API tools faq
paste
Guest User

Untitled

a guest
Jan 8th, 2016
21
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 11.95 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-12-2015
  2. Ran by ryan (2016-01-08 20:06:49)
  3. Running from C:\Users\ryan\Desktop
  4. Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2016-01-03 20:24:05)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-4254598470-3569234741-3998372491-500 - Administrator - Disabled)
  12. Guest (S-1-5-21-4254598470-3569234741-3998372491-501 - Limited - Disabled)
  13. ryan (S-1-5-21-4254598470-3569234741-3998372491-1000 - Administrator - Enabled) => C:\Users\ryan
  14.  
  15. ==================== Security Center ========================
  16.  
  17. (If an entry is included in the fixlist, it will be removed.)
  18.  
  19. AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  20.  
  21. ==================== Installed Programs ======================
  22.  
  23. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  24.  
  25. Google Chrome (HKLM\...\{D325A4AE-0EAB-3726-912C-6D0A56A95505}) (Version: 47.0.2526.106 - Google, Inc.)
  26. Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
  27. Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
  28. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  29. VMware Tools (HKLM\...\{0C69DF99-B17A-4490-910B-64811AEA2F48}) (Version: 10.0.5.3228253 - VMware, Inc.)
  30. WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
  31. WinRAR 5.31 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
  32. Wireshark 2.0.1 (32-bit) (HKLM\...\Wireshark) (Version: 2.0.1 - The Wireshark developer community, hxxps://www.wireshark.org)
  33.  
  34. ==================== Custom CLSID (Whitelisted): ==========================
  35.  
  36. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  37.  
  38.  
  39. ==================== Scheduled Tasks (Whitelisted) =============
  40.  
  41. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  42.  
  43.  
  44. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  45.  
  46. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  47. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  48.  
  49. ==================== Shortcuts =============================
  50.  
  51. (The entries could be listed to be restored or removed.)
  52.  
  53. ==================== Loaded Modules (Whitelisted) ==============
  54.  
  55.  
  56. ==================== Alternate Data Streams (Whitelisted) =========
  57.  
  58. (If an entry is included in the fixlist, only the ADS will be removed.)
  59.  
  60.  
  61. ==================== Safe Mode (Whitelisted) ===================
  62.  
  63. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
  64.  
  65. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
  66. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
  67. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
  68. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
  69.  
  70. ==================== EXE Association (Whitelisted) ===============
  71.  
  72. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  73.  
  74.  
  75. ==================== Internet Explorer trusted/restricted ===============
  76.  
  77. (If an entry is included in the fixlist, it will be removed from the registry.)
  78.  
  79.  
  80. ==================== Hosts content: ===============================
  81.  
  82. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  83.  
  84. 2009-07-13 18:04 - 2016-01-04 19:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
  85.  
  86. 127.0.0.1 localhost
  87.  
  88. ==================== Other Areas ============================
  89.  
  90. (Currently there is no automatic fix for this section.)
  91.  
  92. HKU\S-1-5-21-4254598470-3569234741-3998372491-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ryan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
  93. DNS Servers: 192.168.1.254
  94. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  95. Windows Firewall is enabled.
  96.  
  97. ==================== MSCONFIG/TASK MANAGER disabled items ==
  98.  
  99. (Currently there is no automatic fix for this section.)
  100.  
  101.  
  102. ==================== FirewallRules (Whitelisted) ===============
  103.  
  104. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  105.  
  106. FirewallRules: [{42E19179-4EE3-44C8-8D3F-82037E244F0F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
  107. FirewallRules: [{1C658A7F-E95F-4B57-9B53-E5EF6711B432}] => (Allow) %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
  108.  
  109. ==================== Restore Points =========================
  110.  
  111. 08-01-2016 00:50:45 Scheduled Checkpoint
  112. 08-01-2016 20:03:19 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
  113.  
  114. ==================== Faulty Device Manager Devices =============
  115.  
  116.  
  117. ==================== Event log errors: =========================
  118.  
  119. Application errors:
  120. ==================
  121. Error: (01/08/2016 07:57:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
  122. Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
  123.  
  124. Error: (01/08/2016 07:56:23 PM) (Source: SideBySide) (EventID: 33) (User: )
  125. Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
  126. Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
  127. Please use sxstrace.exe for detailed diagnosis.
  128.  
  129. Error: (01/08/2016 07:56:21 PM) (Source: SideBySide) (EventID: 33) (User: )
  130. Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
  131. Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
  132. Please use sxstrace.exe for detailed diagnosis.
  133.  
  134. Error: (01/08/2016 05:10:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
  135. Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
  136.  
  137. Error: (01/08/2016 05:08:59 PM) (Source: SideBySide) (EventID: 33) (User: )
  138. Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
  139. Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
  140. Please use sxstrace.exe for detailed diagnosis.
  141.  
  142. Error: (01/08/2016 05:08:58 PM) (Source: SideBySide) (EventID: 33) (User: )
  143. Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
  144. Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
  145. Please use sxstrace.exe for detailed diagnosis.
  146.  
  147. Error: (01/08/2016 04:34:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
  148. Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
  149.  
  150. Error: (01/08/2016 04:33:35 PM) (Source: SideBySide) (EventID: 33) (User: )
  151. Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
  152. Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
  153. Please use sxstrace.exe for detailed diagnosis.
  154.  
  155. Error: (01/08/2016 04:33:34 PM) (Source: SideBySide) (EventID: 33) (User: )
  156. Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
  157. Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
  158. Please use sxstrace.exe for detailed diagnosis.
  159.  
  160. Error: (01/07/2016 11:30:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
  161. Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
  162.  
  163.  
  164. System errors:
  165. =============
  166. Error: (01/08/2016 07:56:07 PM) (Source: EventLog) (EventID: 6008) (User: )
  167. Description: The previous system shutdown at 5:34:31 PM on ‎1/‎8/‎2016 was unexpected.
  168.  
  169. Error: (01/08/2016 05:08:42 PM) (Source: EventLog) (EventID: 6008) (User: )
  170. Description: The previous system shutdown at 4:52:05 PM on ‎1/‎8/‎2016 was unexpected.
  171.  
  172. Error: (01/08/2016 04:33:17 PM) (Source: EventLog) (EventID: 6008) (User: )
  173. Description: The previous system shutdown at 8:02:18 AM on ‎1/‎8/‎2016 was unexpected.
  174.  
  175. Error: (01/07/2016 11:59:52 PM) (Source: volsnap) (EventID: 36) (User: )
  176. Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
  177.  
  178. Error: (01/07/2016 11:29:14 PM) (Source: EventLog) (EventID: 6008) (User: )
  179. Description: The previous system shutdown at 11:26:52 PM on ‎1/‎7/‎2016 was unexpected.
  180.  
  181. Error: (01/07/2016 11:22:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
  182. Description: The Superfetch service terminated with the following error:
  183. %%1062
  184.  
  185. Error: (01/07/2016 10:21:59 PM) (Source: EventLog) (EventID: 6008) (User: )
  186. Description: The previous system shutdown at 10:13:57 PM on ‎1/‎7/‎2016 was unexpected.
  187.  
  188. Error: (01/07/2016 10:12:08 PM) (Source: EventLog) (EventID: 6008) (User: )
  189. Description: The previous system shutdown at 10:07:38 PM on ‎1/‎7/‎2016 was unexpected.
  190.  
  191. Error: (01/07/2016 10:03:57 PM) (Source: EventLog) (EventID: 6008) (User: )
  192. Description: The previous system shutdown at 5:52:57 PM on ‎1/‎7/‎2016 was unexpected.
  193.  
  194. Error: (01/07/2016 05:50:12 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
  195. Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
  196.  
  197.  
  198. ==================== Memory info ===========================
  199.  
  200. Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
  201. Percentage of memory in use: 61%
  202. Total physical RAM: 1023.49 MB
  203. Available physical RAM: 393.34 MB
  204. Total Virtual: 2047.49 MB
  205. Available Virtual: 1393.23 MB
  206.  
  207. ==================== Drives ================================
  208.  
  209. Drive c: () (Fixed) (Total:59.9 GB) (Free:51.37 GB) NTFS
  210. Drive d: (GSP1RMCULFRER_EN_DVD) (CDROM) (Total:2.39 GB) (Free:0 GB) UDF
  211.  
  212. ==================== MBR & Partition Table ==================
  213.  
  214. ========================================================
  215. Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 8EF3B693)
  216. Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
  217. Partition 2: (Not Active) - (Size=59.9 GB) - (Type=07 NTFS)
  218.  
  219. ==================== End of Addition.txt ============================
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!