Jump to content

Recommended Posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-02-2017
Ran by UnDead (administrator) on UNDEAD-PC (20-02-2017 15:17:16)
Running from C:\Users\UnDead\Downloads
Loaded Profiles: UnDead (Available Profiles: UnDead)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\AMD\amdacpusrsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(UC-Logic Technology Corp.) C:\Windows\System32\drivers\WTSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe
(Hammer & Chisel, Inc.) C:\Users\UnDead\AppData\Local\Discord\app-0.0.297\Discord.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(MY.COM B.V.) C:\Users\UnDead\AppData\Local\MyComGames\MyComGames.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hammer & Chisel, Inc.) C:\Users\UnDead\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\UnDead\AppData\Local\Discord\app-0.0.297\Discord.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [155648 2015-01-07] (Apple Computer, Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [389120 2013-12-06] (AMD)
HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\...\Run: [Discord] => C:\Users\UnDead\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\...\Run: [MyComGames] => C:\Users\UnDead\AppData\Local\MyComGames\MyComGames.exe [5013392 2017-02-19] (MY.COM B.V.) <===== ATTENTION
HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\...\MountPoints2: {f65d56be-85bb-11e4-a06e-806e6f6e6963} - D:\Setup.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-05-17]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{21D72EE5-87DD-491A-A217-3ED9B1A8094F}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{43D8E31F-9A11-456B-8067-44F76A75A1FC}: [DhcpNameServer] 192.168.1.254

Internet Explorer:
==================
HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-16] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-16] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)

FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2016-05-17] [not signed]
FF HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2479174702-4107569888-2251961208-1000: @my.com/Games -> C:\Users\UnDead\AppData\Local\MyComGames\NPMyComDetector.dll [2017-02-19] (MY.COM B.V.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\UnDead\AppData\Local\Google\Chrome\User Data\Default [2017-02-20]
CHR Extension: (Google Drive) - C:\Users\UnDead\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-05]
CHR Extension: (Google Docs Offline) - C:\Users\UnDead\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-06]
CHR Extension: (AdBlock) - C:\Users\UnDead\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\UnDead\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (Chrome Media Router) - C:\Users\UnDead\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 amdacpusrsvc; C:\AMD\amdacpusrsvc.exe [94208 2013-12-06] () [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1447944 2016-12-12] ()
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [395024 2016-12-30] (EasyAntiCheat Ltd)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [82152 2015-09-21] (UC-Logic Technology Corp.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [206592 2013-12-06] (Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2017-01-20] ()
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176584 2017-01-27] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [110536 2017-02-20] (Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-02-20] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-20] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [81696 2017-02-20] (Malwarebytes)
S3 PTSimHid; C:\Windows\System32\DRIVERS\PTSimHid.sys [22760 2015-09-21] (UC-Logic Technology Corp.)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2005-11-03] (Sonic Solutions) [File not signed]
S3 XSplit_Dummy; C:\Windows\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
S3 MWAC; \??\C:\Windows\system32\drivers\ [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-20 15:17 - 2017-02-20 15:17 - 00013944 _____ C:\Users\UnDead\Downloads\FRST.txt
2017-02-20 15:15 - 2017-02-20 15:17 - 00000000 ____D C:\FRST
2017-02-20 15:14 - 2017-02-20 15:14 - 02422784 _____ (Farbar) C:\Users\UnDead\Downloads\FRST64.exe
2017-02-20 14:08 - 2017-02-20 14:08 - 00000000 ____D C:\Program Files\JAM Software
2017-02-20 14:06 - 2017-02-20 14:07 - 09928496 _____ (JAM Software ) C:\Users\UnDead\Downloads\HeavyLoad-x64-Setup (1).exe
2017-02-20 12:01 - 2017-02-20 12:01 - 00000000 ____D C:\Windows\pss
2017-02-19 20:26 - 2017-02-19 20:26 - 00000000 ____D C:\Users\UnDead\AppData\LocalLow\TotalMayhemGames
2017-02-19 14:18 - 2017-02-19 14:18 - 00357169 ____N C:\Windows\Minidump\021917-16302-01.dmp
2017-02-19 03:50 - 2017-02-20 13:58 - 00000000 ____D C:\Users\UnDead\AppData\Local\MyComGames
2017-02-19 03:50 - 2017-02-19 03:50 - 00002022 _____ C:\Users\UnDead\Desktop\My.com Game Center.lnk
2017-02-19 03:50 - 2017-02-19 03:50 - 00000000 ____D C:\Users\UnDead\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My.com Games
2017-02-19 03:50 - 2017-02-19 03:50 - 00000000 ____D C:\MyGames
2017-02-10 20:47 - 2017-02-10 20:47 - 00000000 ____D C:\Users\UnDead\Downloads\Democracy-3-v2.13.0.19.GOG_www.FreeGamesDL.net
2017-02-07 18:46 - 2017-02-07 18:46 - 00031893 _____ C:\Users\UnDead\Downloads\C4Gam32UEAEj9ym.jpg-large
2017-02-07 02:17 - 2017-02-07 02:17 - 00000000 ____D C:\GOG Games
2017-02-06 06:30 - 2017-02-06 06:30 - 00001661 _____ C:\Users\Public\Desktop\Democracy 3.lnk
2017-02-06 06:30 - 2017-02-06 06:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-02-05 02:56 - 2017-02-05 03:11 - 148003720 _____ C:\Users\UnDead\Downloads\Democracy-3-v2.13.0.19.GOG_www.FreeGamesDL.net.zip
2017-02-04 00:52 - 2017-02-04 00:52 - 00287545 ____N C:\Windows\Minidump\020417-17409-01.dmp
2017-01-27 13:54 - 2017-02-20 13:58 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-27 13:54 - 2017-02-20 13:58 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-01-27 13:54 - 2017-02-20 13:58 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-01-27 13:54 - 2017-02-20 13:58 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-01-27 13:54 - 2017-01-27 13:54 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-01-27 13:53 - 2017-01-27 13:53 - 00001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-01-27 13:53 - 2017-01-27 13:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-01-27 13:53 - 2017-01-27 13:53 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-27 13:53 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-01-21 18:58 - 2017-01-21 18:58 - 00287545 ____N C:\Windows\Minidump\012117-19141-01.dmp

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-20 15:14 - 2014-12-16 18:29 - 00000000 ____D C:\Program Files (x86)\Steam
2017-02-20 15:06 - 2015-01-01 18:11 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-20 14:10 - 2017-01-14 12:45 - 00000000 ____D C:\Users\UnDead\AppData\Roaming\JAM Software
2017-02-20 14:06 - 2009-07-13 23:45 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-20 14:06 - 2009-07-13 23:45 - 00017360 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-20 13:58 - 2016-10-08 12:37 - 00000000 ____D C:\Users\UnDead\AppData\Roaming\discord
2017-02-20 13:57 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-20 13:52 - 2016-10-08 12:37 - 00000000 ____D C:\Users\UnDead\AppData\Local\SquirrelTemp
2017-02-20 13:49 - 2017-01-13 22:40 - 00000000 ____D C:\Users\UnDead\AppData\Roaming\vlc
2017-02-20 13:42 - 2016-10-08 12:37 - 00000000 ____D C:\Users\UnDead\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-02-20 13:39 - 2016-10-08 12:37 - 00000000 ____D C:\Users\UnDead\AppData\Local\Discord
2017-02-20 11:38 - 2014-12-16 18:57 - 00000000 ____D C:\Users\UnDead\AppData\Roaming\Skype
2017-02-19 18:16 - 2017-01-07 03:26 - 00000000 ____D C:\Users\UnDead\AppData\Local\u-launcher
2017-02-19 18:15 - 2016-12-30 21:21 - 00000000 ____D C:\ProgramData\GFACE
2017-02-19 14:18 - 2015-01-30 19:55 - 00000000 ____D C:\Windows\Minidump
2017-02-19 09:16 - 2016-05-25 05:21 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForUnDead
2017-02-19 09:16 - 2016-05-25 05:21 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForUnDead.job
2017-02-19 06:33 - 2014-12-16 18:25 - 00000000 ____D C:\Users\UnDead\AppData\Local\ElevatedDiagnostics
2017-02-19 06:32 - 2009-07-14 00:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-19 06:32 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\inf
2017-02-19 05:32 - 2014-12-16 19:24 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-11 21:59 - 2017-01-13 21:39 - 00000000 ____D C:\Users\UnDead\AppData\Roaming\obs-studio
2017-02-06 14:57 - 2014-12-16 18:26 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 14:57 - 2014-12-16 18:26 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-06 06:30 - 2009-07-14 00:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-02-05 03:44 - 2014-12-17 16:33 - 00000000 ____D C:\Users\UnDead\Documents\My Games
2017-01-27 13:55 - 2014-12-16 18:57 - 00000000 ____D C:\ProgramData\Skype
2017-01-27 13:53 - 2014-12-16 18:27 - 00000000 ____D C:\ProgramData\Malwarebytes

==================== Files in the root of some directories =======

2016-05-17 15:06 - 2016-05-17 15:06 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-05-17 14:18 - 2016-05-27 21:54 - 0002816 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\UnDead\AppData\Local\MyComGames\MyComGames.exe


Some files in TEMP:
====================
2015-01-07 21:50 - 2015-01-07 21:50 - 0425984 _____ (Eastman Kodak Company) C:\Users\UnDead\AppData\Local\Temp\5.0.20.17-EasyShrx.Dll
2015-01-07 21:37 - 2015-01-07 21:37 - 0983040 _____ (Eastman Kodak Company) C:\Users\UnDead\AppData\Local\Temp\6.0.20.16-EasyShrx.Dll
2015-01-07 21:40 - 2004-02-11 16:58 - 0024613 _____ (BackWeb) C:\Users\UnDead\AppData\Local\Temp\IadHide5.dll
2015-12-21 20:11 - 2015-12-21 20:11 - 0091784 _____ (MegaBackup Corp) C:\Users\UnDead\AppData\Local\Temp\MegaBackup.exe
2015-04-06 19:33 - 2015-04-06 19:33 - 45209696 _____ (Skype Technologies S.A.) C:\Users\UnDead\AppData\Local\Temp\SkypeSetup.exe
2015-10-22 20:09 - 2016-08-10 14:44 - 6937200 _____ (Spotify Ltd) C:\Users\UnDead\AppData\Local\Temp\SpotifyUninstall.exe
2013-10-11 08:12 - 2013-10-11 08:12 - 0830344 _____ (Adobe Systems Incorporated) C:\Users\UnDead\AppData\Local\Temp\uninstall_flash_player.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-13 19:45

==================== End of FRST.txt ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-02-2017
Ran by UnDead (20-02-2017 15:18:07)
Running from C:\Users\UnDead\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2014-12-16 23:17:32)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2479174702-4107569888-2251961208-500 - Administrator - Disabled)
Guest (S-1-5-21-2479174702-4107569888-2251961208-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2479174702-4107569888-2251961208-1003 - Limited - Enabled)
UnDead (S-1-5-21-2479174702-4107569888-2251961208-1000 - Administrator - Enabled) => C:\Users\UnDead

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
ACP Application (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\{E94EFAB6-653F-4837-9E8A-F6377CA1EC0D}) (Version: 11.8.800.175 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{FD8FD2BD-A82D-C528-EDA0-A6635F47C19C}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CPU Speed Pro version 3 (HKLM-x32\...\{E0E0C30A-89AF-11E0-951E-11904824019B}_is1) (Version: 3 - CPU Speed Pro)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Democracy 3 (HKLM-x32\...\1207659953_is1) (Version: 2.13.0.19 - GOG.com)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
F4200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GFACE Launcher (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
H1Z1: Just Survive (HKLM\...\Steam App 295110) (Version:  - Daybreak Game Company)
H1Z1: Just Survive Test Server (HKLM\...\Steam App 362300) (Version:  - )
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
H1Z1: King of the Kill Test Server (HKLM\...\Steam App 439700) (Version:  - Daybreak Game Company)
HeavyLoad V3.4 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.4 - JAM Software)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet F4200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{A00C9114-40E6-4C70-A619-7DF264B23485}) (Version: 13.0 - HP)
HP ENVY 4500 series Basic Device Software (HKLM\...\{6915424E-704F-4F5D-9057-9C7B406B36DB}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{95BECC50-22B4-4FCA-8A2E-BF77713E6D3A}) (Version: 30.0.0 - Hewlett Packard)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{78E2C850-ADA6-420D-BA35-2F4A9BE733CC}) (Version: 8.3.50.9 - HP)
HP Support Solutions Framework (HKLM-x32\...\{CE7447C2-EF12-4EF3-BE51-BFC3B049C0F6}) (Version: 12.5.32.203 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My.com Game Center (HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\...\MyComGames) (Version: 3.195 - My.com B.V.)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.0 - OBS Project)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pokémon Trading Card Game Online (HKLM-x32\...\{0A1F8721-8B7C-4100-9E9E-30A2CC597996}) (Version: 2.38.0 - The Pokémon Company International)
Product Improvement Study for HP ENVY 4500 series (HKLM\...\{58139103-BACF-4BDC-B71C-955F9164ADA6}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
QuickTime (HKLM-x32\...\InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4}) (Version: 7.0.4 - Apple Computer, Inc.)
QuickTime (x32 Version: 7.0.4 - Apple Computer, Inc.) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tablet Driver V8.0 (HKLM-x32\...\TabletDriver) (Version:  - )
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TP-LINK TL-WN781ND Driver (HKLM-x32\...\{87C7B472-9BC2-43C8-9F03-86D2908E1A51}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Video Win Movie Maker 2016 (HKLM-x32\...\{3CC29C1A-B5FE-457B-8F22-32A2videowin}}_is1) (Version:  - videowinsoft.com)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Warface (HKLM\...\Steam App 291480) (Version:  - Crytek)
Warface My.Com (HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\...\Warface My.Com) (Version: 1.27 - My.com B.V.)
We Were Here (HKLM\...\Steam App 582500) (Version:  - Total Mayham Games)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0191503E-1432-4DC5-B835-05DFFF376B7A} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-11-07] (HP Inc.)
Task: {0B8D4B8E-0D03-4976-B70B-A35B465FE406} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {22871B19-E5F5-4CDC-A1F4-3FCA28CA025D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2C6889A9-521E-48B7-A8A7-746765737281} - System32\Tasks\HPCeeScheduleForUnDead => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-01-22] (Hewlett-Packard)
Task: {36D51B2C-56F0-4281-AB0D-611192947EBA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-01-09] (HP Inc.)
Task: {4718D1DE-E43F-400B-883B-53C98EFAE087} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {4F709C80-ECF3-4031-A16A-7C870970CF76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {4FFFB541-A8F0-4E04-8313-0DB4D8EEEDC4} - System32\Tasks\{1356E67E-D94A-4904-8FDB-1B0226B12E0E} => pcalua.exe -a "C:\Users\UnDead\Downloads\FirmwareFlashLauncher (1).exe" -d C:\Users\UnDead\Downloads
Task: {5DE18E48-D0CC-4F97-A73D-C1E5473F83E1} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {805E96D0-7848-4A19-B289-5816A97961A8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {B365D3D3-3D8C-4043-ACA4-DE5549E27DA3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-01] (Adobe Systems Incorporated)
Task: {C70DAAD1-C0EC-4F19-89E9-8F3F28C84DD7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {D14231C8-1AAF-4C9C-8453-1ED71B48F7E9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-12-07] (HP Inc.)
Task: {E4274C6E-0DB8-4765-A257-5344BC57C780} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN57933039 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2017-01-09] (HP Inc.)
Task: {FA127FDB-522B-4560-832E-AE02E7F46F1B} - System32\Tasks\{98A3BA28-473C-4E7C-83C2-7607B83387C1} => pcalua.exe -a C:\Users\UnDead\Downloads\FirmwareFlashLauncher.exe -d C:\Users\UnDead\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForUnDead.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2013-12-06 16:06 - 2013-12-06 16:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-12-06 16:24 - 2013-12-06 16:24 - 00094208 _____ () C:\AMD\amdacpusrsvc.exe
2017-01-27 13:53 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-01-27 13:53 - 2017-01-20 07:47 - 02254800 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-01-27 13:53 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll
2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2017-01-11 16:53 - 2017-01-04 14:28 - 01958912 _____ () C:\Users\UnDead\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-12 15:30 - 2017-01-12 15:30 - 01082880 _____ () \\?\C:\Users\UnDead\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-12 15:30 - 2017-01-12 15:30 - 03750400 _____ () \\?\C:\Users\UnDead\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-12 15:30 - 2017-01-12 15:30 - 00914432 _____ () \\?\C:\Users\UnDead\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-02-19 03:50 - 2017-02-19 03:50 - 00144896 _____ () C:\Users\UnDead\AppData\Local\MyComGames\zlib1.dll
2017-02-19 03:50 - 2017-02-19 03:50 - 00076176 _____ () C:\Users\UnDead\AppData\Local\MyComGames\pxd.dll
2017-02-19 03:50 - 2017-02-19 03:50 - 00186256 _____ () C:\Users\UnDead\AppData\Local\MyComGames\LightUpdate.dll
2017-02-19 03:50 - 2017-02-19 03:50 - 02396560 _____ () C:\Users\UnDead\AppData\Local\MyComGames\BigUp2.dll
2016-05-23 13:36 - 2016-05-23 13:36 - 48962048 _____ () C:\Users\UnDead\AppData\Local\MyComGames\Chrome\3.2623.1401\libcef.dll
2017-01-11 16:53 - 2017-01-04 14:28 - 02278912 _____ () C:\Users\UnDead\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 16:53 - 2017-01-04 14:28 - 00096768 _____ () C:\Users\UnDead\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-02-20 13:58 - 2017-02-20 13:58 - 00148992 _____ () \\?\C:\Users\UnDead\AppData\Local\Temp\4DC1.tmp.node
2017-01-12 15:30 - 2017-01-12 15:30 - 02658304 _____ () \\?\C:\Users\UnDead\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-12 15:30 - 2017-01-12 15:30 - 02130432 _____ () \\?\C:\Users\UnDead\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2017-02-06 14:57 - 2017-02-01 04:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-06 14:57 - 2017-02-01 04:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2014-12-16 18:30 - 2016-12-23 13:28 - 00657184 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-19 15:40 - 2016-08-31 20:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-19 15:40 - 2016-08-31 20:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-19 15:40 - 2016-08-31 20:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-16 18:30 - 2017-01-18 20:30 - 02327840 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-16 18:30 - 2016-01-27 02:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-16 18:30 - 2016-01-27 02:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-16 18:30 - 2016-01-27 02:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-16 18:30 - 2016-01-27 02:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-16 18:30 - 2016-01-27 02:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-16 18:30 - 2017-01-18 20:30 - 00838432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-08 18:14 - 2016-07-04 17:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-12-12 15:11 - 2017-01-04 22:12 - 68813088 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2015-01-19 15:40 - 2015-09-24 18:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2479174702-4107569888-2251961208-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\UnDead\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: World of Warships => "C:\Games\World_of_Warships\WargamingGameUpdater.exe"
MSCONFIG\startupreg: WTClient => WTClient.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4B6FABC3-0704-4200-947A-4E6C710A702E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F1F086F1-3561-4F8A-899D-A01736DE89FD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6C724DA3-D223-4AA4-858B-68EC1910E446}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DC3525A3-C489-41E9-8852-9DB8FE30B3F4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D0ADC4C0-A0E7-47AC-8888-D51B31A236CD}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{013A9974-F983-4B5E-A916-4713404AB7A3}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{8FDD63EE-A1A4-410C-BD98-210275B70300}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{FA1B38F1-2259-4F91-9C4F-D4E5221AD871}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{FA86E3B7-CBAB-4DC5-96B4-6159D623845E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{A4E45673-DB1C-4F99-9E6F-B8F2C8CCACD9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{4BA38130-524B-4323-9A9D-BB9BD4BB3BBC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{4FB6CE7B-55FE-45F3-9EE1-34CCE5373781}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{74F4627A-3D31-4544-B58B-53E3178EDA41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [TCP Query User{B8C2906D-E09A-49C2-94F4-E23CF2571DC4}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{9D5CD993-A4E8-48FD-9CEA-2881E5B289DD}C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{95837105-48C2-4A78-9D25-72B853F49576}C:\program files (x86)\kodak\kodak software updater\7288971\program\kodak software updater.exe] => (Allow) C:\program files (x86)\kodak\kodak software updater\7288971\program\kodak software updater.exe
FirewallRules: [UDP Query User{0D61B89D-AC0A-4B0C-B1A5-3D4AB4295A3E}C:\program files (x86)\kodak\kodak software updater\7288971\program\kodak software updater.exe] => (Allow) C:\program files (x86)\kodak\kodak software updater\7288971\program\kodak software updater.exe
FirewallRules: [{C249D8F8-EE45-4EEE-B8E6-61D92B6621AE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C72720F3-8A3D-4CD7-9AE6-501A69C53F20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{4910501F-0B54-4590-9A31-AC3DE58B8672}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [UDP Query User{3F8769F6-D19B-4DA4-BA1B-1F5182B62676}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [TCP Query User{D5FEB743-8681-4085-A6B3-1270A9132CF9}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [UDP Query User{8A426240-A79A-4D2A-B909-60298A25EE83}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [{78657EF3-61E2-4D01-B71B-04C84EE964CE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{83EE9EBB-FD73-406A-83E8-48E3524183B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{40019CFA-EE56-44A0-BC5A-2E9E16C352DB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6BC81EEF-3033-4FB9-84DF-B81E7146F573}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CA6845EE-1F79-4E1F-B54B-6BF9E4F7AEAC}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{91D819ED-C519-4AC3-9B33-D59868125266}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{98E0F567-7F00-4A3B-9F0E-013E6DCF48E6}C:\users\undead\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\undead\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{BB922DDA-C8CD-494D-9746-18F55237E766}C:\users\undead\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\undead\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{BC0E2A39-303A-4059-BC05-820DA89C34B0}C:\users\undead\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\undead\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{31D7883B-F5DF-4984-9405-8C540BC13459}C:\users\undead\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\undead\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3761452E-AF16-4DA3-BB65-18FBBEF423E3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6717A61E-D30D-4EFC-8656-C3E2B080520A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{BD83E7FB-CC9F-46FF-B8CA-AADC5D8B46EA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B79EE664-D7A2-445E-814F-AB900A967497}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{2E030DC3-0D43-4933-A6E2-3B092A7C780B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{47502801-7A93-4ADB-BA2B-1380356A304A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{25B5F3E5-5D37-4FF0-9F4A-4BE83BBB7DF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{2665BFF3-1632-4235-8154-3E308A8D3800}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{FEF8473A-DCCF-45ED-B3C4-6FF16DCA5243}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{C770729B-76FA-4B7D-B9B4-61188C50A0A1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{2D4DC989-EFCF-4C97-8F35-A462D638F0B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{649CC001-CEFB-4CCC-8EB7-605D8F4399E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{94E0C9F6-AB8C-4496-B834-34B60D0F4EFC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{69FD3610-9CDB-4D18-A473-7110A6A1AC56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{33EF5494-426F-4B87-BE98-D06863F1300F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{5ED23185-5367-4672-AA2A-4D5B46CB7CEA}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{0E3E63F5-7E0D-467D-B9C1-D148CB8062D2}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{0F5EE76C-8F49-4620-8976-21E609669AE8}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{C478FE3F-E404-4358-BD80-74B26ECE4C2F}] => (Allow) LPort=5357
FirewallRules: [{FE16E952-50BB-4D9C-99BF-313B23BEBFA4}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{81BC7458-A5EE-4BF2-B57E-02CE1FF5AD0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{32D3AC9B-B764-4E7E-A835-B00F5336A61A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{3A8FABF1-8BED-47A0-8D38-0BA6D2D2ED40}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B64B1E33-59D4-407D-9178-52D6EE97A269}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{6DF745F8-B3A5-47B5-8BA0-6D19E335F4EF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BBAF6808-ABEB-4A80-8711-EEF31F922C80}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{51C55E13-3D33-4EB4-B64D-6B505A1A3EF6}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{7973EA68-7504-400C-88DC-BE4C5E9130D7}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [{AF9EE1EB-8EF2-4895-B27B-9B4DD9E14980}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{1CD4B372-4884-45FA-88B3-04ABF902F852}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{A6C97BB1-A2B7-4CDC-9195-A14C5602DF1E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{6AAD6D8E-7902-476D-8F22-D9E7FEE7B2C5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{C604DD95-C8B3-4F47-AF67-F0F57FC58308}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{34642399-DDB9-484E-8098-CD8E7A24929B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 Test\LaunchPad.exe
FirewallRules: [{16B8EDBF-2A7A-48EF-8691-ADB18BB1ED4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill Test Server\LaunchPad.exe
FirewallRules: [{A8071075-4A2C-4CDA-B4ED-381984027AB2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill Test Server\LaunchPad.exe
FirewallRules: [TCP Query User{9DAD5810-CEFD-4561-B241-64AEAB3925B3}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{02FE943A-6175-4109-BE40-6FA296BE6757}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Block) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{A90DF3AA-6F85-4C87-92A7-1ADFA14A44B7}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{E09F07DF-9144-4F5D-A358-2912CF82DC3B}C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{E9A37E69-C336-434B-A042-DBC8DACB1E29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{A8A5D5C4-8AA6-4E1B-A2E4-0912F6A6F719}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F94A6D85-25F3-4547-8A8C-FC92E2840C3D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{ED997560-4A55-472B-8BDE-08033099F203}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{F220D180-2DE9-439E-A95F-9E8A9F9D5009}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\gflauncher.exe
FirewallRules: [{72ED49E3-BF9C-4570-9BC2-897ECEED4AF8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\live\gflauncher.exe
FirewallRules: [{9534813D-5BB8-4B77-A1B3-6941B72E8920}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [{4115C823-D601-4C07-A477-6C33D6C8EBF1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warface\WarfaceMycomSteamLoader.exe
FirewallRules: [{AC22D0CD-E10E-4714-A5F8-2976D4940167}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{3883FC9E-0EED-4AFF-A5D9-9E913492EB72}C:\users\undead\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\undead\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FE60FAA0-98B1-4BAE-8BFB-8CE3BC297FD1}C:\users\undead\appdata\local\mycomgames\mycomgames.exe] => (Block) C:\users\undead\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [{4CC24223-1DB2-419E-BBCA-AE74270DA55A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here.exe
FirewallRules: [{1F3EF0FA-5728-464D-B2DB-64CA63D7A572}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here.exe
FirewallRules: [{33D2E50B-7E7E-44F0-83F1-B837D5176EEC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here VR.exe
FirewallRules: [{60AA9C96-BB50-479C-8C96-A4F3385873E3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\We Were Here\We Were Here VR.exe

==================== Restore Points =========================

16-02-2017 06:46:25 Scheduled Checkpoint
19-02-2017 05:28:41 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212
19-02-2017 05:29:31 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210
19-02-2017 05:30:24 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212
19-02-2017 05:31:54 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210
20-02-2017 11:50:38 Removed LogMeIn Hamachi
20-02-2017 11:51:36 Removed Krita Desktop (x64) 2.9.11.0

==================== Faulty Device Manager Devices =============

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: HL-DT-ST DVDRAM GH24NSC0 ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : A driver (service) for this device has been disabled. An alternate driver may be providing this functionality (Code 32)
Resolution: The start type for this driver is set to disabled in the registry.
Uninstall the driver from Device Manager, and then scan for new hardware to install the driver again. If this does not work, you might have to change the device start type parameter in the registry.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/11/2017 04:09:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\UnDead\AppData\Local\Temp\Temp1_Total-War-Warhammer.zip\Total War Warhammer.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (02/11/2017 03:45:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\UnDead\AppData\Local\Temp\Temp1_Total-War-Warhammer.zip\Total War Warhammer.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (02/11/2017 03:45:21 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\UnDead\AppData\Local\Temp\Temp1_Total-War-Warhammer.zip\Total War Warhammer.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Error: (02/10/2017 02:49:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.1.0.415, time stamp: 0x5881b7a1
Faulting module name: ntdll.dll, version: 6.1.7601.19110, time stamp: 0x568429e5
Exception code: 0xc0000005
Fault offset: 0x00000000000273b3
Faulting process id: 0x9e0
Faulting application start time: 0x01d283d6ccc3e72c
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 17c08843-efca-11e6-ad1c-d05099485ed4

Error: (02/07/2017 02:19:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Faulting module name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Exception code: 0xc0000005
Fault offset: 0x00039439
Faulting process id: 0x166c
Faulting application start time: 0x01d281128652d4e1
Faulting application path: C:\GOG Games\Democracy 3\Democracy3.exe
Faulting module path: C:\GOG Games\Democracy 3\Democracy3.exe
Report Id: c44949a8-ed05-11e6-8f44-d05099485ed4

Error: (02/07/2017 02:19:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Faulting module name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Exception code: 0xc0000005
Fault offset: 0x00039439
Faulting process id: 0x1be4
Faulting application start time: 0x01d281128384e761
Faulting application path: C:\GOG Games\Democracy 3\Democracy3.exe
Faulting module path: C:\GOG Games\Democracy 3\Democracy3.exe
Report Id: c179d588-ed05-11e6-8f44-d05099485ed4

Error: (02/07/2017 02:19:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Faulting module name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Exception code: 0xc0000005
Fault offset: 0x00039439
Faulting process id: 0x1864
Faulting application start time: 0x01d281128119da8a
Faulting application path: C:\GOG Games\Democracy 3\Democracy3.exe
Faulting module path: C:\GOG Games\Democracy 3\Democracy3.exe
Report Id: bf4bd1b6-ed05-11e6-8f44-d05099485ed4

Error: (02/07/2017 02:11:44 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Faulting module name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Exception code: 0xc0000005
Fault offset: 0x00039439
Faulting process id: 0x15b8
Faulting application start time: 0x01d281116f84e8e3
Faulting application path: D:\GOG Games\Democracy 3\Democracy3.exe
Faulting module path: D:\GOG Games\Democracy 3\Democracy3.exe
Report Id: adf56fb5-ed04-11e6-8f44-d05099485ed4

Error: (02/07/2017 02:11:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Faulting module name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Exception code: 0xc0000005
Fault offset: 0x00039439
Faulting process id: 0x1a30
Faulting application start time: 0x01d281115dd2074a
Faulting application path: C:\GOG Games\Democracy 3\Democracy3.exe
Faulting module path: C:\GOG Games\Democracy 3\Democracy3.exe
Report Id: 9bd944f2-ed04-11e6-8f44-d05099485ed4

Error: (02/07/2017 02:11:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Faulting module name: Democracy3.exe, version: 0.0.0.0, time stamp: 0x5777b19a
Exception code: 0xc0000005
Fault offset: 0x00039439
Faulting process id: 0x1194
Faulting application start time: 0x01d28111551cde66
Faulting application path: D:\GOG Games\Democracy 3\Democracy3.exe
Faulting module path: D:\GOG Games\Democracy 3\Democracy3.exe
Report Id: 9455974b-ed04-11e6-8f44-d05099485ed4


System errors:
=============
Error: (02/20/2017 01:58:35 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (02/20/2017 01:40:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 1:39:31 PM on ‎2/‎20/‎2017 was unexpected.

Error: (02/20/2017 11:13:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Malwarebytes Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (02/20/2017 11:13:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Malwarebytes Service service to connect.

Error: (02/19/2017 02:18:15 PM) (Source: BugCheck) (EventID: 1001) (User: )
Description: The computer has rebooted from a bugcheck.  The bugcheck was: 0x000000fe (0x0000000000000008, 0x0000000000000006, 0x0000000000000006, 0xfffffa800eedc000). A dump was saved in: C:\Windows\Minidump\021917-16302-01.dmp. Report Id: 021917-16302-01.

Error: (02/19/2017 02:18:14 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 9:22:20 AM on ‎2/‎19/‎2017 was unexpected.

Error: (02/19/2017 08:52:30 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:50:26 AM on ‎2/‎19/‎2017 was unexpected.

Error: (02/19/2017 08:48:37 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:47:36 AM on ‎2/‎19/‎2017 was unexpected.

Error: (02/19/2017 08:47:36 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:45:36 AM on ‎2/‎19/‎2017 was unexpected.

Error: (02/16/2017 08:49:06 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:32:32 PM on ‎2/‎16/‎2017 was unexpected.


CodeIntegrity:
===================================
  Date: 2015-01-07 21:39:47.902
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PxHlpa64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-01-07 21:39:47.845
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\PxHlpa64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: AMD Athlon(tm) X4 860K Quad Core Processor 
Percentage of memory in use: 24%
Total physical RAM: 16308.72 MB
Available physical RAM: 12331.96 MB
Total Virtual: 16346.56 MB
Available Virtual: 12249.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:81.99 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: AB73D528)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.