API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 19th, 2020
125
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 43.13 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
  2. Ran by Prize-02 (19-03-2020 17:12:47)
  3. Running from D:\AAADown7
  4. Windows 7 Ultimate Service Pack 1 (X64) (2016-10-18 16:33:23)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. 2nd Admin Test User (S-1-5-21-3514852469-3404283315-88258209-1010 - Administrator - Enabled)
  12. Administrator (S-1-5-21-3514852469-3404283315-88258209-500 - Administrator - Enabled)
  13. Guest (S-1-5-21-3514852469-3404283315-88258209-501 - Limited - Disabled)
  14. Prize-02 (S-1-5-21-3514852469-3404283315-88258209-1000 - Administrator - Enabled) => C:\Users\Prize-02
  15.  
  16. ==================== Security Center ========================
  17.  
  18. (If an entry is included in the fixlist, it will be removed.)
  19.  
  20. AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
  21. AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
  22. AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  23.  
  24. ==================== Installed Programs ======================
  25.  
  26. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  27.  
  28. 123 Free Solitaire v11.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
  29. 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
  30. Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.330 - Adobe)
  31. Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.321 - Adobe)
  32. ANT Drivers Installer x64 (HKLM\...\{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
  33. AppLogLibSetup (HKLM-x32\...\{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F}) (Version: 1.0.2.0 - Brother Industries Ltd.) Hidden
  34. Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 7.0.24.0 - Auslogics Labs Pty Ltd)
  35. Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
  36. BrLauncher (HKLM-x32\...\{9483AB22-92AA-4161-9E79-DE77B71949DA}) (Version: 1.1.6.0 - Brother Industries Ltd.) Hidden
  37. BrLogRx (HKLM-x32\...\{E9A086F3-E0CB-4E91-AABE-586D99788BC3}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
  38. BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
  39. BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
  40. BurnAware Free 12.8 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
  41. CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP)
  42. Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
  43. ClipMate 7 (HKLM-x32\...\{2E924A2A-8FBC-4C84-8A3A-63FB386C9A29}_is1) (Version: 7 - Thornsoft Development, Inc.)
  44. ControlCenter4 CSDK (HKLM-x32\...\{1BAE50D4-5F2A-4E34-BD81-B4555109F7C2}) (Version: 4.2.3.1 - Brother Insutries Ltd.) Hidden
  45. DeskPins (HKLM-x32\...\DeskPins) (Version: 1.32 - Elias Fotinis)
  46. Desktop Restore version 1.7.0 (HKLM\...\{DBD4F07A-7607-4A4F-A46C-6AA399E06E38}_is1) (Version: 1.7.0 - Jamie O'Connell)
  47. DeviceDetect (HKLM-x32\...\{0B226409-96A6-47F0-84D8-89223B6F9479}) (Version: 1.0.3.4 - Brother Industries Ltd.) Hidden
  48. DS Clock (HKLM-x32\...\DS Clock_is1) (Version: 2.6.3 - Duality Software)
  49. EaseUS Partition Master 13.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
  50. Elevated Installer (HKLM-x32\...\{486DCE02-1FB0-4962-9CB3-4265F2D49126}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
  51. EndItAll 2.0 (HKLM-x32\...\EndItAll_is1) (Version: 2.0 - Ziff Davis Media, Inc.)
  52. FontExpert 2019 Font Manager (HKLM\...\FontExpert 2019) (Version: 16.0.0.4 - Proxima Software)
  53. FoxArc Screen Capture V1.4 (HKLM-x32\...\FoxArc Screen Capture) (Version: - )
  54. Foxit Reader 5.1 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
  55. Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
  56. Glary Utilities 5.135 (HKLM-x32\...\Glary Utilities 5) (Version: 5.135.0.161 - Glarysoft Ltd)
  57. GlassWire 2.1 (remove only) (HKLM-x32\...\GlassWire 2.1) (Version: 2.1.167 - SecureMix LLC)
  58. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
  59. Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
  60. HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
  61. Intel Driver && Support Assistant (HKLM-x32\...\{4DF3098D-2A9A-46DF-8B8C-9DD31D319739}) (Version: 20.2.9.6 - Intel) Hidden
  62. Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
  63. Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
  64. IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
  65. Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.0000 - Jasc Software Inc)
  66. Jasc Paint Shop Pro 8.10 Update Patch (HKLM-x32\...\Jasc Paint Shop Pro 8.10 Update Patch) (Version: - )
  67. Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.4.2.0 - KarenWare.com)
  68. Karen's Replicator (HKLM-x32\...\Karen's Replicator) (Version: 3.7.4.0 - KarenWare.com)
  69. Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7230) - Logitech Inc..)
  70. Macrium Reflect Free Edition (HKLM\...\{D59877C2-0B8F-4ACC-AD29-C710FA69DBD0}) (Version: 7.2.4325 - Paramount Software (UK) Ltd.) Hidden
  71. Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
  72. Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean)
  73. Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
  74. Microangelo 5.0 (HKLM-x32\...\Microangelo 5.0) (Version: - )
  75. Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
  76. Microsoft Calculator Plus (HKLM-x32\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
  77. Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
  78. Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
  79. Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  80. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
  81. Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  82. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
  83. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  84. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  85. Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
  86. Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
  87. Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
  88. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
  89. Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
  90. Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
  91. Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
  92. Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
  93. Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
  94. Mozilla Firefox 52.9.0 ESR (x64 en-US) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x64 en-US)) (Version: 52.9.0 - Mozilla)
  95. Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
  96. MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
  97. MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
  98. NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
  99. Neverball 1.5.4 (HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\Neverball) (Version: 1.5.4 - )
  100. OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
  101. Opera Stable 58.0.3135.132 (HKLM-x32\...\Opera 58.0.3135.132) (Version: 58.0.3135.132 - Opera Software)
  102. PC-FAXReceive (HKLM-x32\...\{8DB92891-74BB-464E-BCF8-6D6A9C2132AC}) (Version: 1.3.8.0 - Brother Insutries Ltd.) Hidden
  103. Pixie (HKLM-x32\...\Pixie) (Version: - )
  104. Postimage version 1.0.1 (HKLM-x32\...\{B8BAF53F-4680-44A4-AF64-9934F924676B}_is1) (Version: 1.0.1 - Postimage)
  105. PowerPoint Viewer 2.0 (HKLM-x32\...\PowerPoint Viewer 2.0) (Version: - )
  106. qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
  107. Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
  108. Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
  109. Registry Workshop (HKLM\...\Registry Workshop) (Version: - )
  110. RemoteSetup (HKLM-x32\...\{B6CE4633-EA3F-4856-9BCC-9B8702E076FE}) (Version: 3.8.0.0 - Brother Industries Ltd.) Hidden
  111. Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
  112. ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
  113. Screenpic 0.15.2 (HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\Screenpic) (Version: 0.15.2 - screenpic.net)
  114. Skype version 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
  115. SoundingBox (HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\SoundingBox) (Version: 1.0.43 - SoundingBox)
  116. StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
  117. Sticky Password 8.2.3.24 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
  118. Super DX-Ball v1.00 (HKLM-x32\...\Super DX-Ball_is1) (Version: 1.0 - BlitWise Productions, LLC)
  119. Super Finder XT 1.6.3.2 (HKLM-x32\...\Super Finder XT_is1) (Version: - FSL - FreeSoftLand)
  120. The Print Shop (HKLM-x32\...\{FB26EA24-AE01-4C86-BEBC-424D5B81E66E}) (Version: - Broderbund LLC)
  121. TreeComp 4.0 b57 (x64) (HKLM\...\{482B2DF4-C161-45A2-947C-834FB5BEB432}_is1) (Version: - Lennert Ploeger)
  122. Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.5.9 - CrystalIDEA Software)
  123. Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
  124. Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
  125. UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
  126. Userfeel 1.4.22 (HKLM-x32\...\{2bfdce5e-c78c-59b9-91ca-79fa2c7b233c}) (Version: 1.4.22 - Userfeel)
  127. UserTesting (HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\UserTestingPlugin) (Version: - UserTesting.com)
  128. Virtual Magnifying Glass v3.6 (HKLM-x32\...\Virtual Magnifying Glass_is1) (Version: - )
  129. VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
  130. Waterfox Classic 56.3 (x64 en-US) (HKLM\...\Waterfox Classic 56.3 (x64 en-US)) (Version: 56.3 - Waterfox Ltd)
  131. Win Driver Backup 8.8.1 (HKLM-x32\...\Win Driver Backup_is1) (Version: - WinDriverBackup Co., Ltd.)
  132. Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
  133. Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
  134. WizTree v3.15 (HKLM\...\WizTree_is1) (Version: - Antibody Software)
  135. WordWeb (HKLM-x32\...\WordWeb) (Version: 8 - WordWeb Software)
  136. Youtube Downloader HD v. 2.9.9.41 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
  137. ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.023.18219 - Check Point)
  138.  
  139. ==================== Custom CLSID (Whitelisted): ==============
  140.  
  141. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  142.  
  143. CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
  144. CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Prize-02\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
  145. CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
  146. CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
  147. CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
  148. CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Prize-02\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
  149. CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
  150. CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
  151. ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
  152. ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
  153. ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
  154. ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
  155. ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
  156. ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-08-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
  157. ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
  158. ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-08-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
  159. ContextMenuHandlers3-x32: [MicroangeloMenu] -> {616c1f06-bad8-11d2-b355-00104b642749} => C:\Windows\SysWOW64\muangsys.dll [2000-09-11] () [File not signed]
  160. ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
  161. ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
  162. ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
  163. ContextMenuHandlers5: [DeskMenu] -> {7E74422F-2393-11D4-98E0-444553540000} => C:\Program Files\Desktop Restore\dkticnsr.dll [2016-11-04] (Jamie O'Connell) [File not signed]
  164. ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => C:\Program Files\Windows Sidebar\sbdrop.dll -> No File
  165. ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-01-27] (Intel Corporation) [File not signed]
  166. ContextMenuHandlers6-x32: [IconLayout] -> {19F500E0-9964-11cf-B63D-08002B317C03} => Layout.dll -> No File
  167. ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
  168. ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
  169.  
  170. ==================== Codecs (Whitelisted) ====================
  171.  
  172. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  173.  
  174. HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [398360 2009-10-07] (Logitech Inc -> Logitech Inc.)
  175. HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2009-10-07] (Logitech Inc -> Logitech Inc.)
  176.  
  177. ==================== Shortcuts & WMI ========================
  178.  
  179. (The entries could be listed to be restored or removed.)
  180.  
  181. ShortcutWithArgument: C:\Users\Prize-02\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3fbb4eed9afddb3b\UserLook Recorder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=neimnkpjllmhbfkghkmmajadlicnpjej
  182. ShortcutWithArgument: C:\Users\Prize-02\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\147e4e90521dcb32\Google Chrome.lnk -> C:\Users\Prize-02\AppData\Local\Google\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
  183.  
  184. ==================== Loaded Modules (Whitelisted) =============
  185.  
  186. 2019-10-19 01:03 - 2019-09-02 13:51 - 001398272 _____ () [File not signed] C:\Program Files (x86)\Sticky Password\DLLs\_hashlib.pyd
  187. 2019-07-14 22:36 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zipx64\7-zip.dll
  188. 2011-01-27 09:23 - 2011-01-27 09:23 - 000109056 _____ (Intel Corporation) [File not signed] C:\Windows\system32\hccutils.DLL
  189. 2011-01-27 09:24 - 2011-01-27 09:24 - 000335872 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxpph.dll
  190. 2011-01-27 09:22 - 2011-01-27 09:22 - 000285696 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxrENU.lrc
  191. 2017-08-13 08:49 - 2017-08-13 08:49 - 000760632 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer32.dll
  192. 2017-08-13 08:49 - 2017-08-13 08:49 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
  193. 2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
  194. 2017-02-20 23:44 - 2016-11-04 20:06 - 000521728 _____ (Jamie O'Connell) [File not signed] C:\Program Files\Desktop Restore\dkticnsr.dll
  195. 2009-07-13 19:55 - 2009-07-13 21:40 - 000053248 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Windows\System32\AltTab.dll
  196.  
  197. ==================== Alternate Data Streams (Whitelisted) ========
  198.  
  199. (If an entry is included in the fixlist, only the ADS will be removed.)
  200.  
  201. AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
  202. AlternateDataStreams: C:\ProgramData\TEMP:B0D4D817 [85]
  203.  
  204. ==================== Safe Mode (Whitelisted) ==================
  205.  
  206. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  207.  
  208. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
  209. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
  210.  
  211. ==================== Association (Whitelisted) =================
  212.  
  213. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  214.  
  215. HKU\S-1-5-21-3514852469-3404283315-88258209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
  216.  
  217. ==================== Internet Explorer trusted/restricted ==========
  218.  
  219. (If an entry is included in the fixlist, it will be removed from the registry.)
  220.  
  221. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\008i.com -> 008i.com
  222. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\008k.com -> 008k.com
  223. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\00hq.com -> 00hq.com
  224. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0190-dialers.com -> 0190-dialers.com
  225. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\01i.info -> 01i.info
  226. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
  227. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0411dd.com -> 0411dd.com
  228. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0511zfhl.com -> 0511zfhl.com
  229. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\05p.com -> 05p.com
  230. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0632qyw.com -> 0632qyw.com
  231. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
  232. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
  233. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
  234. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0calories.net -> 0calories.net
  235. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0cj.net -> 0cj.net
  236. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0scan.com -> 0scan.com
  237. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
  238. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
  239. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\1-se.com -> 1-se.com
  240. IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\1001movie.com -> 1001movie.com
  241.  
  242. There are 6091 more sites.
  243.  
  244.  
  245. ==================== Hosts content: =========================
  246.  
  247. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  248.  
  249. 2009-07-13 22:34 - 2019-01-04 04:57 - 000002303 _____ C:\Windows\system32\drivers\etc\hosts
  250. 127.0.0.1 216.146.219.225
  251. 127.0.0.1 www.thornsoft.com
  252. 127.0.0.1 thornsoft.com
  253. 127.0.0.1 76.75.211.2
  254. 127.0.0.1 216.146.195.24
  255. 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
  256. 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
  257. 0.0.0.0 media.opencandy.com
  258. 0.0.0.0 cdn.opencandy.com
  259. 0.0.0.0 tracking.opencandy.com
  260. 0.0.0.0 api.opencandy.com
  261. 0.0.0.0 api.recommendedsw.com
  262. 0.0.0.0 rp.yefeneri2.com
  263. 0.0.0.0 os.yefeneri2.com
  264. 0.0.0.0 os2.yefeneri2.com
  265. 0.0.0.0 installer.betterinstaller.com
  266. 0.0.0.0 installer.filebulldog.com
  267. 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
  268. 0.0.0.0 inno.bisrv.com
  269. 0.0.0.0 nsis.bisrv.com
  270. 0.0.0.0 cdn.file2desktop.com
  271. 0.0.0.0 cdn.goateastcach.us
  272. 0.0.0.0 cdn.guttastatdk.us
  273. 0.0.0.0 cdn.inskinmedia.com
  274. 0.0.0.0 cdn.insta.oibundles2.com
  275. 0.0.0.0 cdn.insta.playbryte.com
  276. 0.0.0.0 cdn.llogetfastcach.us
  277. 0.0.0.0 cdn.montiera.com
  278. 0.0.0.0 cdn.msdwnld.com
  279. 0.0.0.0 cdn.mypcbackup.com
  280.  
  281. ==================== Other Areas ===========================
  282.  
  283. (Currently there is no automatic fix for this section.)
  284.  
  285. HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
  286. HKU\S-1-5-21-3514852469-3404283315-88258209-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Prize-02\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
  287. DNS Servers: 192.168.1.1
  288. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  289. mpsdrv => Firewall Service is not running.
  290. MpsSvc => Firewall Service is not running.
  291.  
  292. ==================== MSCONFIG/TASK MANAGER disabled items ==
  293.  
  294. (If an entry is included in the fixlist, it will be removed.)
  295.  
  296. MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
  297. MSCONFIG\Services: AudioEndpointBuilder => 2
  298. MSCONFIG\Services: bthserv => 3
  299. MSCONFIG\Services: DigitalWave.Update.Service => 2
  300. MSCONFIG\Services: DSClockSyncTime => 2
  301. MSCONFIG\Services: Fax => 3
  302. MSCONFIG\Services: Freemake Improver => 3
  303. MSCONFIG\Services: gupdate => 2
  304. MSCONFIG\Services: gupdatem => 3
  305. MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
  306. MSCONFIG\Services: jhi_service => 2
  307. MSCONFIG\Services: LMS => 2
  308. MSCONFIG\Services: MacriumService => 3
  309. MSCONFIG\Services: TomTomHOMEService => 2
  310. MSCONFIG\Services: WSearch => 3
  311. MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dashlane 4.6.8.lnk => C:\Windows\pss\Dashlane 4.6.8.lnk.Startup
  312. MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DS Clock.lnk => C:\Windows\pss\DS Clock.lnk.Startup
  313. MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^dsclock.exe - Shortcut.lnk => C:\Windows\pss\dsclock.exe - Shortcut.lnk.Startup
  314. MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DuckCapture.lnk => C:\Windows\pss\DuckCapture.lnk.Startup
  315. MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PTReplicator.exe - Shortcut.lnk => C:\Windows\pss\PTReplicator.exe - Shortcut.lnk.Startup
  316. MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sticky Password.lnk => C:\Windows\pss\Sticky Password.lnk.Startup
  317. MSCONFIG\startupreg: BrHelp => /AUTORUN
  318. MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
  319. MSCONFIG\startupreg: Flvto Youtube Downloader => "C:\program files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe" /minimize
  320. MSCONFIG\startupreg: GarminExpress => "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
  321. MSCONFIG\startupreg: Google Update => C:\Users\Prize-02\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
  322. MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
  323. MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
  324. MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
  325. MSCONFIG\startupreg: MP3 Skype recorder => C:\Users\Prize-02\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
  326. MSCONFIG\startupreg: Reflect UI => C:\Program Files\Macrium\Common\ReflectUI.exe
  327. MSCONFIG\startupreg: Screenpic => C:\Users\Prize-02\AppData\Local\Screenpic\screenpic.exe
  328.  
  329. ==================== FirewallRules (Whitelisted) ================
  330.  
  331. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  332.  
  333. FirewallRules: [{AB90B65B-A506-4786-82FD-AE9833C56725}] => (Allow) C:\Program Files\Opera\46.0.2597.39\opera.exe No File
  334. FirewallRules: [{093DF395-B22A-46EA-83AE-4C186FC5C8DE}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) [File not signed]
  335. FirewallRules: [{7BA806F8-A9F3-4155-8112-65BB26837E75}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) [File not signed]
  336. FirewallRules: [TCP Query User{04195A8B-DDD5-4DDE-97F6-3204C3FD7960}C:\program files (x86)\logitech\vid hd\vid.exe] => (Block) C:\program files (x86)\logitech\vid hd\vid.exe (Logitech Inc.) [File not signed]
  337. FirewallRules: [UDP Query User{45044EAF-5C9B-4E30-BCF1-72D9A2C096A7}C:\program files (x86)\logitech\vid hd\vid.exe] => (Block) C:\program files (x86)\logitech\vid hd\vid.exe (Logitech Inc.) [File not signed]
  338. FirewallRules: [TCP Query User{080ED42F-4AD2-461B-8403-DFDA1AE5E8CF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe No File
  339. FirewallRules: [UDP Query User{F7CE58FD-922F-4798-8AB1-09025264E88A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe No File
  340. FirewallRules: [{9830D275-C496-4DBC-A119-A209E445F56A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
  341. FirewallRules: [{118DCC68-9BB5-4F08-8C8B-E4F81518002C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
  342. FirewallRules: [{2DFA463E-959D-42E3-9836-ED22FEAA865B}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe No File
  343. FirewallRules: [{B6FC53CF-A747-4D00-884F-49BBF7EBD3ED}] => (Allow) C:\Program Files\Opera\58.0.3135.132\opera.exe (Opera Software AS -> Opera Software)
  344. FirewallRules: [{935E9603-7A40-4D3E-8C06-0B2F229AF740}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe No File
  345. FirewallRules: [{A5990DAF-4B39-4277-A14F-31293FC1CAF9}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe No File
  346. FirewallRules: [TCP Query User{7C57BC3B-4CF2-48C8-88F7-355A8B3AB4CA}C:\program files\alive\messaging\java\jre7\bin\java.exe] => (Allow) C:\program files\alive\messaging\java\jre7\bin\java.exe No File
  347. FirewallRules: [UDP Query User{E21AD07B-0D6C-49CC-90BF-F6DB44347B7E}C:\program files\alive\messaging\java\jre7\bin\java.exe] => (Allow) C:\program files\alive\messaging\java\jre7\bin\java.exe No File
  348. FirewallRules: [TCP Query User{2B6CD48F-EB1D-4C25-93C7-F4064767632A}C:\program files\alive\bin\alive\alive.exe] => (Allow) C:\program files\alive\bin\alive\alive.exe No File
  349. FirewallRules: [UDP Query User{C4CCE142-8D6B-4764-8CDD-4A8E2577B911}C:\program files\alive\bin\alive\alive.exe] => (Allow) C:\program files\alive\bin\alive\alive.exe No File
  350. FirewallRules: [{F3A2F3C3-FEDF-486D-AFCB-FF049F40A991}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
  351. FirewallRules: [{E109C321-1DB7-4734-8191-FB3302D62359}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
  352. FirewallRules: [TCP Query User{DBCE8178-BB12-42DC-BE11-3C4C8B8AEB1F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
  353. FirewallRules: [UDP Query User{4A0C859B-B0A9-41D8-9333-83E836BE2D11}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
  354. FirewallRules: [{4A7B67D9-2C64-410C-9B50-0AED05F62852}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
  355. FirewallRules: [{0E302442-818E-4A8C-B75E-FB5AB7D0A00B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
  356. FirewallRules: [{A8E509C0-1B49-4AB0-90EE-27AFA79DA91D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  357. FirewallRules: [{1AA7D377-A724-49FF-AB8B-A453AFB88D81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
  358. FirewallRules: [{2A6D41D4-2EC8-4D38-9EAC-DA24D3BE46AD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
  359. FirewallRules: [{8CC1FB75-ED14-4AE3-87B2-B25EDB0DBC59}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
  360.  
  361. ==================== Restore Points =========================
  362.  
  363. 18-02-2020 03:29:13 Scheduled Checkpoint
  364. 19-02-2020 00:01:10 Revo Uninstaller's restore point - Google Chrome
  365. 26-02-2020 03:53:59 Scheduled Checkpoint
  366. 01-03-2020 13:39:29 Revo Uninstaller's restore point - Revo Uninstaller 2.1.0
  367. 03-03-2020 12:42:54 Removed service pack backup files
  368. 12-03-2020 03:33:33 Scheduled Checkpoint
  369. 14-03-2020 15:01:22 Restore Operation
  370. 14-03-2020 21:17:51 Windows Update
  371. 15-03-2020 14:47:33 Restore Operation
  372. 15-03-2020 15:17:38 Revo Uninstaller's restore point - Bitdefender Agent
  373. 15-03-2020 15:19:27 Revo Uninstaller's restore point - Bitdefender Antivirus Free
  374. 15-03-2020 15:23:06 Revo Uninstaller's restore point - Bitdefender Agent
  375. 15-03-2020 15:35:09 Restore Operation
  376. 15-03-2020 15:54:51 Revo Uninstaller's restore point - High-Logic MainType 9
  377. 15-03-2020 23:09:15 Windows Update
  378. 15-03-2020 23:26:36 Intel® Driver & Support Assistant
  379. 15-03-2020 23:28:06 Intel® Driver & Support Assistant
  380. 15-03-2020 23:28:58 Intel® Driver & Support Assistant
  381. 16-03-2020 03:01:24 Windows Update
  382. 17-03-2020 03:00:13 Windows Update
  383. 17-03-2020 03:37:43 Removed service pack backup files
  384.  
  385. ==================== Faulty Device Manager Devices ============
  386.  
  387.  
  388. ==================== Event log errors: ========================
  389.  
  390. Application errors:
  391. ==================
  392. Error: (03/19/2020 05:11:29 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
  393. Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x80070005, Failed to add Gather Application: Windows>.
  394.  
  395. Error: (03/19/2020 05:11:29 PM) (Source: Windows Search Service) (EventID: 3030) (User: )
  396. Description: The gatherer service cannot be initialized.
  397.  
  398. Details:
  399. The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (HRESULT : 0x80070660) (0x80070660)
  400.  
  401. Error: (03/19/2020 05:09:29 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
  402. Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x80070005, Failed to add Gather Application: Windows>.
  403.  
  404. Error: (03/19/2020 05:09:29 PM) (Source: Windows Search Service) (EventID: 3030) (User: )
  405. Description: The gatherer service cannot be initialized.
  406.  
  407. Details:
  408. The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (HRESULT : 0x80070660) (0x80070660)
  409.  
  410. Error: (03/19/2020 05:09:03 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
  411. Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x80070005, Failed to add Gather Application: Windows>.
  412.  
  413. Error: (03/19/2020 05:09:03 PM) (Source: Windows Search Service) (EventID: 3030) (User: )
  414. Description: The gatherer service cannot be initialized.
  415.  
  416. Details:
  417. The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (HRESULT : 0x80070660) (0x80070660)
  418.  
  419. Error: (03/19/2020 05:08:54 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
  420. Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x80070005, Failed to add Gather Application: Windows>.
  421.  
  422. Error: (03/19/2020 05:08:54 PM) (Source: Windows Search Service) (EventID: 3030) (User: )
  423. Description: The gatherer service cannot be initialized.
  424.  
  425. Details:
  426. The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (HRESULT : 0x80070660) (0x80070660)
  427.  
  428.  
  429. System errors:
  430. =============
  431. Error: (03/19/2020 05:11:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
  432. Description: The Windows Search service terminated unexpectedly. It has done this 164 time(s).
  433.  
  434. Error: (03/19/2020 05:11:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
  435. Description: The Windows Search service terminated with the following error:
  436. Access is denied.
  437.  
  438. Error: (03/19/2020 05:09:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
  439. Description: The Windows Search service terminated unexpectedly. It has done this 163 time(s).
  440.  
  441. Error: (03/19/2020 05:09:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
  442. Description: The Windows Search service terminated with the following error:
  443. Access is denied.
  444.  
  445. Error: (03/19/2020 05:09:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
  446. Description: The Windows Search service terminated unexpectedly. It has done this 162 time(s).
  447.  
  448. Error: (03/19/2020 05:09:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
  449. Description: The Windows Search service terminated with the following error:
  450. Access is denied.
  451.  
  452. Error: (03/19/2020 05:08:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
  453. Description: The Windows Search service terminated unexpectedly. It has done this 161 time(s).
  454.  
  455. Error: (03/19/2020 05:08:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
  456. Description: The Windows Search service terminated with the following error:
  457. Access is denied.
  458.  
  459.  
  460. Windows Defender:
  461. ===================================
  462. Date: 2020-02-10 18:58:42.714
  463. Description:
  464. Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
  465. Signatures Attempted:Current
  466. Error Code:0x80070003
  467. Error description:The system cannot find the path specified.
  468. Signature version:0.0.0.0
  469. Engine version:0.0.0.0
  470.  
  471. Date: 2018-12-12 12:53:35.302
  472. Description:
  473. Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
  474. Signatures Attempted:Current
  475. Error Code:0x80070003
  476. Error description:The system cannot find the path specified.
  477. Signature version:0.0.0.0
  478. Engine version:0.0.0.0
  479.  
  480. Date: 2017-11-14 04:24:13.684
  481. Description:
  482. Windows Defender scan has encountered an error and terminated.
  483. Scan ID:{970A6A1D-EB5B-4ECC-831C-301650E747B8}
  484. Scan Type:AntiSpyware
  485. Scan Parameters:Quick Scan
  486. Error Code:0x8050800d
  487. Error description:Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
  488.  
  489. Date: 2017-11-12 02:12:41.755
  490. Description:
  491. Windows Defender scan has encountered an error and terminated.
  492. Scan ID:{7315331A-5751-4CE2-AB86-6696C826E020}
  493. Scan Type:AntiSpyware
  494. Scan Parameters:Quick Scan
  495. Error Code:0x8050800d
  496. Error description:Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
  497.  
  498. Date: 2017-11-01 02:25:00.253
  499. Description:
  500. Windows Defender scan has encountered an error and terminated.
  501. Scan ID:{A81D721F-C94D-422D-983D-D86037D3F733}
  502. Scan Type:AntiSpyware
  503. Scan Parameters:Quick Scan
  504. Error Code:0x8050800d
  505. Error description:Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
  506.  
  507. CodeIntegrity:
  508. ===================================
  509.  
  510. Date: 2020-03-14 21:00:09.210
  511. Description:
  512. Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  513.  
  514. Date: 2020-03-14 21:00:08.602
  515. Description:
  516. Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
  517.  
  518. ==================== Memory info ===========================
  519.  
  520. BIOS: AMI 7.16 10/05/2011
  521. Motherboard: PEGATRON CORPORATION 2AC2
  522. Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
  523. Percentage of memory in use: 93%
  524. Total physical RAM: 6050.53 MB
  525. Available physical RAM: 406.89 MB
  526. Total Virtual: 12099.2 MB
  527. Available Virtual: 6700.79 MB
  528.  
  529. ==================== Drives ================================
  530.  
  531. Drive c: (HP_SYSPROG) (Fixed) (Total:159.47 GB) (Free:76.46 GB) NTFS
  532. Drive d: (HP_DATA) (Fixed) (Total:73.25 GB) (Free:52.37 GB) NTFS
  533. Drive j: (CANONCAMERA) (Removable) (Total:1.83 GB) (Free:1.83 GB) FAT
  534. Drive s: (GOLDFISH) (Removable) (Total:3.74 GB) (Free:2.28 GB) FAT32
  535.  
  536. \\?\Volume{6343aacb-9589-11e6-a6d3-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
  537.  
  538. ==================== MBR & Partition Table ====================
  539.  
  540. ==========================================================
  541. Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.8 GB) (Disk ID: 89798979)
  542. Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
  543. Partition 2: (Not Active) - (Size=159.5 GB) - (Type=07 NTFS)
  544. Partition 3: (Not Active) - (Size=73.2 GB) - (Type=0F Extended)
  545.  
  546. ==========================================================
  547. Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)
  548.  
  549. Partition: GPT.
  550.  
  551. ==========================================================
  552. Disk: 3 (MBR Code: Windows 7/8/10) (Size: 3.7 GB) (Disk ID: 002894EA)
  553. Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
  554.  
  555. ==================== End of Addition.txt =======================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!