Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Graphics..i guess and context menu.


  • Please log in to reply
16 replies to this topic

#1 Andrew87

Andrew87

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 05 May 2017 - 12:25 PM

once and awhile when i right click for the context menu it sometimes doesn't show up, now i've deleted things, uninstalled things and generally screwed around with the systems contents to get a faster, more functioning computer. This probably is the reason the context menu is buggy and some file explorer moments are slower, i highly doubt i need a new mouse given i haven't had it that long and right clicking works 90% of the time.

 

There was a time when i started the pc and before the password login it goes pitch black with the mouse icon, then it loads the screen properly, then once i type the password, i'm greeted with another blank screen, the taskbar glitches into view, thumbnails load the picture on it one at a time, and i have to wait at least 5-10 minutes before firefox decides to show up after clicking it.

 

for speed i uninstalled some functions of nvidia like 3d vision etc since it's mainly the graphics driver, i don't use it beyond that, but i think i uninstalled one too many as there's now no control panel and no way to update it. i try to scan from the site but says i need to update my java, i can't do this apparently since my firefox is 64-bit and doesn't work with the common java 32 bit version everyone else uses, gave up trying to install that version from the java site.

 

i have a program called shexview to disable things in the context menu, disabled the view on microsoft things and disabled some 3rd party stuff, i don't think it made a difference but what's interesting is that it says "NVIDIA CPL Context Menu Extension" is missing, i have no idea how to recover or get that, no doubt related to those removed programs but maybe i can get it seperately.

 

Not sure if related but firefox is slower recently, i really should keep a track of what i'm doing, but i recently refreshed firefox, installing all the addons again. Whenever i add multiple tabs that have videos or pictures, youtube and other video sites stutter, even though in the past this barely affected it. 

 

Is there a way to know if the local disk or other components are on their way out?

 

Am i making a thread too soon from my last one? I'm not sure if there's a time frame before making another.



BC AdBot (Login to Remove)

 


#2 Andrew87

Andrew87
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 07 May 2017 - 04:05 PM

Can't this thread for some reason, but i get this messege when i try to instal lthe latest version of Java for the smart scan on Nvidia.

"We have detected you are using the 64-bit version of Firefox which will not run the Java plugin from this browser. More info"
and i have no clue where to go from here, i've even installed the offline 64-bit version and this messege still shows up.

i've backed up my pc on an eternal drive, so i could fully restore the pc, but unsure if i should, i don't know

what it'll remove or what i'll have to start over, or even how to do it correctly.



#3 Andrew87

Andrew87
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 28 May 2017 - 08:18 AM

I am to assume that this thread has no action is because of the appauling title, iw ish to remove this thread but don't have the power to do so. I wish to make a new thread with more focus.and a clear problem. I hope the new thread has some traction because my usual tech guy no longer works, so this site is all i have left.



#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,106 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:07 PM

Posted 28 May 2017 - 08:57 AM

Please download MiniToolBox  , save it to your desktop and run it.
 
Checkmark the following checkboxes:
  List last 10 Event Viewer log
  List Installed Programs
  List Users, Partitions and Memory size.
 
Click Go and paste the content into your next post.
 
Also...please Publish a Snapshot using Speccy taking care to post the link of the snapshot in your next post.

   Go to Piriform's website, and download the free version on the left.  Click Download from Piriform.com (the FileHippo link requires an extra click). Or if you want to use a portable version of Speccy (which doesn't require installation), click the builds page link and download the portable version. You will now be asked where you want to save the file. The best place to put it is the Desktop, as it will be easy to find later.

    After the file finishes downloading, you are ready to run Speccy. If you downloaded the installer, simply double-click on it and follow the prompts until installation is complete. If you downloaded the portable version, you will need to unzip it before use. Right-click the ZIP file and click Extract all. Click Next. Open up the extracted folder and double-click on Speccy.
 
     Once inside Speccy, it will look similar to this (with your computer's specifications, of course):
 
post-33068-0-86653600-1480692866_thumb.j

     Now, at the top, click File > Publish Snapshot.

     Click Yes > then Copy to Clipboard

Now, once you are back in the forum topic you are posting in, click the ADD REPLY or REPLY TO THIS TOPIC button. Right-click in the empty space of the Reply box and click Paste. Then, click Add Reply below the Reply box.

Louis



#5 Andrew87

Andrew87
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 29 May 2017 - 04:03 PM

http://speccy.piriform.com/results/AEzUKoJnTv6xZRyo3y4a67n

 


Edited by Andrew87, 30 May 2017 - 05:10 AM.


#6 hamluis

hamluis

    Moderator


  • Moderator
  • 56,106 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:07 PM

Posted 29 May 2017 - 04:08 PM

Please...follow the instructions...and paste the MTB data...into your next post.  You failed to attach it.

 

Louis



#7 Andrew87

Andrew87
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 30 May 2017 - 05:10 AM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by Andrew (administrator) on 29-05-2017 at 21:57:18
Running from "C:\Users\Andrew\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: H61M-S2PV Manufacturer: Gigabyte Tecohnology Co., Ltd.

Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/28/2017 07:00:02 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).


Error: (05/23/2017 01:47:44 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.

Error: (05/23/2017 01:47:44 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/23/2017 01:47:37 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service ASP.NET_4.0.30319 (ASP.NET_4.0.30319) failed. The first DWORD in the Data section contains the error code.

Error: (05/23/2017 01:47:37 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/23/2017 01:47:22 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.

Error: (05/23/2017 01:47:22 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/23/2017 01:47:13 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service aspnet_state (ASP.NET State Service) failed. The first DWORD in the Data section contains the error code.

Error: (05/23/2017 01:47:13 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/23/2017 01:47:05 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service ASP.NET_4.0.30319 (ASP.NET_4.0.30319) failed. The first DWORD in the Data section contains the error code.

System errors:
=============
Error: (05/23/2017 06:14:31 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  %%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (05/23/2017 06:14:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/23/2017 03:45:51 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (05/22/2017 09:47:37 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:  %%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (05/22/2017 09:47:37 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/21/2017 10:52:34 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (05/21/2017 10:52:34 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/19/2017 02:01:19 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 = The service did not respond to the start or control request in a timely fashion.

Error: (05/19/2017 02:01:19 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/19/2017 12:03:14 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: %%1053 = The service did not respond to the start or control request in a timely fashion.

Microsoft Office Sessions:
=========================
Error: (05/28/2017 07:00:02 PM) (Source: Windows Backup)(User: )
Description: F:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (05/23/2017 01:47:44 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: ASP.NETASP.NET8F20300004D070000

Error: (05/23/2017 01:47:44 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2017 01:47:37 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: ASP.NET_4.0.30319ASP.NET_4.0.303198F20300004D070000

Error: (05/23/2017 01:47:37 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2017 01:47:22 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: ASP.NETASP.NET8F20300004D070000

Error: (05/23/2017 01:47:22 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2017 01:47:13 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: aspnet_stateASP.NET State Service8F20300004D070000

Error: (05/23/2017 01:47:13 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2017 01:47:05 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: ASP.NET_4.0.30319ASP.NET_4.0.303198F20300004D070000

CodeIntegrity Errors:
===================================
  Date: 2016-12-17 10:50:29.377
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 10:50:29.327
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 10:50:20.366
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 10:50:20.312
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 09:12:13.688
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 09:11:51.267
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 09:11:34.207
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 09:11:34.159
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 08:59:18.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 08:59:18.845
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

=========================== Installed Programs ============================
7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Discord (HKCU\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
dupeGuru (HKLM\...\{C11DACBD-8863-4AA4-94AD-708602F6F7EF}) (Version: 3.9.1 - Hardcoded Software)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.1.2 - )
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HF pAppLoc version 1.2 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.2 - Inquisitor)
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAV Filters 0.65 (HKLM-x32\...\lavfilters_is1) (Version: 0.65 - Hendrik Leppkes)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MFZ0 codec (Remove Only) (HKLM-x32\...\MFZ0CODEC) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 53.0.3 (x64 en-GB) (HKLM\...\Mozilla Firefox 53.0.3 (x64 en-GB)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Project64 version 2.3.2.202 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.2.202 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6511 - Realtek Semiconductor Corp.)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Tetris (HKLM-x32\...\{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1) (Version: 1.71 - Crystal Office Systems)
Twine 2.0.11 (remove only) (HKLM-x32\...\Twine2) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WMP12 maximize fix 1.0 (HKLM-x32\...\{C91779A3-FA57-49EE-9E9A-5409FB33270A}_is1) (Version:  - Dead:Code)
YTD Video Downloader 5.8.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.2 - GreenTree Applications SRL)

========================= Memory info: ===================================
Percentage of memory in use: 39%
Total physical RAM: 8156.22 MB
Available physical RAM: 4941.6 MB
Total Virtual: 16310.63 MB
Available Virtual: 12936.64 MB

========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:172.49 GB) NTFS

========================= Users: ========================================
User accounts for \\ANDREW-PC

Administrator            Andrew                   Guest                    


**** End of log ****


Edited by hamluis, 30 May 2017 - 07:39 AM.


#8 hamluis

hamluis

    Moderator


  • Moderator
  • 56,106 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:08:07 PM

Posted 30 May 2017 - 07:47 AM

You have Chrome processes that run over 2GB of RAM peak usage...where the norm for a browser would be a max of 300-500MB.

 

YTD Video Downloader is flagged by some as malware or PUP.

 

I am moving topic to Am I Infected for a malware check.

 

Louis



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:07 PM

Posted 30 May 2017 - 11:50 AM

Hi, please run these.
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
cvMlKv6.pngESET Online Scanner
  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Andrew87

Andrew87
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 30 May 2017 - 01:39 PM

Currently waiting for ESET scanner to finish, ADwCleaner found things that i have no problem deleting, i can still show you the results if you want, i can't seem to get the junkware removal tool to validate the restore point, it finds it but it gives me the error of 0x80070002 can i do it anyway? I figure it might be doing something irreversible if it needs a restore point.

 

edit:It's finished, it cleaned/deleted whatever it found, so how do i attach things? I don't think i have the ability to anymore, do i just post all the logs in one post? Alright.


Edited by Andrew87, 30 May 2017 - 04:32 PM.


#11 Andrew87

Andrew87
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 30 May 2017 - 04:49 PM

ESETScanner

C:\Users\Andrew\Downloads\spsetup130.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    cleaned by deleting
C:\Users\Andrew\Downloads\game\VN\MGQ Parts 1-3 100% Translated\mod\Spirits\Messenger Plus! Live 5.00.702.zip    a variant of Win32/MessengerPlus.A potentially unwanted application    deleted
C:\Users\Andrew\Downloads\game\VN\MGQ Parts 1-3 100% Translated\mod\Spirits\Setup-MsgPlus-511.exe    a variant of Win32/MessengerPlus.A potentially unwanted application    deleted


# AdwCleaner v6.047 - Logfile created 30/05/2017 at 18:24:50
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-30.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Andrew - ANDREW-PC
# Running from : C:\Users\Andrew\Downloads\AdwCleaner.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found:  C:\Users\Andrew\AppData\Local\MalwareProtectionLive
Folder Found:  C:\ProgramData\ytd video downloader
Folder Found:  C:\ProgramData\Application Data\ytd video downloader
Folder Found:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Folder Found:  C:\Program Files (x86)\GreenTree Applications
Folder Found:  C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService


***** [ Files ] *****

File Found:  C:\Users\Andrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YTD Video Downloader.lnk
File Found:  C:\Windows\SysNative\LavasoftTcpService64.dll
File Found:  C:\Windows\SysNative\LavasoftTcpServiceOff.ini
File Found:  C:\Windows\SysWOW64\lavasofttcpservice.dll
File Found:  C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Key Found:  HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
Key Found:  HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Key Found:  HKLM\SOFTWARE\Lavasoft\Web Companion
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Key Found:  HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Key Found:  HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
Chrome pref Found:  [C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Web data] - uk.ask.com
Chrome pref Found:  [C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - pilplloabdedfmialnfchjomjmpjcoej
Chrome pref Found:  [C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences ] - hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_tchfld_15_51&param1=1&param2=f%3

[!] You may need to disable the Chrome synchronization from your Google account in order to fully remove the malicious preferences. Please consult this Google help: https://support.google.com/chrome/answer/3097271?hl=en [!]


*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [3516 Bytes] - [30/05/2017 18:02:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [3436 Bytes] - [30/05/2017 18:24:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3509 Bytes] ##########



MiniToolBox by Farbar  Version: 17-06-2016
Ran by Andrew (administrator) on 30-05-2017 at 17:53:41
Running from "C:\Users\Andrew\Downloads"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: H61M-S2PV Manufacturer: Gigabyte Tecohnology Co., Ltd.
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================
127.0.0.1    www.007guard.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    www.1001namen.com
127.0.0.1    www.100888290cs.com
127.0.0.1    www.100sexlinks.com
127.0.0.1    www.10sek.com
127.0.0.1    www.1-2005-search.com
127.0.0.1    www.123fporn.info
127.0.0.1    www.123haustiereundmehr.com
127.0.0.1    123moviedownload.com
127.0.0.1    www.123moviedownload.com
127.0.0.1    www.123simsen.com
127.0.0.1    www.123topsearch.com
127.0.0.1    www.125sms.co.uk
127.0.0.1    www.125sms.com
127.0.0.1    www.132.com
127.0.0.1    www.1337crew.info
127.0.0.1    www.1337-crew.to
127.0.0.1    1337-crew.to
127.0.0.1    www.136136.net
127.0.0.1    150freesms.de
127.0.0.1    www.150freesms.de

There are 15591 entries.

========================= IP Configuration: ================================

Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Andrew-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home
   System Quarantine State . . . . . : Not Restricted


Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physical Address. . . . . . . . . : 50-E5-49-15-A0-54
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2a02:c7d:bf75:8a00:b124:4e50:8f65:57cb(Preferred)
   IPv6 Address. . . . . . . . . . . : fd5f:cc16:234b:0:b124:4e50:8f65:57cb(Preferred)
   Temporary IPv6 Address. . . . . . : 2a02:c7d:bf75:8a00:6c0e:86f7:9c4e:912e(Preferred)
   Temporary IPv6 Address. . . . . . : fd5f:cc16:234b:0:6c0e:86f7:9c4e:912e(Preferred)
   Link-local IPv6 Address . . . . . : fe80::b124:4e50:8f65:57cb%10(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.5(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 30 May 2017 10:08:59
   Lease Expires . . . . . . . . . . : 31 May 2017 10:08:59
   Default Gateway . . . . . . . . . : fe80::7e4c:a5ff:fe7c:b3e0%10
                                       192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 173073737
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1D-87-22-EB-50-E5-49-15-A0-54
   DNS Servers . . . . . . . . . . . : fd5f:cc16:234b:0:7e4c:a5ff:fe7c:b3e0
                                       192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{8BA84F0C-EE17-4C44-B9AA-30E6ABCF7648}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  fd5f:cc16:234b:0:7e4c:a5ff:fe7c:b3e0

Name:    google.com
Addresses:  2a00:1450:4009:80c::200e
      216.58.204.14
      216.58.204.14
      216.58.204.14


Pinging google.com [2a00:1450:4009:80c::200e] with 32 bytes of data:
Reply from 2a00:1450:4009:80c::200e: time=27ms
Reply from 2a00:1450:4009:80c::200e: time=28ms

Ping statistics for 2a00:1450:4009:80c::200e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 27ms, Maximum = 28ms, Average = 27ms
Server:  UnKnown
Address:  fd5f:cc16:234b:0:7e4c:a5ff:fe7c:b3e0

Name:    yahoo.com
Addresses:  2001:4998:44:204::a7
      2001:4998:58:c02::a9
      2001:4998:c:a06::2:4008
      98.139.183.24
      98.138.253.109
      206.190.36.45


Pinging yahoo.com [2001:4998:44:204::a7] with 32 bytes of data:
Request timed out.
Reply from 2001:4998:44:204::a7: time=121ms

Ping statistics for 2001:4998:44:204::a7:
    Packets: Sent = 2, Received = 1, Lost = 1 (50% loss),
Approximate round trip times in milli-seconds:
    Minimum = 121ms, Maximum = 121ms, Average = 121ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...50 e5 49 15 a0 54 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.5     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.5    276
      192.168.0.5  255.255.255.255         On-link       192.168.0.5    276
    192.168.0.255  255.255.255.255         On-link       192.168.0.5    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.5    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.5    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 10    276 ::/0                     fe80::7e4c:a5ff:fe7c:b3e0
  1    306 ::1/128                  On-link
 10     28 2a02:c7d:bf75:8a00::/64  On-link
 10    276 2a02:c7d:bf75:8a00:6c0e:86f7:9c4e:912e/128
                                    On-link
 10    276 2a02:c7d:bf75:8a00:b124:4e50:8f65:57cb/128
                                    On-link
 10     28 fd5f:cc16:234b::/64      On-link
 10    276 fd5f:cc16:234b:0:6c0e:86f7:9c4e:912e/128
                                    On-link
 10    276 fd5f:cc16:234b:0:b124:4e50:8f65:57cb/128
                                    On-link
 10    276 fe80::/64                On-link
 10    276 fe80::b124:4e50:8f65:57cb/128
                                    On-link
  1    306 ff00::/8                 On-link
 10    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/28/2017 07:00:02 PM) (Source: Windows Backup) (User: )
Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (05/23/2017 01:47:44 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.

Error: (05/23/2017 01:47:44 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/23/2017 01:47:37 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service ASP.NET_4.0.30319 (ASP.NET_4.0.30319) failed. The first DWORD in the Data section contains the error code.

Error: (05/23/2017 01:47:37 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/23/2017 01:47:22 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service ASP.NET (ASP.NET) failed. The first DWORD in the Data section contains the error code.

Error: (05/23/2017 01:47:22 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/23/2017 01:47:13 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service aspnet_state (ASP.NET State Service) failed. The first DWORD in the Data section contains the error code.

Error: (05/23/2017 01:47:13 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (05/23/2017 01:47:05 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service ASP.NET_4.0.30319 (ASP.NET_4.0.30319) failed. The first DWORD in the Data section contains the error code.


System errors:
=============
Error: (05/23/2017 06:14:31 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (05/23/2017 06:14:31 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/23/2017 03:45:51 AM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.

Error: (05/22/2017 09:47:37 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (05/22/2017 09:47:37 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/21/2017 10:52:34 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (05/21/2017 10:52:34 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/19/2017 02:01:19 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.


Error: (05/19/2017 02:01:19 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (05/19/2017 12:03:14 PM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.



Microsoft Office Sessions:
=========================
Error: (05/28/2017 07:00:02 PM) (Source: Windows Backup)(User: )
Description: F:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (05/23/2017 01:47:44 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: ASP.NETASP.NET8F20300004D070000

Error: (05/23/2017 01:47:44 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2017 01:47:37 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: ASP.NET_4.0.30319ASP.NET_4.0.303198F20300004D070000

Error: (05/23/2017 01:47:37 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2017 01:47:22 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: ASP.NETASP.NET8F20300004D070000

Error: (05/23/2017 01:47:22 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2017 01:47:13 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: aspnet_stateASP.NET State Service8F20300004D070000

Error: (05/23/2017 01:47:13 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2017 01:47:05 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT AUTHORITY)
Description: ASP.NET_4.0.30319ASP.NET_4.0.303198F20300004D070000


CodeIntegrity Errors:
===================================
  Date: 2016-12-17 10:50:29.377
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 10:50:29.327
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 10:50:20.366
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 10:50:20.312
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 09:12:13.688
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 09:11:51.267
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 09:11:34.207
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 09:11:34.159
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 08:59:18.901
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.

  Date: 2015-12-08 08:59:18.845
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\EqualizerAPO\EqualizerAPO.dll because the set of per-page image hashes could not be found on the system.


=========================== Installed Programs ============================

7-Zip 15.07 beta (x64) (HKLM\...\7-Zip) (Version: 15.07 - Igor Pavlov)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 25 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Discord (HKCU\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
dupeGuru (HKLM\...\{C11DACBD-8863-4AA4-94AD-708602F6F7EF}) (Version: 3.9.1 - Hardcoded Software)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.1.2 - )
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HF pAppLoc version 1.2 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.2 - Inquisitor)
Instagiffer version 1.75 (HKLM-x32\...\{13DEF8F8-5280-4555-95A4-E815C3F9540F}_is1) (Version: 1.75 - Justin Todd)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java SE Development Kit 8 Update 60 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAV Filters 0.65 (HKLM-x32\...\lavfilters_is1) (Version: 0.65 - Hendrik Leppkes)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MFZ0 codec (Remove Only) (HKLM-x32\...\MFZ0CODEC) (Version:  - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 53.0.3 (x64 en-GB) (HKLM\...\Mozilla Firefox 53.0.3 (x64 en-GB)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
MSI Afterburner 4.3.0 (HKLM-x32\...\Afterburner) (Version: 4.3.0 - MSI Co., LTD)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version:  - )
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Project64 version 2.3.2.202 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.3.2.202 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6511 - Realtek Semiconductor Corp.)
RGSS-RTP Standard (HKLM-x32\...\{5A9FE525-8B8F-4701-A937-7F6745A4E9C7}) (Version: 1.0.0 - Enterbrain)
RPG Maker VX Ace (HKLM-x32\...\RPGVXAce_E_is1) (Version: 1.02 - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
RPGƒcƒN[ƒ‹VX RTP (HKLM-x32\...\RPGƒcƒN[ƒ‹VX RTP_is1) (Version: 1.00 - Enterbrain)
SeaTools for Windows 1.4.0.4 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Tetris (HKLM-x32\...\{95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1) (Version: 1.71 - Crystal Office Systems)
Twine 2.0.11 (remove only) (HKLM-x32\...\Twine2) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WMP12 maximize fix 1.0 (HKLM-x32\...\{C91779A3-FA57-49EE-9E9A-5409FB33270A}_is1) (Version:  - Dead:Code)
YTD Video Downloader 5.8.2 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 5.8.2 - GreenTree Applications SRL)

========================= Memory info: ===================================

Percentage of memory in use: 21%
Total physical RAM: 8156.22 MB
Available physical RAM: 6428.54 MB
Total Virtual: 16310.63 MB
Available Virtual: 14656.09 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.66 GB) (Free:162.5 GB) NTFS

========================= Users: ========================================

User accounts for \\ANDREW-PC

Administrator            Andrew                   Guest                    


**** End of log ****

Embarassing about the host thing, wish there was a way to remove most of those, could only edit the one in the etc folder in devices of windows, and could only save it as a text file. probably break something if i deleted the whole list. I use firefox mainly, chrome can go if it needs to, i just use it o ndays when firefox can't deliver.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:07 PM

Posted 31 May 2017 - 11:01 AM

The hosts are items blocked by SpyBot.. .Remove what Adwcleaner found and see how it is.

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwareClearer, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 Andrew87

Andrew87
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 31 May 2017 - 11:06 AM

# AdwCleaner v6.047 - Logfile created 30/05/2017 at 22:50:43
# Updated on 19/05/2017 by Malwarebytes
# Database : 2017-05-30.1 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Andrew - ANDREW-PC
# Running from : C:\Users\Andrew\Downloads\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Folders ] *****

[-] Folder deleted: C:\Users\Andrew\AppData\Local\MalwareProtectionLive
[-] Folder deleted: C:\ProgramData\ytd video downloader
[#] Folder deleted on reboot: C:\ProgramData\Application Data\ytd video downloader
[-] Folder deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[-] Folder deleted: C:\Program Files (x86)\GreenTree Applications
[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\LavasoftTcpService


***** [ Files ] *****

[-] File deleted: C:\Users\Andrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YTD Video Downloader.lnk
[-] File deleted: C:\Windows\SysNative\LavasoftTcpService64.dll
[-] File deleted: C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[-] File deleted: C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] File deleted: C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Shortcuts ] *****



***** [ Scheduled Tasks ] *****



***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{2CE0F1DC-C504-4B7B-A385-D94A2531DFFB}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key deleted: HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\LavasoftTcpService.exe


***** [ Web browsers ] *****

[-] [C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: uk.ask.com
[-] [C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: pilplloabdedfmialnfchjomjmpjcoej
[-] [C:\Users\Andrew\AppData\Local\Google\Chrome\User Data\Default] [homepage] Deleted: hxxps://uk.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_tchfld_15_51&param1=1&param2=f%3D1%26b%3DChrome%26cc%3Dgb%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyDtD0EyDyEzytCyD0AtDyDyE0FtBtAtDtN0D0Tzu0StCyEyEzztN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDyC0DyBzytByDyEtGyEyCzztAtGyD0EyEzytGyDtB0EtCtG0CyDyB0CtC0CtByDyE0FyBtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0FtA0BtBzzyEzytG0ByDtCtCtGyE0D0E0AtG0AtByC0FtG0CyDtAtC0FzzyDyCyEyD0CtC2QtN0A0LzutB%26cr%3D1684666795%26a%3Dwncy_tchfld_15_51%26os_ver%3D6.1%26os%3DWindows%2B7%2BHome%2BPremium


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [3580 Bytes] - [30/05/2017 22:50:43]
C:\AdwCleaner\AdwCleaner[S0].txt - [3516 Bytes] - [30/05/2017 18:02:34]
C:\AdwCleaner\AdwCleaner[S1].txt - [3588 Bytes] - [30/05/2017 18:24:50]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3799 Bytes] ##########
 



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,416 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:07 PM

Posted 31 May 2017 - 11:07 AM

Ok , how is it now?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 Andrew87

Andrew87
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:07 AM

Posted 31 May 2017 - 12:31 PM

Pretty much the same, in fact i think it's a bit slower but could be my imagination.

 

I would hate to go so far, especially since it's hard to know what i'm doing right or wrong or if it's just too screwed up to even fix at this point, how would i go about getting a new pc? Hopefully i can still get windows 7 for it and try and get all the same problems, it might be due to recent files/programs, updates, removing things mindlessly to clear up space/speed up the pc.

 

If i backed up this pc, could the problem i'm currently having be in that backup? Settings, configurations, registries, i've changed so much because articles tell me to in order to improve it's performance and it might have done more harm than good, i can't even play minecraft or any other 3d game without the pc heating up, i remember when my pc didn't do that and could be the insides and not what's on the hard drive but i'm cluelessly lost on what to do next, i want to use the junkware removal tool but afraid of doing it without finding a way for a restore point to be validated.


Edited by Andrew87, 31 May 2017 - 01:13 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users