Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x86) Version:31-12-2015
- Ran by ryan (2016-01-08 20:06:49)
- Running from C:\Users\ryan\Desktop
- Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2016-01-03 20:24:05)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-4254598470-3569234741-3998372491-500 - Administrator - Disabled)
- Guest (S-1-5-21-4254598470-3569234741-3998372491-501 - Limited - Disabled)
- ryan (S-1-5-21-4254598470-3569234741-3998372491-1000 - Administrator - Enabled) => C:\Users\ryan
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Google Chrome (HKLM\...\{D325A4AE-0EAB-3726-912C-6D0A56A95505}) (Version: 47.0.2526.106 - Google, Inc.)
- Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
- Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- VMware Tools (HKLM\...\{0C69DF99-B17A-4490-910B-64811AEA2F48}) (Version: 10.0.5.3228253 - VMware, Inc.)
- WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
- WinRAR 5.31 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
- Wireshark 2.0.1 (32-bit) (HKLM\...\Wireshark) (Version: 2.0.1 - The Wireshark developer community, hxxps://www.wireshark.org)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
- ==================== Shortcuts =============================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-13 18:04 - 2016-01-04 19:26 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
- 127.0.0.1 localhost
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-4254598470-3569234741-3998372491-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ryan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
- DNS Servers: 192.168.1.254
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{42E19179-4EE3-44C8-8D3F-82037E244F0F}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
- FirewallRules: [{1C658A7F-E95F-4B57-9B53-E5EF6711B432}] => (Allow) %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
- ==================== Restore Points =========================
- 08-01-2016 00:50:45 Scheduled Checkpoint
- 08-01-2016 20:03:19 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (01/08/2016 07:57:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (01/08/2016 07:56:23 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (01/08/2016 07:56:21 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (01/08/2016 05:10:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (01/08/2016 05:08:59 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (01/08/2016 05:08:58 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (01/08/2016 04:34:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- Error: (01/08/2016 04:33:35 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (01/08/2016 04:33:34 PM) (Source: SideBySide) (EventID: 33) (User: )
- Description: Activation context generation failed for "Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148"1".
- Dependent Assembly Microsoft.VC90.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.30729.4148" could not be found.
- Please use sxstrace.exe for detailed diagnosis.
- Error: (01/07/2016 11:30:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
- Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
- System errors:
- =============
- Error: (01/08/2016 07:56:07 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 5:34:31 PM on 1/8/2016 was unexpected.
- Error: (01/08/2016 05:08:42 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 4:52:05 PM on 1/8/2016 was unexpected.
- Error: (01/08/2016 04:33:17 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 8:02:18 AM on 1/8/2016 was unexpected.
- Error: (01/07/2016 11:59:52 PM) (Source: volsnap) (EventID: 36) (User: )
- Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
- Error: (01/07/2016 11:29:14 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 11:26:52 PM on 1/7/2016 was unexpected.
- Error: (01/07/2016 11:22:54 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Superfetch service terminated with the following error:
- %%1062
- Error: (01/07/2016 10:21:59 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 10:13:57 PM on 1/7/2016 was unexpected.
- Error: (01/07/2016 10:12:08 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 10:07:38 PM on 1/7/2016 was unexpected.
- Error: (01/07/2016 10:03:57 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 5:52:57 PM on 1/7/2016 was unexpected.
- Error: (01/07/2016 05:50:12 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
- Description: The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
- Percentage of memory in use: 61%
- Total physical RAM: 1023.49 MB
- Available physical RAM: 393.34 MB
- Total Virtual: 2047.49 MB
- Available Virtual: 1393.23 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:59.9 GB) (Free:51.37 GB) NTFS
- Drive d: (GSP1RMCULFRER_EN_DVD) (CDROM) (Total:2.39 GB) (Free:0 GB) UDF
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 60 GB) (Disk ID: 8EF3B693)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=59.9 GB) - (Type=07 NTFS)
- ==================== End of Addition.txt ============================
Add Comment
Please, Sign In to add comment