Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2020
- Ran by Prize-02 (19-03-2020 17:12:47)
- Running from D:\AAADown7
- Windows 7 Ultimate Service Pack 1 (X64) (2016-10-18 16:33:23)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- 2nd Admin Test User (S-1-5-21-3514852469-3404283315-88258209-1010 - Administrator - Enabled)
- Administrator (S-1-5-21-3514852469-3404283315-88258209-500 - Administrator - Enabled)
- Guest (S-1-5-21-3514852469-3404283315-88258209-501 - Limited - Disabled)
- Prize-02 (S-1-5-21-3514852469-3404283315-88258209-1000 - Administrator - Enabled) => C:\Users\Prize-02
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
- AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
- AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- 123 Free Solitaire v11.0 (HKLM-x32\...\123 Free Solitaire_is1) (Version: - TreeCardGames)
- 7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
- Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.330 - Adobe)
- Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.321 - Adobe)
- ANT Drivers Installer x64 (HKLM\...\{6AE0802A-390F-4A82-B58B-A7F37F1FD82E}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
- AppLogLibSetup (HKLM-x32\...\{7C40ADB8-AD6E-4CDF-94A1-06ACDC99F90F}) (Version: 1.0.2.0 - Brother Industries Ltd.) Hidden
- Auslogics Duplicate File Finder (HKLM-x32\...\{6845255F-15CC-4DD1-94D5-D38F370118B3}_is1) (Version: 7.0.24.0 - Auslogics Labs Pty Ltd)
- Belarc Advisor 9.0 (HKLM-x32\...\Belarc Advisor) (Version: 9.0.0.0 - Belarc Inc.)
- BrLauncher (HKLM-x32\...\{9483AB22-92AA-4161-9E79-DE77B71949DA}) (Version: 1.1.6.0 - Brother Industries Ltd.) Hidden
- BrLogRx (HKLM-x32\...\{E9A086F3-E0CB-4E91-AABE-586D99788BC3}) (Version: 1.0.1.1 - Brother Industries Ltd.) Hidden
- BrotherHelpInstaller (HKLM-x32\...\{4E461C2A-EC1C-46D1-AF5B-7FEFD0054AF8}) (Version: 1.0.0.0 - Brother) Hidden
- BrSupportTools (HKLM-x32\...\{F8F9EB58-33BA-4FF8-80E7-66D87D2E0C3C}) (Version: 1.0.9.0 - Brother Industries Ltd.) Hidden
- BurnAware Free 12.8 (HKLM-x32\...\BurnAware Free_is1) (Version: - Burnaware)
- CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.7041 - CDBurnerXP)
- Classic Shell (HKLM\...\{CABCE573-0A86-42FA-A52A-C7EA61D5BE08}) (Version: 4.3.1 - IvoSoft)
- ClipMate 7 (HKLM-x32\...\{2E924A2A-8FBC-4C84-8A3A-63FB386C9A29}_is1) (Version: 7 - Thornsoft Development, Inc.)
- ControlCenter4 CSDK (HKLM-x32\...\{1BAE50D4-5F2A-4E34-BD81-B4555109F7C2}) (Version: 4.2.3.1 - Brother Insutries Ltd.) Hidden
- DeskPins (HKLM-x32\...\DeskPins) (Version: 1.32 - Elias Fotinis)
- Desktop Restore version 1.7.0 (HKLM\...\{DBD4F07A-7607-4A4F-A46C-6AA399E06E38}_is1) (Version: 1.7.0 - Jamie O'Connell)
- DeviceDetect (HKLM-x32\...\{0B226409-96A6-47F0-84D8-89223B6F9479}) (Version: 1.0.3.4 - Brother Industries Ltd.) Hidden
- DS Clock (HKLM-x32\...\DS Clock_is1) (Version: 2.6.3 - Duality Software)
- EaseUS Partition Master 13.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
- Elevated Installer (HKLM-x32\...\{486DCE02-1FB0-4962-9CB3-4265F2D49126}) (Version: 6.13.1.0 - Garmin Ltd or its subsidiaries) Hidden
- EndItAll 2.0 (HKLM-x32\...\EndItAll_is1) (Version: 2.0 - Ziff Davis Media, Inc.)
- FontExpert 2019 Font Manager (HKLM\...\FontExpert 2019) (Version: 16.0.0.4 - Proxima Software)
- FoxArc Screen Capture V1.4 (HKLM-x32\...\FoxArc Screen Capture) (Version: - )
- Foxit Reader 5.1 (HKLM-x32\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
- Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
- Glary Utilities 5.135 (HKLM-x32\...\Glary Utilities 5) (Version: 5.135.0.161 - Glarysoft Ltd)
- GlassWire 2.1 (remove only) (HKLM-x32\...\GlassWire 2.1) (Version: 2.1.167 - SecureMix LLC)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 80.0.3987.149 - Google LLC)
- Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
- HowToGuide (HKLM-x32\...\{36580EEB-4EDF-4880-BBD4-097E2C645ECD}) (Version: 1.0.1.0 - Brother Industries Ltd.) Hidden
- Intel Driver && Support Assistant (HKLM-x32\...\{4DF3098D-2A9A-46DF-8B8C-9DD31D319739}) (Version: 20.2.9.6 - Intel) Hidden
- Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
- Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
- IrfanView 4.53 (64-bit) (HKLM\...\IrfanView64) (Version: 4.53 - Irfan Skiljan)
- Jasc Paint Shop Pro 8 (HKLM-x32\...\{81A34902-9D0B-4920-A25C-4CDC5D14B328}) (Version: 8.10.0000 - Jasc Software Inc)
- Jasc Paint Shop Pro 8.10 Update Patch (HKLM-x32\...\Jasc Paint Shop Pro 8.10 Update Patch) (Version: - )
- Karen's Directory Printer (HKLM-x32\...\Karen's Directory Printer) (Version: 5.4.2.0 - KarenWare.com)
- Karen's Replicator (HKLM-x32\...\Karen's Replicator) (Version: 3.7.4.0 - KarenWare.com)
- Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7230) - Logitech Inc..)
- Macrium Reflect Free Edition (HKLM\...\{D59877C2-0B8F-4ACC-AD29-C710FA69DBD0}) (Version: 7.2.4325 - Paramount Software (UK) Ltd.) Hidden
- Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 7.2 - Paramount Software (UK) Ltd.)
- Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.13 - Magical Jelly Bean)
- Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes)
- Microangelo 5.0 (HKLM-x32\...\Microangelo 5.0) (Version: - )
- Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
- Microsoft Calculator Plus (HKLM-x32\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
- Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
- Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
- Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
- Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
- Microsoft Web Publishing Wizard 1.52 (HKLM-x32\...\WebPost) (Version: - )
- Mozilla Firefox 52.9.0 ESR (x64 en-US) (HKLM\...\Mozilla Firefox 52.9.0 ESR (x64 en-US)) (Version: 52.9.0 - Mozilla)
- Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
- MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
- NetworkRepairTool (HKLM-x32\...\{4694AD3E-D4A2-4D98-9848-662A0475E872}) (Version: 1.2.11.0 - Brother Insutries Ltd.) Hidden
- Neverball 1.5.4 (HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\Neverball) (Version: 1.5.4 - )
- OpenOffice 4.1.3 (HKLM-x32\...\{EEA30AEB-8BA7-465B-85D4-098BB99733E7}) (Version: 4.13.9783 - Apache Software Foundation)
- Opera Stable 58.0.3135.132 (HKLM-x32\...\Opera 58.0.3135.132) (Version: 58.0.3135.132 - Opera Software)
- PC-FAXReceive (HKLM-x32\...\{8DB92891-74BB-464E-BCF8-6D6A9C2132AC}) (Version: 1.3.8.0 - Brother Insutries Ltd.) Hidden
- Pixie (HKLM-x32\...\Pixie) (Version: - )
- Postimage version 1.0.1 (HKLM-x32\...\{B8BAF53F-4680-44A4-AF64-9934F924676B}_is1) (Version: 1.0.1 - Postimage)
- PowerPoint Viewer 2.0 (HKLM-x32\...\PowerPoint Viewer 2.0) (Version: - )
- qBittorrent 4.1.5 (HKLM-x32\...\qBittorrent) (Version: 4.1.5 - The qBittorrent project)
- Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6531 - Realtek Semiconductor Corp.)
- Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
- Registry Workshop (HKLM\...\Registry Workshop) (Version: - )
- RemoteSetup (HKLM-x32\...\{B6CE4633-EA3F-4856-9BCC-9B8702E076FE}) (Version: 3.8.0.0 - Brother Industries Ltd.) Hidden
- Revo Uninstaller 2.1.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 - VS Revo Group, Ltd.)
- ScannerUtilityInstaller (HKLM-x32\...\{5B645FE2-19E9-4B15-B5B2-3D8766F6FA27}) (Version: 1.0.0.0 - Brother) Hidden
- Screenpic 0.15.2 (HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\Screenpic) (Version: 0.15.2 - screenpic.net)
- Skype version 8.54 (HKLM-x32\...\Skype_is1) (Version: 8.54 - Skype Technologies S.A.)
- SoundingBox (HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\SoundingBox) (Version: 1.0.43 - SoundingBox)
- StatusMonitor (HKLM-x32\...\{86D16055-3C14-44C6-BCD7-5514B83BAD34}) (Version: 1.12.4.0 - Brother Insutries Ltd.) Hidden
- Sticky Password 8.2.3.24 (HKLM-x32\...\Sticky Password_is1) (Version: 8.2 - Lamantine Software)
- Super DX-Ball v1.00 (HKLM-x32\...\Super DX-Ball_is1) (Version: 1.0 - BlitWise Productions, LLC)
- Super Finder XT 1.6.3.2 (HKLM-x32\...\Super Finder XT_is1) (Version: - FSL - FreeSoftLand)
- The Print Shop (HKLM-x32\...\{FB26EA24-AE01-4C86-BEBC-424D5B81E66E}) (Version: - Broderbund LLC)
- TreeComp 4.0 b57 (x64) (HKLM\...\{482B2DF4-C161-45A2-947C-834FB5BEB432}_is1) (Version: - Lennert Ploeger)
- Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.5.9 - CrystalIDEA Software)
- Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
- Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
- UsbRepairTool (HKLM-x32\...\{523276A4-5779-4105-9163-CA1CF94EC533}) (Version: 1.4.0.0 - Brother Insutries Ltd.) Hidden
- Userfeel 1.4.22 (HKLM-x32\...\{2bfdce5e-c78c-59b9-91ca-79fa2c7b233c}) (Version: 1.4.22 - Userfeel)
- UserTesting (HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\UserTestingPlugin) (Version: - UserTesting.com)
- Virtual Magnifying Glass v3.6 (HKLM-x32\...\Virtual Magnifying Glass_is1) (Version: - )
- VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
- Waterfox Classic 56.3 (x64 en-US) (HKLM\...\Waterfox Classic 56.3 (x64 en-US)) (Version: 56.3 - Waterfox Ltd)
- Win Driver Backup 8.8.1 (HKLM-x32\...\Win Driver Backup_is1) (Version: - WinDriverBackup Co., Ltd.)
- Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
- Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
- WizTree v3.15 (HKLM\...\WizTree_is1) (Version: - Antibody Software)
- WordWeb (HKLM-x32\...\WordWeb) (Version: 8 - WordWeb Software)
- Youtube Downloader HD v. 2.9.9.41 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com)
- ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.8.023.18219 - Check Point)
- ==================== Custom CLSID (Whitelisted): ==============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
- CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Prize-02\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
- CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
- CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation) [File not signed]
- CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Prize-02\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll => No File
- CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation) [File not signed]
- CustomCLSID: HKU\S-1-5-21-3514852469-3404283315-88258209-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation) [File not signed]
- ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
- ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
- ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
- ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (Ivaylo Beltchev -> IvoSoft) [File not signed]
- ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-08-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
- ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2019-08-20] (Paramount Software UK Ltd -> Paramount Software UK Ltd)
- ContextMenuHandlers3-x32: [MicroangeloMenu] -> {616c1f06-bad8-11d2-b355-00104b642749} => C:\Windows\SysWOW64\muangsys.dll [2000-09-11] () [File not signed]
- ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
- ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
- ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
- ContextMenuHandlers5: [DeskMenu] -> {7E74422F-2393-11D4-98E0-444553540000} => C:\Program Files\Desktop Restore\dkticnsr.dll [2016-11-04] (Jamie O'Connell) [File not signed]
- ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => C:\Program Files\Windows Sidebar\sbdrop.dll -> No File
- ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-01-27] (Intel Corporation) [File not signed]
- ContextMenuHandlers6-x32: [IconLayout] -> {19F500E0-9964-11cf-B63D-08002B317C03} => Layout.dll -> No File
- ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
- ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-15] (Empty Loop -> )
- ==================== Codecs (Whitelisted) ====================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM\...\Drivers32: [vidc.i420] => C:\Windows\system32\lvcod64.dll [398360 2009-10-07] (Logitech Inc -> Logitech Inc.)
- HKLM\...\Drivers32: [vidc.i420] => C:\Windows\SysWOW64\lvcodec2.dll [416280 2009-10-07] (Logitech Inc -> Logitech Inc.)
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ShortcutWithArgument: C:\Users\Prize-02\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\3fbb4eed9afddb3b\UserLook Recorder.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default --app-id=neimnkpjllmhbfkghkmmajadlicnpjej
- ShortcutWithArgument: C:\Users\Prize-02\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\147e4e90521dcb32\Google Chrome.lnk -> C:\Users\Prize-02\AppData\Local\Google\Application\chrome.exe (Google Inc.) -> --profile-directory=Default
- ==================== Loaded Modules (Whitelisted) =============
- 2019-10-19 01:03 - 2019-09-02 13:51 - 001398272 _____ () [File not signed] C:\Program Files (x86)\Sticky Password\DLLs\_hashlib.pyd
- 2019-07-14 22:36 - 2019-02-21 12:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zipx64\7-zip.dll
- 2011-01-27 09:23 - 2011-01-27 09:23 - 000109056 _____ (Intel Corporation) [File not signed] C:\Windows\system32\hccutils.DLL
- 2011-01-27 09:24 - 2011-01-27 09:24 - 000335872 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxpph.dll
- 2011-01-27 09:22 - 2011-01-27 09:22 - 000285696 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxrENU.lrc
- 2017-08-13 08:49 - 2017-08-13 08:49 - 000760632 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer32.dll
- 2017-08-13 08:49 - 2017-08-13 08:49 - 000885560 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
- 2017-08-13 08:49 - 2017-08-13 08:49 - 003664184 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
- 2017-02-20 23:44 - 2016-11-04 20:06 - 000521728 _____ (Jamie O'Connell) [File not signed] C:\Program Files\Desktop Restore\dkticnsr.dll
- 2009-07-13 19:55 - 2009-07-13 21:40 - 000053248 _____ (Microsoft Windows -> Microsoft Corporation) [File not signed] C:\Windows\System32\AltTab.dll
- ==================== Alternate Data Streams (Whitelisted) ========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
- AlternateDataStreams: C:\ProgramData\TEMP:B0D4D817 [85]
- ==================== Safe Mode (Whitelisted) ==================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- ==================== Association (Whitelisted) =================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- HKU\S-1-5-21-3514852469-3404283315-88258209-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.reg\UserChoice => regfile
- ==================== Internet Explorer trusted/restricted ==========
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\008i.com -> 008i.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\008k.com -> 008k.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\00hq.com -> 00hq.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0190-dialers.com -> 0190-dialers.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\01i.info -> 01i.info
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0411dd.com -> 0411dd.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0511zfhl.com -> 0511zfhl.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\05p.com -> 05p.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0632qyw.com -> 0632qyw.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0calories.net -> 0calories.net
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0cj.net -> 0cj.net
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\0scan.com -> 0scan.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\1-se.com -> 1-se.com
- IE restricted site: HKU\S-1-5-21-3514852469-3404283315-88258209-1000\...\1001movie.com -> 1001movie.com
- There are 6091 more sites.
- ==================== Hosts content: =========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-13 22:34 - 2019-01-04 04:57 - 000002303 _____ C:\Windows\system32\drivers\etc\hosts
- 127.0.0.1 216.146.219.225
- 127.0.0.1 www.thornsoft.com
- 127.0.0.1 thornsoft.com
- 127.0.0.1 76.75.211.2
- 127.0.0.1 216.146.195.24
- 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
- 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
- 0.0.0.0 media.opencandy.com
- 0.0.0.0 cdn.opencandy.com
- 0.0.0.0 tracking.opencandy.com
- 0.0.0.0 api.opencandy.com
- 0.0.0.0 api.recommendedsw.com
- 0.0.0.0 rp.yefeneri2.com
- 0.0.0.0 os.yefeneri2.com
- 0.0.0.0 os2.yefeneri2.com
- 0.0.0.0 installer.betterinstaller.com
- 0.0.0.0 installer.filebulldog.com
- 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
- 0.0.0.0 inno.bisrv.com
- 0.0.0.0 nsis.bisrv.com
- 0.0.0.0 cdn.file2desktop.com
- 0.0.0.0 cdn.goateastcach.us
- 0.0.0.0 cdn.guttastatdk.us
- 0.0.0.0 cdn.inskinmedia.com
- 0.0.0.0 cdn.insta.oibundles2.com
- 0.0.0.0 cdn.insta.playbryte.com
- 0.0.0.0 cdn.llogetfastcach.us
- 0.0.0.0 cdn.montiera.com
- 0.0.0.0 cdn.msdwnld.com
- 0.0.0.0 cdn.mypcbackup.com
- ==================== Other Areas ===========================
- (Currently there is no automatic fix for this section.)
- HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> c:\Program Files (x86)\Intel\iCLS Client\;c:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
- HKU\S-1-5-21-3514852469-3404283315-88258209-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Prize-02\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
- DNS Servers: 192.168.1.1
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- mpsdrv => Firewall Service is not running.
- MpsSvc => Firewall Service is not running.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (If an entry is included in the fixlist, it will be removed.)
- MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
- MSCONFIG\Services: AudioEndpointBuilder => 2
- MSCONFIG\Services: bthserv => 3
- MSCONFIG\Services: DigitalWave.Update.Service => 2
- MSCONFIG\Services: DSClockSyncTime => 2
- MSCONFIG\Services: Fax => 3
- MSCONFIG\Services: Freemake Improver => 3
- MSCONFIG\Services: gupdate => 2
- MSCONFIG\Services: gupdatem => 3
- MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
- MSCONFIG\Services: jhi_service => 2
- MSCONFIG\Services: LMS => 2
- MSCONFIG\Services: MacriumService => 3
- MSCONFIG\Services: TomTomHOMEService => 2
- MSCONFIG\Services: WSearch => 3
- MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dashlane 4.6.8.lnk => C:\Windows\pss\Dashlane 4.6.8.lnk.Startup
- MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DS Clock.lnk => C:\Windows\pss\DS Clock.lnk.Startup
- MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^dsclock.exe - Shortcut.lnk => C:\Windows\pss\dsclock.exe - Shortcut.lnk.Startup
- MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DuckCapture.lnk => C:\Windows\pss\DuckCapture.lnk.Startup
- MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PTReplicator.exe - Shortcut.lnk => C:\Windows\pss\PTReplicator.exe - Shortcut.lnk.Startup
- MSCONFIG\startupfolder: C:^Users^Prize-02^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Sticky Password.lnk => C:\Windows\pss\Sticky Password.lnk.Startup
- MSCONFIG\startupreg: BrHelp => /AUTORUN
- MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
- MSCONFIG\startupreg: Flvto Youtube Downloader => "C:\program files\Flvto Youtube Downloader\FlvtoYoutubeDownloader.Redesign.exe" /minimize
- MSCONFIG\startupreg: GarminExpress => "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
- MSCONFIG\startupreg: Google Update => C:\Users\Prize-02\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
- MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
- MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
- MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
- MSCONFIG\startupreg: MP3 Skype recorder => C:\Users\Prize-02\AppData\Local\MP3 Skype recorder\MP3SkypeRecorder.exe
- MSCONFIG\startupreg: Reflect UI => C:\Program Files\Macrium\Common\ReflectUI.exe
- MSCONFIG\startupreg: Screenpic => C:\Users\Prize-02\AppData\Local\Screenpic\screenpic.exe
- ==================== FirewallRules (Whitelisted) ================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{AB90B65B-A506-4786-82FD-AE9833C56725}] => (Allow) C:\Program Files\Opera\46.0.2597.39\opera.exe No File
- FirewallRules: [{093DF395-B22A-46EA-83AE-4C186FC5C8DE}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) [File not signed]
- FirewallRules: [{7BA806F8-A9F3-4155-8112-65BB26837E75}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.) [File not signed]
- FirewallRules: [TCP Query User{04195A8B-DDD5-4DDE-97F6-3204C3FD7960}C:\program files (x86)\logitech\vid hd\vid.exe] => (Block) C:\program files (x86)\logitech\vid hd\vid.exe (Logitech Inc.) [File not signed]
- FirewallRules: [UDP Query User{45044EAF-5C9B-4E30-BCF1-72D9A2C096A7}C:\program files (x86)\logitech\vid hd\vid.exe] => (Block) C:\program files (x86)\logitech\vid hd\vid.exe (Logitech Inc.) [File not signed]
- FirewallRules: [TCP Query User{080ED42F-4AD2-461B-8403-DFDA1AE5E8CF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe No File
- FirewallRules: [UDP Query User{F7CE58FD-922F-4798-8AB1-09025264E88A}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe No File
- FirewallRules: [{9830D275-C496-4DBC-A119-A209E445F56A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
- FirewallRules: [{118DCC68-9BB5-4F08-8C8B-E4F81518002C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
- FirewallRules: [{2DFA463E-959D-42E3-9836-ED22FEAA865B}] => (Allow) C:\Program Files\Opera\58.0.3135.127\opera.exe No File
- FirewallRules: [{B6FC53CF-A747-4D00-884F-49BBF7EBD3ED}] => (Allow) C:\Program Files\Opera\58.0.3135.132\opera.exe (Opera Software AS -> Opera Software)
- FirewallRules: [{935E9603-7A40-4D3E-8C06-0B2F229AF740}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe No File
- FirewallRules: [{A5990DAF-4B39-4277-A14F-31293FC1CAF9}] => (Allow) c:\program files (x86)\pc-faxreceive\brengineprocess.exe No File
- FirewallRules: [TCP Query User{7C57BC3B-4CF2-48C8-88F7-355A8B3AB4CA}C:\program files\alive\messaging\java\jre7\bin\java.exe] => (Allow) C:\program files\alive\messaging\java\jre7\bin\java.exe No File
- FirewallRules: [UDP Query User{E21AD07B-0D6C-49CC-90BF-F6DB44347B7E}C:\program files\alive\messaging\java\jre7\bin\java.exe] => (Allow) C:\program files\alive\messaging\java\jre7\bin\java.exe No File
- FirewallRules: [TCP Query User{2B6CD48F-EB1D-4C25-93C7-F4064767632A}C:\program files\alive\bin\alive\alive.exe] => (Allow) C:\program files\alive\bin\alive\alive.exe No File
- FirewallRules: [UDP Query User{C4CCE142-8D6B-4764-8CDD-4A8E2577B911}C:\program files\alive\bin\alive\alive.exe] => (Allow) C:\program files\alive\bin\alive\alive.exe No File
- FirewallRules: [{F3A2F3C3-FEDF-486D-AFCB-FF049F40A991}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
- FirewallRules: [{E109C321-1DB7-4734-8191-FB3302D62359}] => (Allow) C:\Program Files\Waterfox\waterfox.exe (Waterfox Limited -> Mozilla Corporation)
- FirewallRules: [TCP Query User{DBCE8178-BB12-42DC-BE11-3C4C8B8AEB1F}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
- FirewallRules: [UDP Query User{4A0C859B-B0A9-41D8-9333-83E836BE2D11}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
- FirewallRules: [{4A7B67D9-2C64-410C-9B50-0AED05F62852}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
- FirewallRules: [{0E302442-818E-4A8C-B75E-FB5AB7D0A00B}] => (Allow) C:\Program Files (x86)\Sticky Password\stpass.exe (Lamantine Software a.s. -> Lamantine Software a.s.)
- FirewallRules: [{A8E509C0-1B49-4AB0-90EE-27AFA79DA91D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{1AA7D377-A724-49FF-AB8B-A453AFB88D81}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
- FirewallRules: [{2A6D41D4-2EC8-4D38-9EAC-DA24D3BE46AD}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
- FirewallRules: [{8CC1FB75-ED14-4AE3-87B2-B25EDB0DBC59}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed]
- ==================== Restore Points =========================
- 18-02-2020 03:29:13 Scheduled Checkpoint
- 19-02-2020 00:01:10 Revo Uninstaller's restore point - Google Chrome
- 26-02-2020 03:53:59 Scheduled Checkpoint
- 01-03-2020 13:39:29 Revo Uninstaller's restore point - Revo Uninstaller 2.1.0
- 03-03-2020 12:42:54 Removed service pack backup files
- 12-03-2020 03:33:33 Scheduled Checkpoint
- 14-03-2020 15:01:22 Restore Operation
- 14-03-2020 21:17:51 Windows Update
- 15-03-2020 14:47:33 Restore Operation
- 15-03-2020 15:17:38 Revo Uninstaller's restore point - Bitdefender Agent
- 15-03-2020 15:19:27 Revo Uninstaller's restore point - Bitdefender Antivirus Free
- 15-03-2020 15:23:06 Revo Uninstaller's restore point - Bitdefender Agent
- 15-03-2020 15:35:09 Restore Operation
- 15-03-2020 15:54:51 Revo Uninstaller's restore point - High-Logic MainType 9
- 15-03-2020 23:09:15 Windows Update
- 15-03-2020 23:26:36 Intel® Driver & Support Assistant
- 15-03-2020 23:28:06 Intel® Driver & Support Assistant
- 15-03-2020 23:28:58 Intel® Driver & Support Assistant
- 16-03-2020 03:01:24 Windows Update
- 17-03-2020 03:00:13 Windows Update
- 17-03-2020 03:37:43 Removed service pack backup files
- ==================== Faulty Device Manager Devices ============
- ==================== Event log errors: ========================
- Application errors:
- ==================
- Error: (03/19/2020 05:11:29 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
- Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x80070005, Failed to add Gather Application: Windows>.
- Error: (03/19/2020 05:11:29 PM) (Source: Windows Search Service) (EventID: 3030) (User: )
- Description: The gatherer service cannot be initialized.
- Details:
- The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (HRESULT : 0x80070660) (0x80070660)
- Error: (03/19/2020 05:09:29 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
- Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x80070005, Failed to add Gather Application: Windows>.
- Error: (03/19/2020 05:09:29 PM) (Source: Windows Search Service) (EventID: 3030) (User: )
- Description: The gatherer service cannot be initialized.
- Details:
- The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (HRESULT : 0x80070660) (0x80070660)
- Error: (03/19/2020 05:09:03 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
- Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x80070005, Failed to add Gather Application: Windows>.
- Error: (03/19/2020 05:09:03 PM) (Source: Windows Search Service) (EventID: 3030) (User: )
- Description: The gatherer service cannot be initialized.
- Details:
- The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (HRESULT : 0x80070660) (0x80070660)
- Error: (03/19/2020 05:08:54 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
- Description: The Windows Search Service has failed to create the new search index. Internal error <1, 0x80070005, Failed to add Gather Application: Windows>.
- Error: (03/19/2020 05:08:54 PM) (Source: Windows Search Service) (EventID: 3030) (User: )
- Description: The gatherer service cannot be initialized.
- Details:
- The Temp folder is on a drive that is full or is inaccessible. Free up space on the drive or verify that you have write permission on the Temp folder. (HRESULT : 0x80070660) (0x80070660)
- System errors:
- =============
- Error: (03/19/2020 05:11:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Windows Search service terminated unexpectedly. It has done this 164 time(s).
- Error: (03/19/2020 05:11:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Windows Search service terminated with the following error:
- Access is denied.
- Error: (03/19/2020 05:09:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Windows Search service terminated unexpectedly. It has done this 163 time(s).
- Error: (03/19/2020 05:09:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Windows Search service terminated with the following error:
- Access is denied.
- Error: (03/19/2020 05:09:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Windows Search service terminated unexpectedly. It has done this 162 time(s).
- Error: (03/19/2020 05:09:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Windows Search service terminated with the following error:
- Access is denied.
- Error: (03/19/2020 05:08:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The Windows Search service terminated unexpectedly. It has done this 161 time(s).
- Error: (03/19/2020 05:08:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
- Description: The Windows Search service terminated with the following error:
- Access is denied.
- Windows Defender:
- ===================================
- Date: 2020-02-10 18:58:42.714
- Description:
- Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
- Signatures Attempted:Current
- Error Code:0x80070003
- Error description:The system cannot find the path specified.
- Signature version:0.0.0.0
- Engine version:0.0.0.0
- Date: 2018-12-12 12:53:35.302
- Description:
- Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
- Signatures Attempted:Current
- Error Code:0x80070003
- Error description:The system cannot find the path specified.
- Signature version:0.0.0.0
- Engine version:0.0.0.0
- Date: 2017-11-14 04:24:13.684
- Description:
- Windows Defender scan has encountered an error and terminated.
- Scan ID:{970A6A1D-EB5B-4ECC-831C-301650E747B8}
- Scan Type:AntiSpyware
- Scan Parameters:Quick Scan
- Error Code:0x8050800d
- Error description:Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
- Date: 2017-11-12 02:12:41.755
- Description:
- Windows Defender scan has encountered an error and terminated.
- Scan ID:{7315331A-5751-4CE2-AB86-6696C826E020}
- Scan Type:AntiSpyware
- Scan Parameters:Quick Scan
- Error Code:0x8050800d
- Error description:Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
- Date: 2017-11-01 02:25:00.253
- Description:
- Windows Defender scan has encountered an error and terminated.
- Scan ID:{A81D721F-C94D-422D-983D-D86037D3F733}
- Scan Type:AntiSpyware
- Scan Parameters:Quick Scan
- Error Code:0x8050800d
- Error description:Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
- CodeIntegrity:
- ===================================
- Date: 2020-03-14 21:00:09.210
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2020-03-14 21:00:08.602
- Description:
- Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\igdkmd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- ==================== Memory info ===========================
- BIOS: AMI 7.16 10/05/2011
- Motherboard: PEGATRON CORPORATION 2AC2
- Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
- Percentage of memory in use: 93%
- Total physical RAM: 6050.53 MB
- Available physical RAM: 406.89 MB
- Total Virtual: 12099.2 MB
- Available Virtual: 6700.79 MB
- ==================== Drives ================================
- Drive c: (HP_SYSPROG) (Fixed) (Total:159.47 GB) (Free:76.46 GB) NTFS
- Drive d: (HP_DATA) (Fixed) (Total:73.25 GB) (Free:52.37 GB) NTFS
- Drive j: (CANONCAMERA) (Removable) (Total:1.83 GB) (Free:1.83 GB) FAT
- Drive s: (GOLDFISH) (Removable) (Total:3.74 GB) (Free:2.28 GB) FAT32
- \\?\Volume{6343aacb-9589-11e6-a6d3-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
- ==================== MBR & Partition Table ====================
- ==========================================================
- Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.8 GB) (Disk ID: 89798979)
- Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=159.5 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=73.2 GB) - (Type=0F Extended)
- ==========================================================
- Disk: 1 (Protective MBR) (Size: 1.8 GB) (Disk ID: 00000000)
- Partition: GPT.
- ==========================================================
- Disk: 3 (MBR Code: Windows 7/8/10) (Size: 3.7 GB) (Disk ID: 002894EA)
- Partition 1: (Active) - (Size=3.7 GB) - (Type=0C)
- ==================== End of Addition.txt =======================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement