Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21.02.2018
- Ran by Louis (22-02-2018 20:34:01)
- Running from C:\Users\Louis\Downloads
- Windows 10 Home Version 1709 16299.248 (X64) (2018-02-06 03:22:36)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-539143927-845453629-1290894029-500 - Administrator - Disabled)
- DefaultAccount (S-1-5-21-539143927-845453629-1290894029-503 - Limited - Disabled)
- Guest (S-1-5-21-539143927-845453629-1290894029-501 - Limited - Disabled)
- Louis (S-1-5-21-539143927-845453629-1290894029-1001 - Administrator - Enabled) => C:\Users\Louis
- WDAGUtilityAccount (S-1-5-21-539143927-845453629-1290894029-504 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.)
- Catalyst Control Center Next Localization BR (HKLM\...\{A16E186C-58C4-3BDC-5CCE-714EFEF5F27F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization CHS (HKLM\...\{E42911E5-48F8-8557-ED20-D72AD1907D25}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization CHT (HKLM\...\{B4C30EF4-B2C5-1395-B534-7B63BCB6E8E4}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization CS (HKLM\...\{62098A5F-E03B-31A3-5F9C-51A7F7D25744}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization DA (HKLM\...\{1757AD9B-0E3C-05F9-FE43-4343BED7DA85}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization DE (HKLM\...\{66B06F29-EE4F-9130-D96A-754826093FEA}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization EL (HKLM\...\{821D0A0E-F246-BE40-0D68-93883C14C410}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization ES (HKLM\...\{88BD74C4-23AB-4554-915C-6E1F0C81F6CD}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization FI (HKLM\...\{A48E2AB0-0866-7783-9657-E1709EB18D02}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization FR (HKLM\...\{E61CEF9A-BAC3-EAEE-F735-E257D2354DF2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization HU (HKLM\...\{DA0326BB-657D-AAFC-752C-363E8FA33755}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization IT (HKLM\...\{B873A1FB-5EA0-EE5F-A861-1E38880AD08E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization JA (HKLM\...\{EC9DF9FF-9D75-4CDD-1D58-A2E887B0A42E}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization KO (HKLM\...\{7ABACA7E-6E59-0EF9-8FA3-6B32E5F58127}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization NL (HKLM\...\{3E196AAF-F81C-B384-E2AB-28EE2398FE5F}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization NO (HKLM\...\{DAEFFE0C-CD05-1355-6AFC-7B3D4106A820}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization PL (HKLM\...\{E392A425-53A7-DF90-96A0-E287A75DD3B2}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization RU (HKLM\...\{D6F47BB4-700A-F612-0671-5F69EA311BB7}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization SV (HKLM\...\{01FD9A26-3F61-9236-B360-BE5D043D82C0}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization TH (HKLM\...\{64D4CCC3-63DF-252D-D29D-03491670225D}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
- Catalyst Control Center Next Localization TR (HKLM\...\{8DF90937-B869-9F76-5D45-5A8BDA0A33B6}) (Version: 2017.0922.1659.28737 - Advanced Micro Devices, Inc.) Hidden
- Discord (HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
- ESEA Client (HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
- FACEIT 0.14.0 (HKLM\...\1b460c18-2611-5297-a1a8-4f35160a268c) (Version: 0.14.0 - FACEIT Ltd.)
- FACEIT AC version 1.0 (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 1.0 - FACEIT LTD)
- GenArts Sapphire Plug-ins 6.10 for OFX (HKLM\...\GenArts Sapphire Plug-ins for OFX_is1) (Version: - )
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.167 - Google Inc.)
- Google Chrome Canary (HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\Google Chrome SxS) (Version: 66.0.3347.1 - Google Inc.)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
- Gyazo 3.3.5 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
- Malwarebytes version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
- Microsoft OneDrive (HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
- Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
- OBS Studio (HKLM-x32\...\OBS Studio) (Version: 21.0.1 - OBS Project)
- RogueKiller version 12.12.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.5.0 - Adlice Software)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{AC0D130B-8809-4125-811F-667893B90644}) (Version: 2.11.0.0 - Microsoft Corporation)
- UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
- VEGAS Pro 14.0 (64-bit) (HKLM\...\{4C79D80F-79F9-11E6-8402-BB95F5A309BD}) (Version: 14.0.161 - VEGAS)
- Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
- WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-539143927-845453629-1290894029-1001_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Louis\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
- CustomCLSID: HKU\S-1-5-21-539143927-845453629-1290894029-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Louis\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
- ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
- ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
- ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
- ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
- ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
- ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\ShellExt.dll [2017-09-29] (Microsoft Corporation)
- ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-09-22] (Advanced Micro Devices, Inc.)
- ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
- ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
- ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {0185B41E-98B0-4562-B334-7B43EE8AF3CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-04] (Google Inc.)
- Task: {0A34C0EC-CD2C-42CC-9BD1-03F42B0BFE95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-07] (Microsoft Corporation)
- Task: {22755FD0-9F18-42BC-8756-C54962B5F2D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-07] (Microsoft Corporation)
- Task: {3503312E-65B4-41C1-B234-870D9D053615} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
- Task: {41250360-0AFC-4D4B-9F69-B3E7F182340B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-539143927-845453629-1290894029-1001UA => C:\Users\Louis\AppData\Local\Google\Update\GoogleUpdate.exe [2018-02-19] (Google Inc.)
- Task: {48BAF7A5-C2CF-4F9F-8B09-ABCF582329C2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-07] (Microsoft Corporation)
- Task: {6AA6C053-C837-48F9-B6DA-DE2434C87A81} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-539143927-845453629-1290894029-1001Core => C:\Users\Louis\AppData\Local\Google\Update\GoogleUpdate.exe [2018-02-19] (Google Inc.)
- Task: {76669751-2395-4459-A4E0-182C69168557} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
- Task: {7E623D54-8F7B-4093-891D-4D51F722085C} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-09-22] (Advanced Micro Devices, Inc.)
- Task: {B60A43D4-938F-43F1-B5FD-50D230842F20} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-02-04] (Google Inc.)
- Task: {E36479A0-0FEC-4658-B595-86525828E8D9} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-12-21] (Nota Inc.)
- Task: {EA0198E1-F3F9-468D-86DC-F981D1FF1014} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MpCmdRun.exe [2018-02-07] (Microsoft Corporation)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- 2017-09-29 13:41 - 2017-09-29 13:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
- 2018-02-22 00:43 - 2017-11-29 09:11 - 002301384 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
- 2018-02-22 00:43 - 2017-11-29 09:11 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
- 2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
- 2016-09-13 02:01 - 2016-09-13 02:01 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
- 2016-09-13 02:01 - 2016-09-13 02:01 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
- 2016-09-13 02:01 - 2016-09-13 02:01 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
- 2016-09-13 02:01 - 2016-09-13 02:01 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
- 2016-09-13 02:01 - 2016-09-13 02:01 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
- 2016-09-13 02:01 - 2016-09-13 02:01 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
- 2018-02-14 20:33 - 2018-02-10 04:39 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
- 2018-02-14 20:33 - 2018-02-10 04:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
- 2018-02-06 21:33 - 2018-02-06 21:34 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
- 2018-02-06 21:33 - 2018-02-06 21:34 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
- 2018-02-06 21:33 - 2018-02-06 21:34 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
- 2018-02-06 21:33 - 2018-02-06 21:34 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
- 2018-02-14 17:42 - 2018-02-13 04:25 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libglesv2.dll
- 2018-02-14 17:42 - 2018-02-13 04:25 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\libegl.dll
- 2018-02-06 21:35 - 2018-02-06 21:35 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11801.1001.6.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
- 2018-02-22 17:53 - 2018-02-22 17:53 - 027139072 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Video.UI.exe
- 2018-02-22 17:53 - 2018-02-22 17:53 - 000306176 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\SharedUI.dll
- 2018-02-22 17:53 - 2018-02-22 17:53 - 006687744 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\EntCommon.dll
- 2018-02-04 21:08 - 2018-02-04 21:08 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
- 2018-02-04 20:36 - 2017-11-29 05:09 - 000781088 _____ () C:\Program Files (x86)\Steam\SDL2.dll
- 2018-02-04 20:36 - 2017-12-15 19:59 - 002558752 _____ () C:\Program Files (x86)\Steam\video.dll
- 2018-02-04 20:36 - 2016-09-01 01:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
- 2018-02-04 20:36 - 2017-11-04 01:54 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
- 2018-02-04 20:36 - 2017-11-04 01:54 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
- 2018-02-04 20:36 - 2017-11-04 01:54 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
- 2018-02-04 20:36 - 2017-11-04 01:54 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
- 2018-02-04 20:36 - 2016-09-01 01:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
- 2018-02-04 20:36 - 2016-09-01 01:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
- 2018-02-04 20:36 - 2017-11-04 01:54 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
- 2018-02-04 20:36 - 2017-12-15 19:59 - 000904992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
- 2018-02-04 20:36 - 2016-07-04 22:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
- 2018-02-04 20:37 - 2017-10-31 04:44 - 071471904 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
- 2018-02-04 20:37 - 2017-09-07 02:04 - 000678400 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
- 2018-02-04 20:36 - 2015-09-24 23:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2015-10-30 07:24 - 2015-10-30 07:21 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-539143927-845453629-1290894029-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Louis\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{7417d953-7d23-48e8-a4a2-644ea7e63f90}.jpg
- DNS Servers: 194.168.4.100 - 194.168.8.100
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- MSCONFIG\Services: XblAuthManager => 3
- MSCONFIG\Services: XblGameSave => 3
- MSCONFIG\Services: XboxGipSvc => 3
- MSCONFIG\Services: XboxNetApiSvc => 3
- HKLM\...\StartupApproved\Run: => "SecurityHealth"
- HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\StartupApproved\Run: => "OneDrive"
- HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\StartupApproved\Run: => "Discord"
- HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\StartupApproved\Run: => "FACEIT"
- HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_D806204F1CB634CD6A49014C6430B661"
- HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\StartupApproved\Run: => "Google Update"
- HKU\S-1-5-21-539143927-845453629-1290894029-1001\...\StartupApproved\Run: => "Gyazo"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [UDP Query User{FA35A7C1-5B8D-4EA8-B58A-714ADAC24124}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
- FirewallRules: [TCP Query User{117EF0C3-223A-42CA-9DA1-AF08465D5EE1}C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe
- FirewallRules: [{E19ABB93-2B4A-440D-957B-3FADB8B5F1E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
- FirewallRules: [{6BFF52F7-94E8-4DAD-91DC-1975229A2B59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\H1Z1_BE.exe
- FirewallRules: [{24570CE9-7350-4F0F-B7E0-CB1750339632}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
- FirewallRules: [{16C27C17-C7D3-4C52-AED0-EA3EDBB5F282}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe
- FirewallRules: [{1D8FF1F6-9E6E-4C5B-B8D5-0D63882075CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
- FirewallRules: [{48AE8CAF-D5F2-4E7E-9577-075E952B76A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
- FirewallRules: [{58B460BA-BAD0-46F1-8486-F7D358D5D0E8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{FDB1618B-30A4-486E-8E4E-70FB94A4B581}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- FirewallRules: [{3B2909F2-5FB4-4DD0-A9AD-C65B4B1B6BB1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{80C15B3F-91FF-481A-AB5D-0B8AC3A873BC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
- FirewallRules: [{B0CE7A54-9A7E-4186-8F30-3A6AE80E0965}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [{A6237DBF-AD66-4E97-97A4-96D1458A3C91}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
- FirewallRules: [TCP Query User{6031A078-7AFD-4C75-BDEA-4F78C1AFABB0}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
- FirewallRules: [UDP Query User{866B191E-83BC-44D2-99A2-6731CA93BCCB}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
- FirewallRules: [{EA99F605-6E97-41DA-AA80-4E3A669F7E8B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Restore Points =========================
- 07-02-2018 18:38:35 Windows Update
- 14-02-2018 20:32:03 Windows Update
- 22-02-2018 03:36:36 Scheduled Checkpoint
- ==================== Faulty Device Manager Devices =============
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (02/22/2018 01:43:35 AM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
- Description: Event-ID 3002
- Error: (02/20/2018 06:40:16 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: csgo.exe, version: 0.0.0.0, time stamp: 0x5a2f1c6a
- Faulting module name: engine.dll, version: 0.0.0.0, time stamp: 0x5a85e9fc
- Exception code: 0xc0000005
- Fault offset: 0x002cf4ba
- Faulting process id: 0x1078
- Faulting application start time: 0x01d3aa7a1bccb3e4
- Faulting application path: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
- Faulting module path: c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
- Report Id: 11d041db-4c7c-410f-8de5-9999cde5e287
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (02/14/2018 08:51:29 PM) (Source: Perflib) (EventID: 1008) (User: )
- Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
- Error: (02/07/2018 05:28:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-SLT3MLQ)
- Description: Package Microsoft.Windows.ShellExperienceHost_10.0.16299.15_neutral_neutral_cw5n1h2txyewy+App was terminated because it took too long to suspend.
- Error: (02/06/2018 10:23:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
- Description: The program Steam.exe version 4.28.51.7 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
- Process ID: 1fb4
- Start Time: 01d39f8d9ca50e16
- Termination Time: 4294967295
- Application Path: C:\Program Files (x86)\Steam\Steam.exe
- Report Id: 5c975e3c-f4a3-4098-9d79-84e373b5592f
- Faulting package full name:
- Faulting package-relative application ID:
- Error: (02/06/2018 03:18:38 AM) (Source: MSDTC Client 2) (EventID: 4104) (User: )
- Description: Failed trying to get the state of the cluster node: .The error code returned: 0x8007085A
- Error: (02/06/2018 03:18:28 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
- Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupModificationEvent" whose target class "WSP_ReplicationGroupModificationEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
- Error: (02/06/2018 03:18:28 AM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
- Description: Event provider wsp_sr attempted to register query "select * from WSP_ReplicationGroupDepartureEvent" whose target class "WSP_ReplicationGroupDepartureEvent" in //./root/Microsoft/Windows/Storage/Providers_v2 namespace does not exist. The query will be ignored.
- System errors:
- =============
- Error: (02/22/2018 06:51:35 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
- Description: 4
- Error: (02/22/2018 05:56:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SLT3MLQ)
- Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
- {D63B10C5-BB46-4990-A94F-E40B9D520160}
- and APPID
- {9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
- to the user DESKTOP-SLT3MLQ\Louis SID (S-1-5-21-539143927-845453629-1290894029-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
- Error: (02/22/2018 05:48:18 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 8:45:53 AM on ‎2/‎22/‎2018 was unexpected.
- Error: (02/22/2018 05:47:47 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 16) (User: NT AUTHORITY)
- Description: 3221226513A fatal error occurred processing the restoration data.
- Error: (02/22/2018 01:48:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Group Policy Client service failed to start due to the following error:
- The service did not respond to the start or control request in a timely fashion.
- Error: (02/22/2018 01:48:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the Group Policy Client service to connect.
- Error: (02/22/2018 01:48:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Computer Browser service failed to start due to the following error:
- The service did not respond to the start or control request in a timely fashion.
- Error: (02/22/2018 01:48:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Browser service to connect.
- Windows Defender:
- ===================================
- Date: 2018-02-22 01:58:05.942
- Description:
- Windows Defender Antivirus scan has been stopped before completion.
- Scan ID: {C63E3502-AEA7-41DB-820F-1F9F95320297}
- Scan Type: Antimalware
- Scan Parameters: Quick Scan
- Date: 2018-02-19 10:36:54.957
- Description:
- Windows Defender Antivirus scan has been stopped before completion.
- Scan ID: {55497EBD-6E2A-4909-9792-9E70F66BFD1D}
- Scan Type: Antimalware
- Scan Parameters: Quick Scan
- Date: 2018-02-18 23:21:12.542
- Description:
- Windows Defender Antivirus scan has been stopped before completion.
- Scan ID: {A71C0055-AD89-4195-83E1-6BCF99E39D30}
- Scan Type: Antimalware
- Scan Parameters: Quick Scan
- Date: 2018-02-18 22:47:23.498
- Description:
- Windows Defender Antivirus scan has been stopped before completion.
- Scan ID: {826A06F4-643A-4E38-B774-641A2FF1A6CA}
- Scan Type: Antimalware
- Scan Parameters: Quick Scan
- Date: 2018-02-17 19:41:22.836
- Description:
- Windows Defender Antivirus scan has been stopped before completion.
- Scan ID: {0F46042C-1B3C-424C-BA59-572D3A21AD1E}
- Scan Type: Antimalware
- Scan Parameters: Quick Scan
- Date: 2018-02-15 01:27:34.694
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.261.1202.0
- Update Source: Microsoft Update Server
- Signature Type: AntiVirus
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.14500.5
- Error code: 0x80240016
- Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
- Date: 2018-02-11 11:16:05.468
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.261.1025.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: AntiVirus
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.14500.5
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- Date: 2018-02-11 11:16:05.468
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 118.2.0.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: Network Inspection System
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 2.1.14202.0
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- Date: 2018-02-11 11:16:05.461
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.261.1025.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: AntiVirus
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.14500.5
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- Date: 2018-02-11 11:16:05.460
- Description:
- Windows Defender Antivirus has encountered an error trying to update signatures.
- New Signature Version:
- Previous Signature Version: 1.261.1025.0
- Update Source: Microsoft Malware Protection Center
- Signature Type: AntiSpyware
- Update Type: Full
- Current Engine Version:
- Previous Engine Version: 1.1.14500.5
- Error code: 0x80072ee7
- Error description: The server name or address could not be resolved
- CodeIntegrity:
- ===================================
- Date: 2018-02-22 00:44:53.371
- Description:
- Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
- ==================== Memory info ===========================
- Processor: AMD A6-3650 APU with Radeon(tm) HD Graphics
- Percentage of memory in use: 39%
- Total physical RAM: 8178.42 MB
- Available physical RAM: 4947.07 MB
- Total Virtual: 10096.42 MB
- Available Virtual: 6122.25 MB
- ==================== Drives ================================
- Drive c: (New Volume) (Fixed) (Total:698.18 GB) (Free:619.67 GB) NTFS ==>[drive with boot components (obtained from BCD)]
- Drive d: (J_CCSA_X64FRE_EN-US_DV5) (CDROM) (Total:4.15 GB) (Free:0 GB) UDF
- \\?\Volume{63791805-0000-0000-0000-508bae000000}\ () (Fixed) (Total:0.46 GB) (Free:0.08 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 63791805)
- Partition 1: (Active) - (Size=698.2 GB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=469 MB) - (Type=27)
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement