Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-11-2015
- Ran by Nicholas (2015-11-24 17:44:08)
- Running from C:\Users\Nicholas\Downloads\Programs
- Windows 10 Pro (X64) (2015-11-19 03:35:06)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-3375244143-3485815551-2194947098-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-3375244143-3485815551-2194947098-503 - Limited - Disabled)
- Guest (S-1-5-21-3375244143-3485815551-2194947098-501 - Limited - Disabled)
- Nicholas (S-1-5-21-3375244143-3485815551-2194947098-1001 - Administrator - Enabled) => C:\Users\Nicholas
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Bitdefender Antivirus (Enabled - Up to date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Bitdefender Antispyware (Enabled - Up to date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-3375244143-3485815551-2194947098-1001\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
- Bandicam (HKLM-x32\...\Bandicam) (Version: 2.4.1.903 - Bandisoft.com)
- Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
- Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.19.1099 - Bitdefender)
- Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.20.1143 - Bitdefender)
- CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
- Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
- Commander: Conquest of the Americas Gold (HKLM-x32\...\Steam App 254020) (Version: - )
- Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
- Emily is Away (HKLM-x32\...\Steam App 417860) (Version: - Kyle Seeley)
- ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
- Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
- Evernote v. 5.9.5 (HKLM-x32\...\{A550A62C-8CB9-11E5-A5A9-005056951CAD}) (Version: 5.9.5.9380 - Evernote Corp.)
- Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
- Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
- Geometry Dash (HKLM-x32\...\Steam App 322170) (Version: - RobTop Games)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
- Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
- IDM Patch 6.25 build 02 (HKLM-x32\...\IDM Patch 6.25 build 02) (Version: build 02 - SandySeedings Team)
- Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
- Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
- Knights and Merchants (HKLM-x32\...\Steam App 253900) (Version: - Topware Interactive)
- League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
- League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
- Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
- Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.6001.1038 - Microsoft Corporation)
- Microsoft SQL Server 2008 R2 (HKLM-x32\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
- Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{79A2C6E8-C727-4D12-B4B3-19790C181DEA}) (Version: 10.52.4000.0 - Microsoft Corporation)
- Microsoft SQL Server 2008 R2 Setup (English) (HKLM-x32\...\{7419AE1A-D1A5-4B24-BD78-C7ABCC26016F}) (Version: 10.52.4000.0 - Microsoft Corporation)
- Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.52.4000.0 - Microsoft Corporation)
- Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
- Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
- Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.52.4000.0 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Mozilla Firefox 42.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
- NetCut 2.1.4 (HKLM-x32\...\NetCut_is1) (Version: - arcai.com)
- Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
- NVIDIA 3D Vision Controller Driver 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
- NVIDIA 3D Vision Driver 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
- NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
- NVIDIA Graphics Driver 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
- NVIDIA HD Audio Driver 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
- NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
- Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
- Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
- Razer Chroma SDK Core Components (HKLM-x32\...\Razer Chroma SDK) (Version: 1.0.4 - Razer Inc.)
- Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.18 - Razer Inc.)
- Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27748 - Razer Inc.)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7572 - Realtek Semiconductor Corp.)
- RibbonDisabler 1.0 (HKLM-x32\...\RibbonDisabler) (Version: 1.0 - SkinPack)
- Rivals of Aether (HKLM-x32\...\Steam App 383980) (Version: - Dan Fornace)
- Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC)
- Service Pack 2 for SQL Server 2008 R2 (KB2630458) (HKLM-x32\...\KB2630458) (Version: 10.52.4000.0 - Microsoft Corporation)
- SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
- SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
- SolarWinds Orion (x32 Version: 1.3.0.519 - SolarWinds, Inc.) Hidden
- SQL Server 2008 R2 SP2 Common Files (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
- SQL Server 2008 R2 SP2 Database Engine Services (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
- SQL Server 2008 R2 SP2 Database Engine Shared (x32 Version: 10.52.4000.0 - Microsoft Corporation) Hidden
- Sql Server Customer Experience Improvement Program (x32 Version: 10.50.1600.1 - Microsoft Corporation) Hidden
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- TeamSpeak 3 Client (HKU\S-1-5-21-3375244143-3485815551-2194947098-1001\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
- Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
- The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
- Virtual Audio Cable 4.13 (HKLM\...\Virtual Audio Cable 4.13) (Version: - )
- VPNium (HKLM-x32\...\VPNium) (Version: - )
- WinPcap 4.1.3 (HKLM\...\{23DB3962-A9E5-4172-80A1-6B0F3EEEC43C}) (Version: 4.1.2980 - Riverbed Technology, Inc.)
- WinRAR 5.30 beta 6 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.6 - win.rar GmbH)
- Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-3375244143-3485815551-2194947098-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Nicholas\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
- ==================== Restore Points =========================
- 18-11-2015 22:43:53 Installed Razer Synapse.
- 20-11-2015 15:14:10 Installed Evernote v. 5.9.5
- 22-11-2015 11:08:06 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
- 22-11-2015 11:08:33 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
- 23-11-2015 12:09:30 Removed Razer Synapse.
- 24-11-2015 12:24:48 Installed Microsoft Visual C++ 2005 Redistributable
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2015-11-18 11:40 - 2015-11-24 17:42 - 00001371 ____A C:\WINDOWS\system32\Drivers\etc\hosts
- 127.0.0.1 bandicam.com
- 127.0.0.1 ssl.bandisoft.com
- 127.0.0.1 teamspeak.com
- 127.0.0.1 accounting.teamspeak.com
- 127.0.0.1 backupaccounting.teamspeak.com
- 127.0.0.1 blacklist.teamspeak.com
- 127.0.0.1 ipcheck.teamspeak.com
- 127.0.0.1 ocsp.digicert.com
- 127.0.0.1 hardy.teamspeak.4players.de
- 127.0.0.1 teamspeak.com
- 127.0.0.1 teamspeak.com
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {15EBE90B-5D68-41ED-AD30-8DB5976EBBA4} - System32\Tasks\VPNium => C:\Program Files (x86)\VPNium\vpnium.exe [2015-11-24] (VPNium)
- Task: {2194E12C-46D1-4BB6-8BC8-5CB2EEC25051} - System32\Tasks\Microsoft\Windows\SetupSQMTask => C:\WINDOWS\SYSTEM32\OOBE\SETUPSQM.EXE [2015-07-09] (Microsoft Corporation)
- Task: {5D129381-B364-4C6B-80F8-BC2EC68DF6E9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-18] (Google Inc.)
- Task: {6971B152-03CA-4156-9E94-DE8F371BD4DD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-10-27] (Microsoft Corporation)
- Task: {A375B13D-0EF8-40D9-8D38-420A7DC00A25} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
- Task: {A9FA0E1D-50EF-4572-B3AC-119ADD9F6F08} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2015-11-22] ()
- Task: {BB41F66C-52F6-4DDE-B02A-3A143677553A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
- Task: {C88C47B1-CA64-477D-BD2F-6F0ADC1A32F9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-18] (Google Inc.)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2015-09-10 00:12 - 2015-09-10 00:12 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
- 2015-11-23 11:34 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
- 2015-11-23 11:34 - 2015-09-04 16:39 - 00875352 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpbr.mdl
- 2015-11-23 11:34 - 2015-09-04 16:39 - 00741952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpdsp.mdl
- 2015-11-23 11:34 - 2015-09-04 16:39 - 02800952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttpph.mdl
- 2015-11-23 11:34 - 2015-09-04 16:39 - 01413024 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_001_001\ashttprbl.mdl
- 2015-09-10 00:12 - 2015-09-10 00:12 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
- 2015-11-20 16:56 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
- 2015-06-23 15:11 - 2015-06-23 15:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
- 2015-09-30 14:43 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
- 2015-09-30 14:43 - 2015-09-17 01:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
- 2015-11-20 17:01 - 2015-11-20 17:01 - 08901800 _____ () C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\1033\GrooveIntlResource.dll
- 2015-04-15 15:13 - 2015-04-15 15:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
- 2015-09-30 14:42 - 2015-09-17 00:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
- 2015-09-30 14:42 - 2015-09-17 01:04 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
- 2013-09-14 17:04 - 2013-09-14 17:04 - 00567871 _____ () C:\RibbonDisabler\etr64.exe
- 2015-11-20 15:31 - 2015-11-20 15:31 - 03498496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1510.13020.0_x64__8wekyb3d8bbwe\Calculator.exe
- 2015-11-21 12:38 - 2015-11-21 12:38 - 00012800 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
- 2015-11-21 12:38 - 2015-11-21 12:38 - 11526656 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
- 2015-11-20 15:38 - 2015-11-20 15:39 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1120.13270.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
- 2015-11-20 15:39 - 2015-11-20 15:39 - 09074176 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
- 2015-11-20 15:39 - 2015-11-20 15:39 - 02416640 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_2015.23.23.0_x64__8wekyb3d8bbwe\MS.Entertainment.Common.Mobile.dll
- 2015-11-24 17:01 - 2015-08-18 08:52 - 00864208 _____ () C:\Users\Nicholas\Downloads\teamspeak3-server_win64\ts3db_sqlite3.dll
- 2015-09-30 14:43 - 2015-09-17 00:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
- 2015-09-30 14:42 - 2015-09-17 00:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2015-09-30 14:42 - 2015-09-17 00:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
- 2015-09-30 14:43 - 2015-09-17 00:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
- 2015-07-09 22:13 - 2015-09-10 00:12 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
- 2015-11-19 15:23 - 2015-10-11 22:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
- 2015-10-01 01:28 - 2015-10-01 01:28 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
- 2015-11-16 17:02 - 2015-11-16 17:02 - 00439504 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
- 2015-11-16 17:02 - 2015-11-16 17:02 - 00321232 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
- 2015-11-18 22:49 - 2015-10-05 11:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
- 2015-11-18 22:49 - 2015-07-03 11:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
- 2015-11-18 22:49 - 2015-11-09 21:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
- 2015-11-18 22:49 - 2015-07-03 11:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
- 2015-11-18 22:49 - 2015-07-03 11:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
- 2015-11-18 22:49 - 2015-09-23 19:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
- 2015-11-18 22:49 - 2015-09-23 19:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
- 2015-11-18 22:49 - 2015-09-23 19:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
- 2015-11-18 22:49 - 2015-09-23 19:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
- 2015-11-18 22:49 - 2015-09-23 19:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
- 2015-11-18 22:49 - 2015-11-09 21:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
- 2015-11-18 22:49 - 2015-11-03 17:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
- 2015-11-18 22:49 - 2015-10-08 17:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
- 2015-11-18 22:49 - 2015-09-24 18:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
- 2015-11-18 22:40 - 2015-11-06 23:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
- 2015-11-18 22:40 - 2015-11-06 23:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-3375244143-3485815551-2194947098-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nicholas\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
- DNS Servers: 192.168.1.1
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is disabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
- FirewallRules: [{57995B19-110A-4B5B-89D5-678AAC14FB89}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- FirewallRules: [{235CA109-833E-48F5-AC35-FAB666869D9E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{20FD0E5F-A7E5-43B5-8CBE-0261F7349E14}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{BB4B1D97-0447-456C-B180-75236046701D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{417F927D-D6FA-4F04-A94C-DC13ADD08054}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
- FirewallRules: [{B8063ED4-FA0D-4C96-9BF6-A282FAF46615}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
- FirewallRules: [{C2B00E86-71CD-4DAC-BD59-2D5BFE398260}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Geometry Dash\GeometryDash.exe
- FirewallRules: [{4866A904-E721-4C44-A62A-AE39E0CFF8F8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
- FirewallRules: [{359507DD-6821-45FE-932D-66CF1EF006F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
- FirewallRules: [{EB78E124-45E1-42FB-98E3-ECEBC6237310}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe
- FirewallRules: [{4BB5931C-3C2E-4511-BAD8-37C72BADF5E0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Rivals of Aether\RivalsofAether.exe
- FirewallRules: [{96196918-32BF-44F2-80B1-B7B84AE3B2F7}] => (Allow) C:\Users\Nicholas\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{6E8215D1-CA0C-43B8-B1EE-0B6E34B46D17}] => (Allow) C:\Users\Nicholas\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{6F86AAE1-6F2D-48AE-8627-87D80245C885}] => (Allow) C:\Users\Nicholas\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{3A808AE8-8B15-4888-B7F7-5F3272CE1162}] => (Allow) C:\Users\Nicholas\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{4816A7B7-E384-4046-81B7-5B3A1F436891}] => (Allow) C:\Users\Nicholas\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{D9D3FE93-5316-4F15-963E-7201BF6283C2}] => (Allow) C:\Users\Nicholas\AppData\Roaming\uTorrent\uTorrent.exe
- FirewallRules: [{B0336A95-CCE4-41BC-9E3D-4695DDE51C2A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
- FirewallRules: [{80757CE3-2027-4FFB-B76B-F8F6687C2EA2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
- FirewallRules: [{35A9A364-5D1C-486F-8784-9A85780179F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
- FirewallRules: [{98D86059-F527-49AB-86CE-79402E58F397}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
- FirewallRules: [{53201EFE-8C13-45CB-972E-77F01FA08C62}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
- FirewallRules: [{8AD44B05-5204-4CBC-8BBB-7B791B934F40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{98F225FB-84B0-41F3-B0E2-BAAD51B440B4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
- FirewallRules: [{AF5B4698-24A5-47A8-931B-2E63174E2B49}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
- FirewallRules: [{FD23407B-70B2-4E5E-821F-7C75E5AAEA4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
- FirewallRules: [{9C304864-D6C3-406B-98E0-0B7AEC32A7BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
- FirewallRules: [{9B9BD84B-62AA-43F3-AFB9-60DD8098326C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
- FirewallRules: [{D3766251-D0E9-4E24-AD8C-2020B4CD9C79}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
- FirewallRules: [{0D3FE890-BF85-41F5-8E9C-ABC4A3B2E0C9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Europa Universalis IV\eu4.exe
- FirewallRules: [{DE5AFC6D-D12E-48E5-A06B-D696B1D023C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{A64ADEB6-D6A1-4FFF-AF4C-5AF9E8398A62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{F0BC5C4F-FEFF-4177-8FE0-9CB505AE323F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
- FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
- FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
- FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
- FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
- FirewallRules: [{E224BD49-4223-4442-9C69-B73C199455FA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
- FirewallRules: [{292D1BDF-6030-4B4C-8D28-A850FCB03BAB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
- FirewallRules: [{12A826A8-8002-48DF-82DD-9573F5160585}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{DEFE842A-B839-4423-8422-B2E229C816A5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{CB11C3A7-9184-4FEF-9C92-5098B06C81F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
- FirewallRules: [{03459F46-C59D-4B54-8ED5-F138C7D539F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Emily is Away\emily is away.exe
- FirewallRules: [{B0141CAB-BD35-4B29-853C-FE4D7EEF165B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\KM_TPR.exe
- FirewallRules: [{BD39FBF7-1EB2-4E81-A500-C824A685B295}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\KM_TPR.exe
- FirewallRules: [{030374FA-6F01-46FA-AE9C-621FF74B5A6F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
- FirewallRules: [{60EF0437-89F2-4A3C-8AB9-8610948F3769}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Knights and Merchants Historical Version\hd\Knights_and_Merchants_steam.exe
- FirewallRules: [{266C1735-3711-44D4-BB04-75DF2FD12AEC}] => (Allow) C:\WINDOWS\AutoKMS\AutoKMS.exe
- FirewallRules: [{C6FF933F-3FC3-43C3-B042-D5FC065CCE1D}] => (Allow) C:\WINDOWS\AutoKMS\AutoKMS.exe
- FirewallRules: [{EA82CA62-6CB5-4C6E-86F5-82EA6F51380E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commander Conquest of the Americas Gold\Commander.exe
- FirewallRules: [{650D5BD2-E6A4-45FF-9B8B-16BE500D4239}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Commander Conquest of the Americas Gold\Commander.exe
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (11/24/2015 04:31:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
- Description: The program netcut.exe version 2.0.6.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
- Process ID: 6720
- Start Time: 01d126ff75219787
- Termination Time: 4294967295
- Application Path: C:\Program Files (x86)\netcut\netcut.exe
- Report Id: b987feed-92f2-11e5-9af5-d8cb8a97c810
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (11/24/2015 04:11:12 PM) (Source: ESENT) (EventID: 413) (User: )
- Description: SettingSyncHost (11892) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
- Error: (11/24/2015 04:11:12 PM) (Source: ESENT) (EventID: 488) (User: )
- Description: SettingSyncHost (11892) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
- Error: (11/24/2015 04:11:02 PM) (Source: ESENT) (EventID: 413) (User: )
- Description: SettingSyncHost (11892) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
- Error: (11/24/2015 04:11:02 PM) (Source: ESENT) (EventID: 488) (User: )
- Description: SettingSyncHost (11892) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
- Error: (11/24/2015 04:10:51 PM) (Source: ESENT) (EventID: 413) (User: )
- Description: SettingSyncHost (11892) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
- Error: (11/24/2015 04:10:51 PM) (Source: ESENT) (EventID: 488) (User: )
- Description: SettingSyncHost (11892) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
- Error: (11/24/2015 04:10:41 PM) (Source: ESENT) (EventID: 413) (User: )
- Description: SettingSyncHost (11892) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
- Error: (11/24/2015 04:10:41 PM) (Source: ESENT) (EventID: 488) (User: )
- Description: SettingSyncHost (11892) An attempt to create the file "C:\WINDOWS\system32\edbtmp.log" failed with system error 5 (0x00000005): "Access is denied. ". The create file operation will fail with error -1032 (0xfffffbf8).
- Error: (11/24/2015 04:10:31 PM) (Source: ESENT) (EventID: 413) (User: )
- Description: SettingSyncHost (11892) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
- System errors:
- =============
- Error: (11/24/2015 05:31:32 PM) (Source: Microsoft-Windows-DNS-Client) (EventID: 1012) (User: NT AUTHORITY)
- Description: There was an error while attempting to read the local hosts file.
- Error: (11/24/2015 00:26:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Hotspot Shield Service service terminated unexpectedly. It has done this 1 time(s).
- Error: (11/24/2015 00:26:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Hotspot Shield Monitoring Service service terminated unexpectedly. It has done this 1 time(s).
- Error: (11/24/2015 00:25:50 PM) (Source: Microsoft-Windows-NDIS) (EventID: 10317) (User: NT AUTHORITY)
- Description: Miniport TAP-Win32 Adapter V9, {B386F5FB-042F-4B01-9FEA-093EAE4BDE2B}, had event 76
- Error: (11/23/2015 09:21:02 PM) (Source: DCOM) (EventID: 10010) (User: NICHOLAS)
- Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
- Error: (11/23/2015 09:21:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session1 service to connect.
- Error: (11/23/2015 09:21:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session1 service to connect.
- Error: (11/23/2015 09:21:01 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
- Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_Session1 service, but this action failed with the following error:
- %%1056
- Error: (11/23/2015 09:20:53 PM) (Source: DCOM) (EventID: 10010) (User: NICHOLAS)
- Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca
- Error: (11/23/2015 09:20:53 PM) (Source: DCOM) (EventID: 10010) (User: NICHOLAS)
- Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
- CodeIntegrity:
- ===================================
- Date: 2015-11-24 09:52:28.165
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
- Date: 2015-11-21 21:38:29.020
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
- Date: 2015-11-20 19:49:16.726
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
- Date: 2015-11-20 19:49:16.672
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
- Percentage of memory in use: 44%
- Total physical RAM: 8140.85 MB
- Available physical RAM: 4478.23 MB
- Total Virtual: 10060.85 MB
- Available Virtual: 4680.06 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:930.56 GB) (Free:766.66 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
- Partition: GPT.
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement