Please check my computer for sny possible further infection

I came from here so you can read up on the short history and what I did. :

Ok so it says to

• Please make sure All Users is checked

Click to expand...

Where is that on the GUI? Attached is a picture of of program in question.

I have another question about it as well, why not to run FRST64.exe in download folder or temp folder as it says here:

• Please don't run the Farbar Recovery Scan Tool (FRST.txt) from your "Downloads" folder or from "Temporary Internet Files"

Click to expand...

?

I already ran it in my downloads before I got to reading that part of the post....hahaha, I've re-scanned it with exe file on desktop.

Here's the Addition.txt: (Couldn't attach it as it was over file size limit)
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-08-2016
Ran by Manectric (2016-08-07 12:59:34)
Running from C:\Users\Electrike\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-19 02:59:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2798084944-1211984927-2140173799-500 - Administrator - Disabled)
Electrike (S-1-5-21-2798084944-1211984927-2140173799-1001 - Limited - Enabled) => C:\Users\Electrike
Guest (S-1-5-21-2798084944-1211984927-2140173799-501 - Limited - Disabled)
Manectric (S-1-5-21-2798084944-1211984927-2140173799-1000 - Administrator - Enabled) => C:\Users\Manectric

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM-x32\...\Steam App 223850) (Version: - Futuremark)
8BitBoy (HKLM-x32\...\Steam App 296910) (Version: - AwesomeBlade)
Absconding Zatwor (HKLM-x32\...\Steam App 385200) (Version: - Zonitron Productions)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
AmCap version 9.01 (HKLM-x32\...\{0F45BECF-4C85-4301-A8A4-D2E2AE2A2C08}_is1) (Version: 9.01 - Gigabyte, Inc.)
Auslogics BoostSpeed 7 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 7.9.0.0 - Auslogics Labs Pty Ltd)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
Blaster Shooter GunGuy! (HKLM-x32\...\Steam App 391740) (Version: - Adam DeLease)
Breakout Invaders (HKLM-x32\...\Steam App 366700) (Version: - DreamsSoftGames)
Canon Easy-PhotoPrint EX - Additional Materials DL_AN1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN1) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_AN2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN2) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_AN3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN3) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_AN4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN4) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_AN5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN5) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA1) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA2) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA3) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA4) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_FA5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA5) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST1) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST2) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST3) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST4) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST5) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST6 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST6) (Version: - )
Canon Easy-PhotoPrint EX - Additional Materials DL_ST7 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST7) (Version: - )
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
CONSORTIUM (HKLM-x32\...\Steam App 264240) (Version: - Interdimensional Games Inc)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.2205.58 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Edge of Space (HKLM-x32\...\Steam App 238240) (Version: - Handyman Studios)
ELAN Touchpad 11.14.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 11.14.7.1 - ELAN Microelectronic Corp.)
FaeVerse Alchemy (HKLM\...\Steam App 282880) (Version: - Subsoap)
FileZilla Client 3.18.0 (HKLM-x32\...\FileZilla Client) (Version: 3.18.0 - Tim Kosse)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{70690D9E-3D00-47D6-9CE9-BC3B6F900447}) (Version: 4.41.563.0 - Futuremark)
Game Dev Tycoon version 1.5.24 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.5.24 - Greenheart Games Pty. Ltd.)
GIGABYTE Smart USB Backup 2.0.20141014 (HKLM-x32\...\GIGABYTE Smart USB Backup) (Version: 2.0.20141014 - GIGABYTE TECHNOLOGY CO.,LTD.)
Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version: - Arkedo)
Hyperdimension Neptunia Re;Birth1 (HKLM-x32\...\Steam App 282900) (Version: - Idea Factory, Inc.)
Hyperdimension Neptunia Re;Birth2 Sisters Generation (HKLM-x32\...\Steam App 351710) (Version: - Compile Heart)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.0.1427.2) (HKLM\...\{302600C1-6BDF-4FD1-1406-148929CC1385}) (Version: 17.1.1406.0472 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7991b5ae-96d7-4df2-97fb-a605b7cb638b}) (Version: 17.12.0 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version: - Blit Software)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version: - Tripwire Interactive)
Killing Floor SDK (HKLM\...\Steam App 1260) (Version: - Tripwire Interactive)
Kingdom Wars (HKLM\...\Steam App 227180) (Version: - Reverie World Studios, INC)
LanOptimizer (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - Realtek)
Left 4 Dead (HKLM-x32\...\Steam App 500) (Version: - Valve)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LIMBO (HKLM\...\Steam App 48000) (Version: - Playdead)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.2.0 ESR (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.2.0 ESR (x86 en-US)) (Version: 45.2.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.2.0.5996 - Mozilla)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA Graphics Driver 344.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.42 - NVIDIA Corporation)
Omikron - The Nomad Soul (HKLM-x32\...\Steam App 243000) (Version: - Quantic Dream)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios)
Razer Naga (HKLM-x32\...\{ED4108A9-60FD-4F18-AF42-122219977773}) (Version: 3.03.01 - Razer USA Ltd.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7348 - Realtek Semiconductor Corp.)
Renegade Ops (HKLM-x32\...\Steam App 99300) (Version: - Avalanche Studios)
Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
Savage: The Battle For Newerth (Version: 1.0RC3) (HKLM-x32\...\{ABDEBB00-96E9-47A2-94CC-BB0CCC4630DE}_is1) (Version: - Newerth.com)
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version: - Sega)
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Smart Manager V3 Ver 4.4.3 (HKLM\...\Smart Manager V3) (Version: Ver 4.4.3 - GIGABYTE)
Smart Update v2.3.5 (HKLM-x32\...\Smart Update) (Version: v2.3.5 - GIGABYTE TECHNOLOGY CO.,LTD.)
Sniper Elite: Nazi Zombie Army 2 (HKLM-x32\...\Steam App 247910) (Version: - )
Soulbringer (HKLM-x32\...\Steam App 283310) (Version: - Infogames Europe SA)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version: - Pandemic Studios)
Starbound - Unstable (HKLM\...\Steam App 367540) (Version: - )
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Street Racing Syndicate (HKLM-x32\...\Steam App 292410) (Version: - Eutechnyx)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version: - Team Meat)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight Ltd.)
UE3Redist (HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Viking: Battle for Asgard (HKLM-x32\...\Steam App 211160) (Version: - Creative Assembly, PC Port - Hardlight)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Electrike\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Electrike\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F31E738-83EC-40CD-A7C2-F7CEF30EC5D6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {281FAFD2-11AC-46FE-B3D7-74FFC96FCB60} - System32\Tasks\RtlLanOptimizerVistaStart => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe [2013-01-18] (Realtek Semiconductor)
Task: {34744266-050D-465A-AEDC-071063F1F8C6} - System32\Tasks\Opera scheduled Autoupdate 1453433047 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software)
Task: {88C14B97-48EB-43EE-9F66-AA4268FA32FE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {D2443CEE-28E7-4E8E-B014-09D96E0D998C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-09] (Piriform Ltd)
Task: {E1B701B4-8889-46F5-A1E8-6226A5212985} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-06] (Adobe Systems Incorporated)
Task: {EAAE9075-97CB-4D2F-9372-8DD858214FBB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {FFE4DF80-8C39-4568-8C64-A70E97751AF6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-08-03] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\RtlLanOptimizerVistaStart.job => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2014-10-29 15:01 - 2014-10-29 15:01 - 00014336 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe
2014-10-22 14:26 - 2014-10-13 23:13 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-22 14:26 - 2014-10-13 19:59 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-29 15:06 - 2014-10-29 15:06 - 00434688 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\OSD\Skin\OSD_Skin.dll
2014-10-29 15:01 - 2014-10-29 15:01 - 00064000 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\PCIeCtl.dll
2014-10-29 15:01 - 2014-10-29 15:01 - 00209408 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\GetDispDevs.dll
2014-10-29 15:06 - 2014-10-29 15:06 - 04300800 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\Skin\Main_Skin.dll
2015-12-22 02:47 - 2015-12-22 02:47 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\kpcengine.2.3.dll
2014-10-22 14:26 - 2014-10-13 23:13 - 00012104 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-04-30 07:23 - 2014-04-30 07:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-15 06:37 - 2016-08-03 06:08 - 00785920 _____ () E:\Steam\SDL2.dll
2016-01-15 06:37 - 2016-08-03 06:10 - 04962816 _____ () E:\Steam\v8.dll
2016-01-15 06:37 - 2016-08-03 06:09 - 01556992 _____ () E:\Steam\icui18n.dll
2016-01-15 06:37 - 2016-08-03 06:09 - 01187840 _____ () E:\Steam\icuuc.dll
2016-01-15 06:37 - 2016-08-03 08:00 - 02320160 _____ () E:\Steam\video.dll
2016-01-15 06:37 - 2016-02-09 07:14 - 02549760 _____ () E:\Steam\libavcodec-56.dll
2016-01-15 06:37 - 2016-02-09 07:14 - 00442880 _____ () E:\Steam\libavutil-54.dll
2016-01-15 06:37 - 2016-02-09 07:14 - 00491008 _____ () E:\Steam\libavformat-56.dll
2016-01-15 06:37 - 2016-02-09 07:14 - 00332800 _____ () E:\Steam\libavresample-2.dll
2016-01-15 06:37 - 2016-02-09 07:14 - 00485888 _____ () E:\Steam\libswscale-3.dll
2016-01-15 06:31 - 2016-08-03 07:59 - 00831776 _____ () E:\Steam\bin\chromehtml.DLL
2016-03-10 10:38 - 2016-07-07 06:00 - 00266560 _____ () E:\Steam\openvr_api.dll
2016-01-15 06:31 - 2016-06-15 03:14 - 49826080 _____ () E:\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92888469.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\92888469.sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7908 more sites.

IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\1-2005-search.com -> www.1-2005-search.com

There are 12725 more sites.

IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\1-2005-search.com -> www.1-2005-search.com

There are 12685 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2016-07-07 15:52 - 00453407 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 cap.cyberlink.com
127.0.0.1 activation.cyberlink.com127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 15551 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Manectric\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Electrike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{ED44402E-6B9E-4DB1-B967-E19AA4AE59D5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{0A43CEC0-D11C-4630-A413-B6E8C04EBC33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{066D6F27-71F5-4E62-A6E1-7CBE8CC659B8}] => (Allow) LPort=2869
FirewallRules: [{DB872E6F-011D-4F33-9FAC-0FDC2FF78F8E}] => (Allow) LPort=1900
FirewallRules: [{975A9371-4FC5-4492-A0FA-31983D49C1F5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{46B1C078-AFED-45D5-926D-B400B0762AEA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8AA98205-C1F8-4F48-929E-28A6F5C66746}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{218FBBB7-0A07-424B-9DBA-25DEE324042F}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{2CEB3727-6E0E-474B-BEDB-55CD6FA31863}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{0E988A6F-1597-434D-8FDF-ACCAC6D3BABA}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA275EC0-0E29-4CB2-851E-0DF94DD3B256}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
FirewallRules: [{D7B7FE81-F7C1-4CC2-9A5D-3BFBC4F8B092}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
FirewallRules: [{158CD4F6-032B-4273-826C-217282EBB367}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
FirewallRules: [{1923CDDD-D237-42FD-8C23-BC5FB283A78E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
FirewallRules: [{AE2A9A89-B88B-4683-B869-8B2EF65AD275}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{23E604FA-4DDA-45B1-9908-9EBFB959E3DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1B14BB29-0D4F-4A8C-8ABC-6888D216BD83}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{42E4617A-5FCA-4251-8EFB-91382308D1CF}] => (Allow) E:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{5915F504-940F-4CF9-8851-E2D9D34CCF8B}] => (Allow) E:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{977B611B-A28C-4028-B3BC-1039ED8857E6}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{6E11EF2F-6830-49D3-BD5C-667A4C9A40F6}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{19406A0C-DDD7-46E7-A82F-38E6F9627D2A}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{2513EA08-BD87-41FE-A41B-2C727C0E0AA2}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{31FED2C9-495D-4342-8B10-7966E278394C}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{61BC3A19-BF39-4DD6-A1A6-0D58AEE19178}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{106113F8-9421-4270-820D-CC76EEA2A2B3}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{DBF93726-DD05-4DD9-BC9F-9948951E75B1}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{D0CE9C82-7250-46DC-94CF-0CA3B4E0A5AC}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{B70D3706-95ED-49E3-AF67-CBE783281915}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{B7138CFE-00E4-4F1A-B081-EAF371CC90C5}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2DC418BB-D092-44D7-B9D5-2AAF21966D87}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{080F40DB-3587-4EB6-818C-FE2225702188}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{441B589F-AC8B-4E86-9F8A-536B5BB1D1BB}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{1AC40D78-85FC-44D5-97B1-05DE752CE4AB}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{16E5442B-B244-434D-89BC-122C4DC23666}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{0659532C-2FC0-41DE-A1FE-F884355EFCA2}] => (Allow) E:\Steam\steamapps\common\Edge of Space\Launcher.exe
FirewallRules: [{E7546CF8-5893-4099-B834-70CE3F0A815D}] => (Allow) E:\Steam\steamapps\common\Edge of Space\Launcher.exe
FirewallRules: [{827ABB98-CC0A-4987-990F-859B67A93BE4}] => (Allow) E:\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{6F18E829-CE8B-4EFC-96F4-B0EE1D357AB4}] => (Allow) E:\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
FirewallRules: [{0E8AC9E3-CCC1-4B56-A403-CAF7318C1872}] => (Allow) E:\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{0B8EAF10-34D3-4982-97C4-7B8909D7ABA1}] => (Allow) E:\Steam\steamapps\common\left 4 dead\left4dead.exe
FirewallRules: [{4B4DA01D-819F-4EFF-A0FD-2C0BE6406682}] => (Allow) E:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{54884BF2-8338-451F-B9E7-46AB96619750}] => (Allow) E:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
FirewallRules: [{E61D0B2A-5D79-4977-AF7D-2F0B7106C268}] => (Allow) E:\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{3DCB6A24-1389-4942-92D5-3843075404E4}] => (Allow) E:\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{DBA18D9C-8ACA-49E2-AAC4-3562035A8C57}] => (Allow) E:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{BBEFBE26-BED3-48B4-B121-E489A3ADF5B1}] => (Allow) E:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{33926AC4-D51F-4479-8FC0-6A47B2055EEF}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe
FirewallRules: [{1C996CF8-6816-406F-B0E0-7F5346B9A085}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe
FirewallRules: [{8EB3D9BC-0F02-45D3-9DAB-C24D00AB72C1}] => (Allow) E:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{11A7FAF0-73F9-4D6F-BE83-AE1B847685DE}] => (Allow) E:\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9BD875E2-2851-4332-AE83-1C609C0F596E}] => (Allow) E:\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{B64A9B7C-6C69-4C35-B792-9697435EB025}] => (Allow) E:\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{C7B05986-D0C4-4108-BF55-AA0DB2F9B964}] => (Allow) E:\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{86B27BFA-B00C-4819-AC2E-2698A8D1D867}] => (Allow) E:\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{0CB72F27-4441-44FA-9C5A-5441E38EE959}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1D8F9B21-75A4-4095-925D-37EF588122EC}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{D1FBB2F4-3AEB-4A10-B314-1997BF169FD9}] => (Allow) E:\Steam\steamapps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
FirewallRules: [{746B90D7-A441-49B8-9D00-634C77BA026A}] => (Allow) E:\Steam\steamapps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
FirewallRules: [{DBE2503B-EFAA-4652-A651-B03A21CBF6F6}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth2\NeptuniaReBirth2.exe
FirewallRules: [{2DF07BBF-0773-4A95-9F7F-1E5853B86F17}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth2\NeptuniaReBirth2.exe
FirewallRules: [{3A9F16C0-CD27-4147-9FB4-5A1298898CE0}] => (Allow) E:\Steam\steamapps\common\Absconding Zatwor\AbscondingZatwor.exe
FirewallRules: [{071E8CC3-0D48-4F22-9580-C472D454D7C9}] => (Allow) E:\Steam\steamapps\common\Absconding Zatwor\AbscondingZatwor.exe
FirewallRules: [{53DFE6F9-4512-43A8-9878-0A28C814363E}] => (Allow) E:\Steam\steamapps\common\8BitBoy\8bitboy.exe
FirewallRules: [{79D7B79F-14C8-41B4-AF2B-E5A83CD0A94E}] => (Allow) E:\Steam\steamapps\common\8BitBoy\8bitboy.exe
FirewallRules: [{BE1625A0-5C22-4012-B36E-CBEB9D1D0B44}] => (Allow) E:\Steam\steamapps\common\Soulbringer\Soulbringer.exe
FirewallRules: [{732E4072-52AD-437F-832B-8788A54BC722}] => (Allow) E:\Steam\steamapps\common\Soulbringer\Soulbringer.exe
FirewallRules: [{B8112D4F-B895-48FD-A761-07233224E301}] => (Allow) E:\Steam\steamapps\common\Soulbringer\SBLang.exe
FirewallRules: [{7B73DB18-60C1-48C2-8BC7-EDB9EA198B1A}] => (Allow) E:\Steam\steamapps\common\Soulbringer\SBLang.exe
FirewallRules: [{DBB54C42-A404-4750-9EA6-CE7EC5EBF23F}] => (Allow) E:\Steam\steamapps\common\Omikron\Runtime.exe
FirewallRules: [{4394EE80-8ACE-407E-952B-CC4B6719971F}] => (Allow) E:\Steam\steamapps\common\Omikron\Runtime.exe
FirewallRules: [{FEB10303-05F6-449E-A3CF-ACCB9CCA8B02}] => (Allow) E:\Steam\steamapps\common\Blaster Shooter GunGuy!\BlasterShooterGunGuy.exe
FirewallRules: [{1EF7DA4A-1823-4F8D-9155-BEA31FD22B5E}] => (Allow) E:\Steam\steamapps\common\Blaster Shooter GunGuy!\BlasterShooterGunGuy.exe
FirewallRules: [{ACA46DCF-C461-4ED4-BED5-2C3C4850A8F3}] => (Allow) E:\Steam\steamapps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{273E2CC8-617A-48CB-9CCF-B94AA9D96ECD}] => (Allow) E:\Steam\steamapps\common\State of Decay\StateOfDecay.exe
FirewallRules: [{172E3FBA-DEE4-43F4-8A2D-B9B8D68CACA0}] => (Allow) E:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{E94AD05B-C733-4A92-B5A2-BD09EB05A410}] => (Allow) E:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{00AC840B-80A1-4336-88EE-248DC558DC8E}] => (Allow) E:\Steam\steamapps\common\Street Racing Syndicate\Bin\SRS.EXE
FirewallRules: [{B21938C0-9E93-436B-AFD1-BE72C9E048AF}] => (Allow) E:\Steam\steamapps\common\Street Racing Syndicate\Bin\SRS.EXE
FirewallRules: [{0604D7D5-CE4B-40F0-8844-36D0181A3D33}] => (Allow) E:\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{B257BEA4-3A33-4DDE-A96D-9442D2C7C6A8}] => (Allow) E:\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
FirewallRules: [{D5FD205B-7422-4B63-9C42-2C284F7A5357}] => (Allow) E:\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{2CB6CF4F-6F0E-4F3A-B7BA-0878C855956C}] => (Allow) E:\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
FirewallRules: [{AF18B0FD-32DD-40CD-9EF0-A41F3EBD6195}] => (Allow) E:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{6B2D4BD6-6BE2-4027-97BB-CABBCD2940F0}] => (Allow) E:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
FirewallRules: [{E378E1DC-8AEA-4A0D-AC1D-1222A117A1C6}] => (Allow) E:\Steam\steamapps\common\Renegade Ops\RenegadeOps.exe
FirewallRules: [{81BCE8BE-6B13-4ADF-A0CD-0C5ACCEF2E15}] => (Allow) E:\Steam\steamapps\common\Renegade Ops\RenegadeOps.exe
FirewallRules: [{0101F286-11E3-44C1-B549-C2065BD8AAE6}] => (Allow) E:\Steam\steamapps\common\Viking Battle for Asgard\viking.exe
FirewallRules: [{5E4891E6-CA93-4429-B4F7-B2B650E4D791}] => (Allow) E:\Steam\steamapps\common\Viking Battle for Asgard\viking.exe
FirewallRules: [{37DBD26C-BB32-49F8-9A7D-167AE3B772CA}] => (Allow) E:\Steam\steamapps\common\Viking Battle for Asgard\ConfigTool.exe
FirewallRules: [{4C1DAB79-D364-4727-A421-F26F7AF3442B}] => (Allow) E:\Steam\steamapps\common\Viking Battle for Asgard\ConfigTool.exe
FirewallRules: [{DF112BDD-C962-4B16-9F8F-FF4A26DDCCE9}] => (Allow) E:\Steam\steamapps\common\Breakout Invaders\Breakout Invaders.exe
FirewallRules: [{DA48FB98-14F8-49EF-8ED7-6940578C2D5D}] => (Allow) E:\Steam\steamapps\common\Breakout Invaders\Breakout Invaders.exe
FirewallRules: [{CCF81E90-D5FA-4A26-8642-90A9613C7AD8}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\Dof.exe
FirewallRules: [{F145CB47-1CA1-40B7-9699-5EFBA332DE3C}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\Dof.exe
FirewallRules: [{44CF666E-77CD-4F57-A70C-E9F1C612782D}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\dof_options.exe
FirewallRules: [{52A5BE11-5E01-4B08-B08B-852ED99BD5C0}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\dof_options.exe
FirewallRules: [{6419C5BC-EF54-466F-994F-CEC4BA1FA469}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\Editor.exe
FirewallRules: [{F9E29DF7-450C-41C3-BC16-5136E441DF43}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\Editor.exe
FirewallRules: [{A2F07D3A-76E2-4EAF-B45C-A52BC59EE74E}] => (Allow) E:\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{F8EC441D-3F40-4788-A95F-21BF6ED19202}] => (Allow) E:\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
FirewallRules: [{E3DAC1B9-43BF-4EB8-94FC-48EEB9AC8F9F}] => (Allow) E:\Steam\steamapps\common\FaeVerseAlchemy\FaeVerseAlchemy.exe
FirewallRules: [{439F11BE-2C0F-4ACD-9C6D-3598C7352FBB}] => (Allow) E:\Steam\steamapps\common\FaeVerseAlchemy\FaeVerseAlchemy.exe
FirewallRules: [{17E95339-3EF6-4626-9A5D-EB3522338690}] => (Allow) E:\Steam\steamapps\common\KillingFloor\System\KFEd.exe
FirewallRules: [{B7A6306D-3CD2-4D06-94F9-58BAB76BD903}] => (Allow) E:\Steam\steamapps\common\KillingFloor\System\KFEd.exe
FirewallRules: [{53B34361-08C1-428A-A1B6-CCF0D371D5B9}] => (Allow) E:\Steam\steamapps\common\Limbo\limbo.exe
FirewallRules: [{F263328F-E5C4-478C-B00B-080E494827EB}] => (Allow) E:\Steam\steamapps\common\Limbo\limbo.exe
FirewallRules: [{873B68C9-BB41-43E3-A241-3F0B51AF28D1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{53B56E07-3523-4C42-9C68-2B075C2E0A4A}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{949ECB15-C111-47AD-9B56-EB7CF5F04070}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{D71B24E8-A218-49A1-9C40-5B3F74EC8755}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{E0026D43-5EFA-44A5-B3D1-0A038B1FB885}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{7095CF9D-D5D4-4787-AD5F-0C05D92F4C75}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{62CEF1C9-E199-443D-8B32-0B16DE0A7869}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
FirewallRules: [{BBE098F3-917B-40CC-8B4C-9232B9CAF868}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{6A219DDF-FA22-40B0-BCDA-02972DFDB946}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{F46EED8E-922E-4129-981A-A5BCFAEBA239}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\mod_uploader.exe
FirewallRules: [{5E3C4E03-8EBA-45A2-AA19-343991C46DB3}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\mod_uploader.exe
FirewallRules: [{E31810B6-E548-42A2-9556-FF063CE58EEE}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{324C0FC5-F91F-4F4C-9322-58E7A4FE1E57}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound.exe
FirewallRules: [{E88CA193-08F8-44F9-AAC7-0D1A5E0EFA7A}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{3D8A4B1F-ADC2-46F3-A493-530D3910871B}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
FirewallRules: [{511B82B9-0A56-4D98-ABBB-362CBC278DE1}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{162A06FA-0FC2-4ADF-84D1-6730D6CF7E42}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
FirewallRules: [{89521BB0-DF55-46CF-9E62-C41CA967AD29}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{7322A81B-A789-4BFA-A332-9F8203F4A46B}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\starbound.exe
FirewallRules: [{F066C9B0-764E-43CD-8CA6-1DF4F261ED18}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{EAE6118B-AB2E-4477-A927-15B50748608B}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
FirewallRules: [{719A00C5-AE92-4F00-A83A-ED29E6DBCD90}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{D2A77B95-EE45-49E5-85F2-9D0927111C25}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
FirewallRules: [{6707124E-3B27-45CA-B2B0-873B942957F5}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{BE081998-A33C-4B93-AD8B-6AD6D3668860}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
FirewallRules: [{AC96E2B3-3FB2-423C-91BA-B4335C6626BB}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
FirewallRules: [{8D1D9C45-AE7F-4813-8962-56FBCC94A1FA}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name: Microsoft Virtual WiFi Miniport Adapter #7
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #8
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2016 09:00:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/06/2016 09:22:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/05/2016 08:10:23 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2016 09:37:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2016 05:53:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/02/2016 08:10:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/01/2016 08:19:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/31/2016 11:28:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/30/2016 10:05:41 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2016 11:36:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (08/07/2016 09:04:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation driver update for Intel(R) HD Graphics 4600.

Error: (08/07/2016 09:01:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (08/07/2016 09:01:31 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2 = The system cannot find the file specified.

Error: (08/07/2016 09:00:44 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!

Error: (08/06/2016 09:57:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation driver update for Intel(R) HD Graphics 4600.

Error: (08/06/2016 08:02:53 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Service Installer Wrapper TrueKey service terminated unexpectedly. It has done this 1 time(s).

Error: (08/06/2016 09:25:37 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070103: Intel Corporation driver update for Intel(R) HD Graphics 4600.

Error: (08/06/2016 09:22:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%2 = The system cannot find the file specified.

Error: (08/06/2016 09:22:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1058 = The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Error: (08/06/2016 09:22:03 AM) (Source: volmgr) (EventID: 46) (User: )
Description: Crash dump initialization failed!


CodeIntegrity:
===================================
Date: 2016-01-22 13:37:14.199
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 13:37:14.198
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 13:37:14.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 13:37:14.194
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 13:37:14.193
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

Date: 2016-01-22 13:37:14.192
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Percentage of memory in use: 31%
Total physical RAM: 16302.39 MB
Available physical RAM: 11180.13 MB
Total Virtual: 16300.58 MB
Available Virtual: 10663.01 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:103.99 GB) (Free:52.38 GB) NTFS
Drive e: (Game Drive) (Fixed) (Total:1863.01 GB) (Free:1499.56 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: E71727C5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: AEFDE666)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=260 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=104 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

And my FRST.txt: View attachment FRST.txt

Here's my aswMBR.txt: View attachment aswMBR.txt

Hm, I seem to be getting an error trying to backup the registry with that program, here's the screenshot:

And I think that's it that you're after...I will disable TeaTimer when someone replies with a fix....

Oops, just realized that typo on thread title, it should read: Please check my computer for any possible further infection.

I did not find anything alarming within these logs.

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

start
CreateRestorePoint:
CloseProcesses:
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]
SearchScopes: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000 -> DefaultScope {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL =
SearchScopes: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001 -> DefaultScope {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL =
SearchScopes: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001 -> {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL =
EmptyTemp:
End

Click to expand...

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

~~~~~~~~~~~~~~~~~~~~~~~~~

Your may need to temporarily disable your antivirus to run the below tools.

AdwCleaner

• Please download AdwCleaner and save the file to your Desktop.
• Right-click AdwCleaner.exe and select
  
  Run as administrator to run the programme.
• Follow the prompts.
• Click
  
  Scan.
• Upon completion, click
  
  Logfile. A log (AdwCleaner[S1].txt) will open. Briefly check the log for anything you know to be legitimate.
• Return to AdwCleaner. Ensure anything you know to be legitimate does not have a checkmark under the corresponding tab.
• Click
  
  Clean.
• Follow the prompts and allow your computer to reboot.
• After the reboot, a log (AdwCleaner[C1].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this programme. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[C1].txt.




======================================================



Please download Junkware Removal Tool
or from here http://downloads.malwarebytes.org/file/jrt
to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.

****
please post
Fixlog.txt
AdwCleaner[C1].txt
JRT.txt

Juliet said:

I did not find anything alarming within these logs.

Please open Notepad *Do Not Use Wordpad!* or use any other text editor than Notepad or the script will fail. (Start -> Run -> type notepad in the Open field -> OK) and copy and paste the text present inside the quote box below:
To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

Open FRST/FRST64 and press the > Fix < button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Click to expand...

Oh that's good that nothing alarming was found....anyways, here's the fixlog.txt: View attachment Fixlog.txt

Juliet said:

~~~~~~~~~~~~~~~~~~~~~~~~~

Your may need to temporarily disable your antivirus to run the below tools.

AdwCleaner.

Click to expand...

There were only two entries.......I did both just in case.....here's the contents: View attachment AdwCleaner[C1].txt

Juliet said:

======================================================



Please download Junkware Removal Tool

Click to expand...

And here it is: View attachment JRT.txt

Let's update Malwarebytes Anti-Malware and run a scan

• Open Malwarebytes
  
• On the Dashboard click on Update Now
  
• Go to the Setting Tab
  
• Under Setting go to Detection and Protection
  
• Under PUP and PUM make sure both are set to show Treat Detections as Malware
  
• Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  
• Then on the Dashboard click on Scan
  
• Make sure to select THREAT SCAN
  
• Then click on Scan
  
• Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
• If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
• Upon completion of the scan (or after the reboot), click the History tab.
• Click Application Logs, followed by the first Scan Log.
• Click Export, followed by Copy to Clipboard. Paste the log in your next reply.
  

******

What we can do now is run an online scan with Eset, a good trusted scanner, reliable and thorough.
The settings I suggest will also show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.

Ensure your external and/or USB drives are inserted during the scan.

Please disable your Antivirus as shown in the following topic: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

• Close all opened programs, open your browser and go to the following link: ESET Online Scanner.
• Click on the SCAN NOW button under ESET Online Scanner.
  
• Depending on which browser you are using, you might be prompted to download an executable file.
• Please save it to your desktop.
• Right-click on esetonlinescanner_enu.exe and select Run as administrator.
• If you agree to the Terms of use, select Accept to continue.
  
  
• Please check the following option:
  
• Enable detection of potentially unsafe applications
• Enable detection of suspicious applications
• Scan archives
• Enable Anti-Stealth technology
  
  
• Select Advanced settings and ensure that the following options are checked:
  
• Enable detection of potentially unsafe applications
• Enable detection of suspicious applications
• Scan archives
• Enable Anti-Stealth technology
  
  
• Make sure that the following option is NOT checked: => Very important!
  
  
  
• Clean threats automatically
  
  
  
• Click Scan and the process will now begin. Please do not use your computer while the scan is running.
• Once the scan is completed, click Copy to clipboard.
• Open the Start menu and type notepad.exe in the search programs and files box.
• Press Enter. A blank Notepad page should open, paste the contents inside the window.
• Save the file as ESETScan.txt.
• Please copy/paste the contents of ESETScan.txt in your next reply.
• You can now safely close the program.
  Do not forget to re-activate your Antivirus at this point.

Juliet said:

Let's update Malwarebytes Anti-Malware and run a scan

• Open Malwarebytes
  
• On the Dashboard click on Update Now
  
• Go to the Setting Tab
  
• Under Setting go to Detection and Protection
  
• Under PUP and PUM make sure both are set to show Treat Detections as Malware
  
• Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  
• Then on the Dashboard click on Scan
  
• Make sure to select THREAT SCAN
  
• Then click on Scan
  
• Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards.
• If threats are detected, click Remove Selected. If you are prompted to reboot, click Yes.
• Upon completion of the scan (or after the reboot), click the History tab.
• Click Application Logs, followed by the first Scan Log.
• Click Export, followed by Copy to Clipboard. Paste the log in your next reply.
  

Click to expand...

Here you go:
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/08/2016
Scan Time: 6:10 PM
Logfile:
Administrator: No

Version: 2.2.1.1043
Malware Database: v2016.08.08.03
Rootkit Database: v2016.05.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Electrike

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 245062
Time Elapsed: 2 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Juliet said:

******

What we can do now is run an online scan with Eset, a good trusted scanner, reliable and thorough.
The settings I suggest will also show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.
This scanner can take quite a bit of time to run, depending of course how full your computer is.

Ensure your external and/or USB drives are inserted during the scan.

Please disable your Antivirus as shown in the following topic: How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

• Close all opened programs, open your browser and go to the following link: ESET Online Scanner.
• Click on the SCAN NOW button under ESET Online Scanner.
  
• Depending on which browser you are using, you might be prompted to download an executable file.
• Please save it to your desktop.
• Right-click on esetonlinescanner_enu.exe and select Run as administrator.
• If you agree to the Terms of use, select Accept to continue.
  
  
• Please check the following option:
  
• Enable detection of potentially unsafe applications
• Enable detection of suspicious applications
• Scan archives
• Enable Anti-Stealth technology
  
  
• Select Advanced settings and ensure that the following options are checked:
  
• Enable detection of potentially unsafe applications
• Enable detection of suspicious applications
• Scan archives
• Enable Anti-Stealth technology
  
  
• Make sure that the following option is NOT checked: => Very important!
  
  
  
• Clean threats automatically
  
  
  
• Click Scan and the process will now begin. Please do not use your computer while the scan is running.
• Once the scan is completed, click Copy to clipboard.
• Open the Start menu and type notepad.exe in the search programs and files box.
• Press Enter. A blank Notepad page should open, paste the contents inside the window.
• Save the file as ESETScan.txt.
• Please copy/paste the contents of ESETScan.txt in your next reply.
• You can now safely close the program.
  Do not forget to re-activate your Antivirus at this point.

Click to expand...

Crashed whilst scanning drive E:\....and 2nd time the GUI just turns white and freezes........at least I took a screenshot or two on 2nd run to show where it was at before it fails. View attachment 12628

While it was scanning C drive can you recall if it had said it had found anything.?

let's try the same scan but in a different way

Also, please tell me how the computer is at the moment.

[font=helvetica, sans-serif]Please download [/font][font=helvetica, sans-serif]Emsisoft Emergency Kit[/font][font=helvetica, sans-serif] and save it to your desktop.
Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop.

• Leave all settings as they are and click the Extract button at the bottom.
• A folder named EEK will be created in the root of the drive (usually c:\).[/font]

• [font=helvetica, sans-serif]After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.[/font]
• [font=helvetica, sans-serif]The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates.
• Please click Yes so that it downloads the latest database updates.[/font]
• [font=helvetica, sans-serif]When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.[/font]
• [font=helvetica, sans-serif]Click on Scan to be taken to the scan options.
• If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.[/font]
• [font=helvetica, sans-serif]Click on the Malware Scan button to start the scan.[/font]
  when finished, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.[/font]
• [font=helvetica, sans-serif]Please save the log in Notepad on your desktop, and copy it to your next reply.[/font]
• [font=helvetica, sans-serif]When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.[/font]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Juliet said:

While it was scanning C drive can you recall if it had said it had found anything.?

Click to expand...

Ah yes it did, those four items it found were on the C:\ drive, nothing wa

Juliet said:

let's try the same scan but in a different way

Also, please tell me how the computer is at the moment.

Click to expand...

It appears to be fine, though right before I started the ESET scan for the first time, most of my toolbar icons on the taskbar disappeared.....I'm guessing JRT did that or perhaps it was just a coincident that they all crashed. The only thing that didn't disappear was KIS 2016, Bluetooth, power, action center and the network icons; but I had to pause the protection like you said so ESET can do its scan without any hassle from it.

Juliet said:

[font=helvetica, sans-serif]Please download [/font][font=helvetica, sans-serif]Emsisoft Emergency Kit[/font][font=helvetica, sans-serif] and save it to your desktop.
Double click on the EmsisoftEmergencyKit file you downloaded to extract its contents and create a shortcut on the desktop.

• Leave all settings as they are and click the Extract button at the bottom.
• A folder named EEK will be created in the root of the drive (usually c:\).[/font]

• [font=helvetica, sans-serif]After extraction please double-click on the new Start Emsisoft Emergency Kit icon on your desktop.[/font]
• [font=helvetica, sans-serif]The first time you launch it, Emsisoft Emergency Kit will recommend that you allow it to download updates.
• Please click Yes so that it downloads the latest database updates.[/font]
• [font=helvetica, sans-serif]When the update process is complete, a new button will appear in the lower-left corner that says Back. Click on this button to return to the Overview screen.[/font]
• [font=helvetica, sans-serif]Click on Scan to be taken to the scan options.
• If you are asked if you want the scanner to scan for Potentially Unwanted Programs, then click Yes.[/font]
• [font=helvetica, sans-serif]Click on the Malware Scan button to start the scan.[/font]
  when finished, click the View report button in the lower-right corner, and the scan log will be opened in Notepad.[/font]
• [font=helvetica, sans-serif]Please save the log in Notepad on your desktop, and copy it to your next reply.[/font]
• [font=helvetica, sans-serif]When you close Emsisoft Emergency Kit, it will give you an option to sign up for a newsletter. This is optional, and is not necessary for the malware removal process.[/font]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Click to expand...

Emsisoft Emergency Kit - Version 11.0
Last update: 9/08/2016 8:32:39 AM
User account: Raikou\Manectric

Scan settings:

Scan type: Malware Scan
Objects: Rootkits, Memory, Traces, Files

Detect PUPs: On
Scan archives: Off
ADS Scan: On
File extension filter: Off
Advanced caching: On
Direct disk access: Off

Scan start: 9/08/2016 8:33:25 AM
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TASKMGR.EXE -> DEBUGGER detected: SecHijack (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TASKMGR.EXE -> DEBUGGER detected: SecHijack (A)

Scanned 72731
Found 2

Scan end: 9/08/2016 8:33:47 AM
Scan time: 0:00:22

Nnewb said:

Ah yes it did, those four items it found were on the C:\ drive, nothing wa

Click to expand...

ooops, looks like I didn't finish that sentence off: . . . was found on drive E:\ before it crashed/froze

I think we're doing pretty good here, how's the computer now?

For the icons

Tweaking.com - Windows Repair All-In-One (Portable)

- Download Windows Repair All-In-One (Portable Version) from here.

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here.
- Right click on and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.


- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk.


- Go to Step 4, then click Do It.


- Go to Step 5. Under System Restore click Create.


- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.

Juliet said:

I think we're doing pretty good here, how's the computer now?

Click to expand...

It's fine thanks. ☺ Though still would like to know what those four threats ESET found on the C drive........

Juliet said:

For the icons

Click to expand...

Yeah after I shutdown the lappy down for the day and booted it up the next morning, the icons returned so I guess it was a one off thing...weird.... So I suppose I don't need to do all this....

Oh yeah forgot to add this, did you want me to quarantine or delete the "SecHijack (A)" that was found after EMSISOFT finished the scan....? Um, I guess I'll just quarantine it for now.

Nnewb said:

Oh yeah forgot to add this, did you want me to quarantine or delete the "SecHijack (A)" that was found after EMSISOFT finished the scan....? Um, I guess I'll just quarantine it for now.

Click to expand...

Probably not necessary.

the IFEO key is used to force a program to run under a debugger regardless of how it is launched. Security scanners cannot distinguish between "good" and "malicious" use of powerful programs such as GMP, therefore they may alert you or even automatically remove them. That does not mean it's malware.
because some infections use that to prevent you from running certain programs (such as anti-virus software)

Looks like we can remove tools and quarantine folders now?

Juliet said:

Probably not necessary.

the IFEO key is used to force a program to run under a debugger regardless of how it is launched. Security scanners cannot distinguish between "good" and "malicious" use of powerful programs such as GMP, therefore they may alert you or even automatically remove them. That does not mean it's malware.
because some infections use that to prevent you from running certain programs (such as anti-virus software)

Click to expand...

Oh well I noticed when I did that, Process Explorer no longer shows when I open Task Manager, but the default windows one. Well I fixed that by making Process Explorer the default Task Manager again. ☺

Juliet said:

Looks like we can remove tools and quarantine folders now?

Click to expand...

Yep, tell me which to remove an which to quarantine.

DelFix

• Please download DelFix or from Here and save the file to your Desktop.
• Double-click DelFix.exe to run the programme.
• Place a checkmark next to the following items:
• Activate UAC
• Remove disinfection tools
• Click the Run button.
• -- This will remove the specialized tools we used to disinfect your system.
  Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

************************************

• Answers to common security questions - Best Practices by quietman7, MVP
• How Malware Spreads - How did I get infected? by quietman7, MVP
• Simple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVP
• How to Prevent Malware by miekiemoes, MVP
• How to backup and restore your data using Cobian Backup by YourHighness
• Slow Computer/browser? It May Not Be Malware by quietman7, MVP

• AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
• 
  CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
• 
  Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
• 
  Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
• 
  NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
• Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
• 
  Secunia PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
• 
  SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
• 
  Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.
• 
  Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.
  

Want to help others? Join the ClassRoom and learn how.

Juliet said:

DelFix

• Please download DelFix or from Here and save the file to your Desktop.
• Double-click DelFix.exe to run the programme.
• Place a checkmark next to the following items:
• Activate UAC
• Remove disinfection tools
• Click the Run button.
• -- This will remove the specialized tools we used to disinfect your system.
  Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete).

Click to expand...

Virustotal says it found a trojan? I'm guessing these are false positives? Well I've let those three companies know and hopefully add it to their whitelist if they deem it trojan free.

I can't just uninstall the programs myself without using DelFix? I do have Revo Uninstaller Pro which is a much respected complete uninstaller for anything that's installed....

Juliet said:

************************************

• Answers to common security questions - Best Practices by quietman7, MVP
• How Malware Spreads - How did I get infected? by quietman7, MVP
• Simple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVP
• How to Prevent Malware by miekiemoes, MVP
• How to backup and restore your data using Cobian Backup by YourHighness
• Slow Computer/browser? It May Not Be Malware by quietman7, MVP

• AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads.
• 
  CryptoPrevent places policy restrictions on loading points for ransomware (eg. CryptoWall), helping prevent the execution of malware.
• 
  Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software.
• 
  Malwarebytes Anti-Malware Premium (MBAM) works in real-time along side your Anti-Virus to prevent malware execution.
• 
  NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology.
• Sandboxie isolates programmes of your choice, preventing files from being written to your HDD unless approved by you.
• 
  Secunia PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you.
• 
  SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies.
• 
  Unchecky automatically removes checkmarks for bunlded software in programme installers; helping you avoid adware and PUPs.
• 
  Web of Trust (WOT) is a browser add-on designed to alert you before interacting with a potentially malicious website.
  

Want to help others? Join the ClassRoom and learn how.

Click to expand...

I thought the programs I already have can protect against ransomeware...? So apparently I need CryptoPrevent for the ransomeware part because none of the security software I have installed can detect and delete these kinds of malware? I once had KIS 2016 detect a Crypto infection whilst none of the other programs(Malwarebytes, SUPERAntiSpyware and Spybot) could detect and remove.

I used to have Anti-Exploit running, but gave up on that idea because I didn't want to bloat my system with unnecessary security programs....

Already got Malwarebytes, NoScript, Sandboxie, Spywareblaster and WOT. Unchecky sounds like an unecessary program to have, so does adblock because Noscript pretty much does that too and more.... As for Secunia PSI, KIS 2016 has a vulnerability scan integrated with its security suite, so yeah...

As for the rest of the links, hmmm interesting reads.....

Virustotal says it found a trojan? I'm guessing these are false positives? Well I've let those three companies know and hopefully add it to their whitelist if they deem it trojan free.

I can't just uninstall the programs myself without using DelFix? I do have Revo Uninstaller Pro which is a much respected complete uninstaller for anything that's installed....

Click to expand...

Found a trojan where?

You can uninstall the programs yourself without using DelFix.

http://users.telenet.be/bluepatchy/miekiemoes/Links.html#Online Scanners

^ Needs to be updated, ESET isn't on there as an online scanner Or maybe it doesn't do full system scans and is just a quickie?

Online Armor is no longer viable because Tall Emu got bought out and then Emisoft or whoever it is(Emsisoft that's the one, I just googled Online Armor), took over and then dumped it altogether. Shame really, I liked the HIPS feature of it; at the time of it's life, I was about to grab a lifetime license for it, but forgot about it and then later find that it got bought out and then eventually dumped altogether)

Yeah no there's lots of stuff to update that page on whoever owns the page because it's outdated.... Also some of the links you provided linked me to other page(s) which links to other info which are no either dead or nonexistent, which is shame because I was gonna follow up on some of those stuff....

Juliet said:

Found a trojan where?

You can uninstall the programs yourself without using DelFix.

Click to expand...

Here: https://www.virustotal.com/en/file/...e0722585cbab2d56d2ad2d9c/analysis/1470900766/ I hyperlinked it with the word virustotal, I guess you must have overlooked it. Here's a screenshot of it:


Also you never told me why I can't(or shouldn't according to the quote) run said programs in the downloads folder or the temp folder.....is it because it's easier to keep track? If not please explain, because usually I just put them in an empty folder which in my eyes is easier to keep track....and my downloads folder is usually empty.......

And the other one about the All Users check here(which doesn't exist): which needs to be fixed up because it's still there....I'm guessing it used to be there from previous versions of the program?

Nnewb said:

http://users.telenet.be/bluepatchy/miekiemoes/Links.html#Online Scanners

^ Needs to be updated, ESET isn't on there as an online scanner Or maybe it doesn't do full system scans and is just a quickie?
Online Armor is no longer viable because Tall Emu got bought out and then Emisoft or whoever it is(Emsisoft that's the one, I just googled Online Armor), took over and then dumped it altogether. Shame really, I liked the HIPS feature of it; at the time of it's life, I was about to grab a lifetime license for it, but forgot about it and then later find that it got bought out and then eventually dumped altogether)
Yeah no there's lots of stuff to update that page on whoever owns the page because it's outdated.... Also some of the links you provided linked me to other page(s) which links to other info which are no either dead or nonexistent, which is shame because I was gonna follow up on some of those stuff....
Here: https://www.virustotal.com/en/file/...e0722585cbab2d56d2ad2d9c/analysis/1470900766/ I hyperlinked it with the word virustotal, I guess you must have overlooked it. Here's a screenshot of it:
View attachment 12629
Also you never told me why I can't(or shouldn't according to the quote) run said programs in the downloads folder or the temp folder.....is it because it's easier to keep track? If not please explain, because usually I just put them in an empty folder which in my eyes is easier to keep track....and my downloads folder is usually empty.......
And the other one about the All Users check here(which doesn't exist):View attachment 12634 which needs to be fixed up because it's still there....I'm guessing it used to be there from previous versions of the program?

Click to expand...

I'll try to get in contact with the web owner to update that page.

~~
Virus total has done this to the tool before and I can assure you it's a false positive.
I've run it on my own machine and I can confirm this.

~~~~
Running tools from a temp folder can run into trouble, we most often direct the tool(s) through specialized scripts to empty temp folders thus anything needed for backup or some other function would be lost.
Now, running from a specialized folder can be used but, in most users they don't always know how or understand to do this or would be lost trying to run or locate FRST to that designated folder.
~~~
All Users check did at one time have a button on the innerface of the tool but since has been updated with the most current version.
There are those who downloaded and used FRST in the past that still have the tool on their computers and would see this. But, not recommended to not uninstall/delete the tool when cleaned.

Juliet said:

I'll try to get in contact with the web owner to update that page.

~~
Virus total has done this to the tool before and I can assure you it's a false positive.
I've run it on my own machine and I can confirm this.

~~~~
Running tools from a temp folder can run into trouble, we most often direct the tool(s) through specialized scripts to empty temp folders thus anything needed for backup or some other function would be lost.
Now, running from a specialized folder can be used but, in most users they don't always know how or understand to do this or would be lost trying to run or locate FRST to that designated folder.
~~~

Click to expand...

Ah ok.

Juliet said:

All Users check did at one time have a button on the innerface of the tool but since has been updated with the most current version.
There are those who downloaded and used FRST in the past that still have the tool on their computers and would see this. But, not recommended to not uninstall/delete the tool when cleaned.

Click to expand...

Well perhaps make a note on it stating on later release, you may not see the All Users checkbox, in which case you can ignore it...?

So I've been following along and reading these various articles you've linked me to. One of which was (when I eventually got) was speeding up Firefox, it says to look for this entry: browser.tabs.showSingleWindowModePrefs but such entry doesn't exist or no longer exist, so how does one follow this guide if it doesn't exist? The other two entries: network.http.pipelining and network.http.pipelining.maxrequests exist so I am able to change those values.

Ok, so I've started to make use of group policy settings(from reading the linked articles of course), how does this look? Check the attachment for the screenshot.View attachment 12635 Anything needs to change or add to it so I am more proactively protected from virus and malware? I notice VSSAdmin.exe is optional which doesn't really do much if you're not making use of system restore or any of that kind of stuff, like me as it's completely disabled to save space as I'm only on a 128GB SSD. All virus and malware can do to it is make it remove all restoration points, but since I don't have any and it's disabled, it's effectively mute....hahahaha

I do make use of 'principle of least privilege'(unfortunately this doesn't really work well with windows XP as some legitimate programs/games throw a fit if you're not an admin so I guess I'll stay as admin but at least enforce the same group policy settings I have for my lappy?) so I only get access to stuff I usually want to access and no more so if a virus/malware does somehow get a hold of my account, I'm only on a limited account so all it can do is what all I can do, unless I accidentally give it admin privileges from a legitimate looking executable file....such as said game trainer......I'm still a bit confused as it shouldn't really need admin access to alter a game's memory.....speaking of which, hows the analyses going? Or are you guys completely different to the person on the other end of detections @ spybot.info that I submitted the zipped file to?

So in on of the posts, it says: View attachment 12636 I have Auslogics Boostspeed(and AVG PC Tuneup 2012 another program I've used in the past), and this program falls under that right, since it apparently also has a memory manager/optimizer/registry cleaner of sorts with it? So they are just a gimmick then? So I shouldn't really bother with these stuff and just be fine with only Ccleaner and a program to defrag HDDs and that's it for any cleaning and optimization? I remember reading something that it says it will just push those programs from memory into pagefile system, but if you don't have that(mine's disabled)....where does the memory allocation go to?

The other tools from Boostspeeds are convenient at times, such as Disk Defrag, Startup Manager, Tweak Manager, Locked Files Manager, Uninstall Manager(used to use this but Revo replaces this as it's superior), and Internet Optimizer. So what about registry defrag, is that another unneeded optimization?

I would have thought an optimization program like BoostSpeed is just a more comprehensive version of Ccleaner takes off where Ccleaner leaves as it would appear that BoostSpeeds picks up some more stuff that Ccleaner is wasn't able to pick up.

My usual routine I used to follow but don't anymore or not as much now (coz I'm lazy! ) was this:

>Scan computer for virus/malware
>Clean with Ccleaner
>Further clean and optimize with BoostSpeed/PC TuneUp (which ever is installed)
> Backup/move files/folders now that you they are virus/malware free
>Profit

Hm, I have a question about using online scanners like that ESET one you wanted me to do; some people have suggested it's best ot be 100% offline and *then* scan for possible viruses and malware. So by having your computer connected and letting the online scanner do it's job, wouldn't any virus/malware that are active could very well have started to do some damage or phone home and then do some damage in some way whilst you're scanning? Is that a risk that the user has to take...? For example, say I get infected with Cryptolocker or something of this caliber, and I am still connected so ESET can do it's scan, so CryptoLocker goes around, encrypting all my files and then gets to the scanner and screws it up somehow, by forcing it to crash or just fail and then afterwards, it finishes off the computers whilst I am being confused as to what has happened, besides knowing ESET online scanner failed to scan the entire computer.

Another question, should I use MVPS' HOSTS file or just keep using my own? Do take note that Spyware Blaster, Spybot Search and Destory and possibly other programs I have and myself included may have added additional entries to my own HOSTS file.

And lastly but not lease: Is my computer now confirmed to be virus/malware free?