-B8F003BADC51} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_27_0_0_130_pepper.exe [2017-09-20] (Adobe Systems Incorporated)
Task: {B18B8E59-5905-48AD-BB3C-922E67024D52} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-20] (Adobe Systems Incorporated)
Task: {E1D70C99-4F4A-4842-8164-523A379CED34} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-09-19] (NVIDIA Corporation)
Task: {E967B304-1A55-4935-A90B-A76AFB2F65E0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-09-19] (NVIDIA Corporation)
Task: {FC7FC267-43CC-4A22-A485-CE386B4A10A6} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-09-19] (NVIDIA Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-09-22 22:41 - 2017-01-22 15:20 - 000933840 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\atkexComSvc.exe
2017-09-20 07:58 - 2017-09-19 10:23 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-03-07 03:07 - 2015-03-07 03:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-08-18 12:01 - 2017-08-18 12:01 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 03:07 - 2015-03-07 03:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-08-18 12:01 - 2017-08-18 12:01 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2017-09-22 22:41 - 2017-10-04 02:07 - 000032768 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\PEbiosinterface32.dll
2017-09-22 22:41 - 2015-09-17 10:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.03\ATKEX.dll
2017-09-20 07:58 - 2017-09-19 10:23 - 069807552 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-09-20 07:58 - 2017-09-19 10:23 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 05:34 - 2009-06-11 00:00 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3878856725-784265099-1576118965-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\iTzHDz\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Discord => C:\Users\iTzHDz\AppData\Local\Discord\app-0.0.298\Discord.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{4A11917C-261D-477F-B3C5-2AABA7422848}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E75696AC-048B-4A5E-BE33-602F36949541}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FED9475D-6AD4-4F1C-BE86-3E4D904DD8BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{DC9A5319-831F-4ADA-84AB-63AED54CA538}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{54CF80DE-F02B-46C4-8341-265D35DAFEEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{884F0F07-59AE-4464-BD10-D39F2AA77042}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{1D1CA0B3-9B76-40E5-9A89-3DCC08422352}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{A924F110-7E78-456A-ABBD-A1B8DC486E9B}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{11FF3EA7-0362-402F-9917-7A332D767C30}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{D99F6467-F9A9-4828-A96C-1D84653E8293}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\Steam.exe
FirewallRules: [{9220C826-445B-4A4A-991D-B58E2A77777E}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\Steam.exe
FirewallRules: [{06F6A82C-E7FE-43E8-803B-91D4A72C0A47}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{04BD5C0F-A934-45C2-8A53-B4E7E1B6A723}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{AC6C9200-4568-4946-A45F-C36C072F0BA8}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{0275B3B4-FE93-49D3-A663-F2A63660957E}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{7BDFDF7B-DC7A-420E-B8CC-025F328A9571}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\city car driving\bin\win32\starter.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{6E47E3B0-71E0-403F-B5A0-C5409E2B2259}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\city car driving\bin\win32\starter.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\city car driving\bin\win32\starter.exe
FirewallRules: [TCP Query User{32B01509-96FF-4202-879A-242B1E9E9EA3}F:\.hd stuff\installed games do not transfer\far cry primal\bin\fcprimal.exe] => (Block) F:\.hd stuff\installed games do not transfer\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{D150FA30-F055-4C27-933A-865A74B9BB72}F:\.hd stuff\installed games do not transfer\far cry primal\bin\fcprimal.exe] => (Block) F:\.hd stuff\installed games do not transfer\far cry primal\bin\fcprimal.exe
FirewallRules: [{542EDABD-4ED3-4174-A613-659AE069AEA9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [TCP Query User{1E42D13B-526C-4931-81E1-B49FF756E264}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EA01FFF9-1849-4A7D-9C4C-287341893C2A}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{BA8D4A8C-A02E-48A1-A227-A72C79E18578}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DC7FD35B-17FE-49F8-B64B-7328C490AF52}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1BC961EF-80D4-445D-B1B7-AF6EA6AA06A6}F:\.hd stuff\games\hearthstone\hearthstone\hearthstone.exe] => (Allow) F:\.hd stuff\games\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{BDDA0141-33D0-4201-81E1-D0AF1A3D77D6}F:\.hd stuff\games\hearthstone\hearthstone\hearthstone.exe] => (Allow) F:\.hd stuff\games\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{B3FD2D56-D475-4C58-A9AE-B80508FCE05A}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe
FirewallRules: [UDP Query User{96EAFC04-F83D-4BEA-A508-F5E1871FDDB8}F:\.hd stuff\steam\steam\steam\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe] => (Allow) F:\.hd stuff\steam\steam\steam\steam\steamapps\common\killingfloor2\binaries\win64\kfgame.exe
FirewallRules: [{9C07D2AB-25BC-4880-9C6F-23FECB8C7A34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9D72D033-BEF9-43F1-BD74-F431D84F8FF1}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\Rise of Nations\patriots.exe
FirewallRules: [{FB9E1748-087C-4948-ADC7-6EB44E941537}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\Rise of Nations\patriots.exe
FirewallRules: [{B45758A8-8461-4A28-B70E-DF616CE93EFB}] => (Block) F:\.HD stuff\INSTALLED GAMES DO NOT TRANSFER\Watch dogs 2\Watch_Dogs 2\bin\WatchDogs2.exe
FirewallRules: [{5EE1BDE0-20D1-4F6B-91AE-44E832200223}] => (Allow) C:\Users\iTzHDz\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2974071D-7EA2-40BA-857F-4E0EDF2C8E3B}] => (Allow) C:\Users\iTzHDz\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B794A0FF-093B-4A53-A736-8744C7EB973D}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{5BDDC034-DC67-4A4F-AC55-EB75704BBFA9}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9F1418E8-58BD-498D-8195-B3E7C8B89C01}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\DB Xenoverse 2\START.exe
FirewallRules: [{1E30A88A-10EF-4A13-BB4C-298CD3E0CA9A}] => (Allow) F:\.HD stuff\Steam\Steam\Steam\Steam\SteamApps\common\DB Xenoverse 2\START.exe
==================== Restore Points =========================
02-10-2017 12:28:32 Restore Point Created by FRST
04-10-2017 03:03:25 Restore Point Created by FRST
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/04/2017 02:09:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/04/2017 03:03:25 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {94449cad-e3a5-4a4c-8bb0-e5d8619be95b}
Error: (10/04/2017 02:09:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/04/2017 02:09:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/04/2017 01:32:09 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/02/2017 02:23:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: GPUTweakII.exe, version: 1.5.2.8, time stamp: 0x599fe2d4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x719e40bf
Faulting process id: 0x6c4
Faulting application start time: 0x01d33b70ce264d91
Faulting application path: C:\Program Files (x86)\ASUS\GPU TweakII\GPUTweakII.exe
Faulting module path: unknown
Report Id: 13be3a19-a764-11e7-a94a-10c37b6b0477
Error: (10/02/2017 01:51:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/02/2017 01:51:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/02/2017 01:51:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/02/2017 01:51:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (10/04/2017 02:10:46 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14
Error: (10/04/2017 02:19:49 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14
Error: (10/04/2017 02:07:27 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.
Error: (10/04/2017 02:02:24 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14
Error: (10/04/2017 01:46:55 AM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14
Error: (10/04/2017 01:38:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (10/04/2017 01:38:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (120000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (10/02/2017 01:59:38 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14
Error: (10/02/2017 02:01:47 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14
Error: (10/02/2017 01:56:19 PM) (Source: nvlddmkm) (EventID: 14) (User: )
Description: Event-ID 14
CodeIntegrity:
===================================
Date: 2017-10-04 01:42:20.394
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-02 14:12:25.096
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-02 14:05:05.931
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-10-02 13:57:19.714
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-26 02:30:38.382
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-26 02:54:47.185
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-25 17:32:32.320
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-25 17:28:57.955
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-25 13:38:57.026
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
Date: 2017-09-24 18:36:28.170
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 32%
Total physical RAM: 8134.93 MB
Available physical RAM: 5451.39 MB
Total Virtual: 16268.04 MB
Available Virtual: 13108.17 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:65.21 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.28 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (New Volume) (Fixed) (Total:931.17 GB) (Free:231.55 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 119.2 GB) (Disk ID: 28AF49AB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or
(Size: 931.5 GB) (Disk ID: 28AF49B3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================