Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-12-2019 01
Ran by nibbz (04-12-2019 19:58:02)
Running from C:\Users\nibbz\Desktop
Windows 10 Pro Version 1809 17763.864 (X64) (2019-05-21 00:55:44)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1243112257-1756932303-4238688702-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1243112257-1756932303-4238688702-503 - Limited - Disabled)
Guest (S-1-5-21-1243112257-1756932303-4238688702-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-1243112257-1756932303-4238688702-1011 - Limited - Enabled)
new1 (S-1-5-21-1243112257-1756932303-4238688702-1021 - Limited - Enabled)
nibbz (S-1-5-21-1243112257-1756932303-4238688702-1001 - Administrator - Enabled) => C:\Users\nibbz
Visitor (S-1-5-21-1243112257-1756932303-4238688702-1025 - Limited - Enabled) => C:\Users\Visitor
WDAGUtilityAccount (S-1-5-21-1243112257-1756932303-4238688702-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
abgx360 v1.0.6 (HKLM-x32\...\abgx360) (Version: - )
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.293 - Adobe)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Ballistix MOD Utility (HKLM\...\{F9AFFE49-003C-4D23-943F-33AAF9554234}) (Version: 1.0.0 - Crucial)
Batman: Arkham Asylum Demo (HKLM-x32\...\{57EF5EE1-E32B-4EDE-9D50-3A82126800EE}) (Version: 1.0.0.0 - Eidos Inc/Warner Brothers)
ClipGrab 3.6.8 (HKLM-x32\...\{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1) (Version: - Philipp Schmieder Medien)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) <==== ATTENTION
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FlashPlayer (HKLM-x32\...\{BA8B8ADA-084F-4F79-A0CA-6E58A0808794}) (Version: 1.6.8 - Tuguu SL) <==== ATTENTION
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.0.2.413 - Foxit Corporation)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
HWiNFO64 Version 5.86 (HKLM\...\HWiNFO64_is1) (Version: 5.86 - Martin Malík - REALiX)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Max Payne 3: Complete Edition (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.241.0 - Rockstar Games)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Calculator Plus (HKLM-x32\...\{83073C45-3003-4671-9A86-243AAADD915A}) (Version: 1.0.0 - Microsoft)
Microsoft Flight Simulator X Demo (HKLM-x32\...\InstallShield_{B98A34C0-A6A2-4087-B272-557C1C6D0A07}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2010 (HKLM-x32\...\{FA8E7AF5-C70E-3274-9740-9E697FBD5BB7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.22.27821 (HKLM-x32\...\{5bfc1380-fd35-4b85-9715-7351535d077e}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MLB 2K9 Demo (HKLM-x32\...\{7197BEB7-8534-48BE-A5E9-F3467F017B03}) (Version: 1.0.0 - 2K Sports)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 66.0.3 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 441.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4815.1002 - Microsoft Corporation) Hidden
OpenIV (HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\OpenIV) (Version: 2.8.703 - .black/OpenIV Team)
Red Dead Redemption 2 (HKLM-x32\...\Red Dead Redemption 2) (Version: 1.0.1207.80 - Rockstar Games)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.16.196 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.4.3 - Rockstar Games)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{B1339B3E-BF20-46D2-8039-DA2CC5F9C5F1}) (Version: 6.5 - Silicon Laboratories, Inc.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
t6config (HKLM-x32\...\t6config) (Version: - )
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - )
The Walking Dead - Season 2 (HKLM-x32\...\The Walking Dead - Season 2_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91)
Total Video Converter 3.71 100812 (HKLM-x32\...\Total Video Converter 3.71_is1) (Version: - EffectMatrix Inc.)
UltraISO Premium V9.66 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Wargaming.net Game Center (HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\Wargaming.net Game Center) (Version: 19.7.0.7412 - Wargaming.net)
WinAVI All in One Converter (HKLM-x32\...\WinAVI All in One Converter) (Version: 1.4.0.4105 - ZJMedia Digital Technology Ltd.)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: 11.6.1.4734 - ZJMedia Digital Technology Ltd.)
Windows 10 Upgrade Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World Of Warships PublicTest version Alpha (HKLM-x32\...\{253BCA66-CD92-4ECB-A7C3-D67B77923DAE}_is1) (Version: Alpha - Wargaming)
World_of_Warships_NA (HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\WOWS.NA.PRODUCTION) (Version: - Wargaming.net)
Packages:
=========
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12228.20276.0_x64__8wekyb3d8bbwe [2019-11-25] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-28] (Microsoft Corporation) [MS Ad]
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.33.13253.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation) [MS Ad]
Sling TV -> C:\Program Files\WindowsApps\SlingTVLLC.SlingTV_7.0.8.0_x86__vgszm6stshdqy [2019-01-09] (Sling TV LLC)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)
WindowsDVDPlayer -> C:\Program Files\WindowsApps\Microsoft.WindowsDVDPlayer_3.6.13291.0_x64__8wekyb3d8bbwe [2017-09-23] (Microsoft Corporation)
Xbox 360 SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxCompanion_1.4.3.0_x64__8wekyb3d8bbwe [2017-09-23] (Microsoft Corporation) [MS Ad]
Xbox One SmartGlass -> C:\Program Files\WindowsApps\Microsoft.XboxOneSmartGlass_2.2.1702.2004_x64__8wekyb3d8bbwe [2018-05-14] (Microsoft Corporation)
XLS Viewer Free -> C:\Program Files\WindowsApps\62307pauljohn.XLSViewerFree_1.1.0.1_x86__7sv5v3m8wq0b2 [2019-08-04] (pauljohn)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [WDAGOfficeShellIconOverlayExtension] -> {1C7A13D2-F5E5-4807-A19B-E4CCEC814B3D} => C:\Windows\System32\hvsiofficeiconoverlayshellextension.dll [2019-07-09] (Microsoft Windows -> )
ShellIconOverlayIdentifiers-x32: [WDAGOfficeShellIconOverlayExtension] -> {1C7A13D2-F5E5-4807-A19B-E4CCEC814B3D} => C:\Windows\System32\hvsiofficeiconoverlayshellextension.dll [2019-07-09] (Microsoft Windows -> )
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2013-04-06] (Foxit Corporation -> Foxit Corporation)
ContextMenuHandlers1: [TVCShellExt] -> {4E33A7F5-8083-4C08-9D45-C5CED88F5C04} => C:\Program Files (x86)\Total Video Converter\TVCShellExtx64.dll [2010-07-29] () [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers2: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} => -> No File
ContextMenuHandlers4: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-10-24] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UltraISO] -> {AD392E40-428C-459F-961E-9B147782D099} => C:\Program Files (x86)\UltraISO\isoshl64.dll [2009-10-22] (SHENZHEN YIBO DIGITAL SYSTEMS DEVELOPMENT CO. LTD. -> EZB Systems, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-06-09] (Alexander Roshal) [File not signed]
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [92160 2012-02-26] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3filter] => C:\Windows\SysWOW64\ac3filter.acm [497664 2009-08-11] () [File not signed]
HKLM\...\Drivers32-x32: [VIDC.IV41] => ir41_32.dll
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2012-10-07 13:29 - 2010-07-29 17:19 - 000293888 _____ () [File not signed] C:\Program Files (x86)\Total Video Converter\TVCShellExtx64.dll
2012-12-28 20:32 - 2012-06-09 18:20 - 000196096 _____ (Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [238]
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\hvsifltr => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\1001movie.com -> 1001movie.com
There are 6091 more sites.
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 21:34 - 2016-07-31 12:24 - 000000037 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Windows\SysWOW64;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-21-1243112257-1756932303-4238688702-501\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
Network Binding:
=============
Ethernet: Hyper-V Extensible Virtual Switch -> vms_pp (disabled)
Ethernet: Bridge Driver -> ms_l2bridge (enabled)
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: 9b784ed1 => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AppHostSvc => 2
MSCONFIG\Services: BDESVC => 3
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: ehRecvr => 3
MSCONFIG\Services: ehSched => 3
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: iphlpsvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SCPolicySvc => 3
MSCONFIG\Services: SDRSVC => 3
MSCONFIG\Services: SessionEnv => 3
MSCONFIG\Services: SharedAccess => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: vds => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\nibbz\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: cdloader => "C:\Users\nibbz\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
MSCONFIG\startupreg: Chromium => "c:\users\nibbz\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session
MSCONFIG\startupreg: CLMLServer_For_P2G8 => "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
MSCONFIG\startupreg: CLVirtualDrive => "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: IDMan => C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
MSCONFIG\startupreg: LGODDFU => blrun
MSCONFIG\startupreg: NetCtl => C:\Users\nibbz\AppData\Roaming\NetCtl\netctl.exe
MSCONFIG\startupreg: NETGEARGenie => "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: PCShowServer => "C:\Users\nibbz\AppData\Local\DIRECTV Player\PCShowServerPMWrapper.exe"
MSCONFIG\startupreg: Power2GoExpress8 => NA
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SMessaging => C:\Users\nibbz\AppData\Local\Strongvault Online Backup\SMessaging.exe
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: tvncontrol => "C:\Program Files (x86)\Common Files\Comodo\tvnserver.exe" -controlservice -slave
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "GammingApp"
HKU\S-1-5-21-1243112257-1756932303-4238688702-1001\...\StartupApproved\Run: => "World of Warships"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe No File
FirewallRules: [{E5DE3A28-CA64-4AE4-9271-56EC5BC5ED9F}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{45C12FC8-96E1-439E-86C8-B73D847FA30D}] => (Allow) C:\Games\World_of_Warships\worldofwarships.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{B35FE403-0AC8-4453-87B2-BD89BF181E31}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{278A1C05-61C2-45EB-8CF6-1C403431EE12}] => (Allow) C:\Games\World_of_Warships\WoWSLauncher.exe (Wargaming PCL -> Wargaming.net)
FirewallRules: [{C42ECE1B-4C27-45AD-AFA5-9A5E627055FE}] => (Allow) C:\Users\nibbz\Desktop\New folder (2)\WGCheck.exe No File
FirewallRules: [{CC7D25E2-1401-41DA-92E7-AF7E94031E7B}] => (Allow) C:\Users\nibbz\Desktop\New folder (2)\WGCheck.exe No File
FirewallRules: [{646901FD-6881-4823-A620-25F4962A9009}] => (Allow) C:\Games\World_of_Warships_NA\WorldOfWarships.exe No File
FirewallRules: [{E1476633-1FAF-4A42-ABCA-794B3661FAF9}] => (Allow) C:\Games\World_of_Warships_NA\WorldOfWarships.exe No File
FirewallRules: [{359ABEAB-A585-4477-960F-E8A2B4C3DDAB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{56420B1A-0BBD-4556-9581-EAF111E8B030}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5F327CE9-C37F-469E-962E-8AFD9BCC48E8}] => (Allow) C:\Program Files (x86)\Wargaming.net\GameCenter\wgc.exe No File
FirewallRules: [{3C6412FB-8C18-443C-9A50-833C28B61CF7}] => (Allow) C:\Program Files (x86)\Wargaming.net\GameCenter\wgc.exe No File
FirewallRules: [{499807C9-739C-4515-9C9E-59E0E82C976D}] => (Allow) C:\Games\World_of_Warships\WGCheck\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [{5E69A9B0-3B76-4C8C-B275-3E4E293F01A9}] => (Allow) C:\Games\World_of_Warships\WGCheck\WGCheck.exe (Wargaming.net Limited -> )
FirewallRules: [UDP Query User{863A0E29-9C28-4BD3-B6C6-3199DD5AF4F4}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [TCP Query User{513CA910-1683-4BEA-8F02-5713FAE5D771}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe No File
FirewallRules: [TCP Query User{9D16F8C4-ABB6-44BE-9E22-5F8F2989A0FB}C:\games\wows_publictest\wowslauncher.exe] => (Allow) C:\games\wows_publictest\wowslauncher.exe No File
FirewallRules: [UDP Query User{50806F1B-0994-4C53-A1F1-63C3ACC7BD36}C:\games\wows_publictest\wowslauncher.exe] => (Allow) C:\games\wows_publictest\wowslauncher.exe No File
FirewallRules: [{2E661139-773A-4AE2-8C3C-54852A4443EC}] => (Allow) C:\Games\WOWS_PublicTest\WorldOfWarships.exe No File
FirewallRules: [{35B2308F-0618-48B3-8171-07F9492D8A1A}] => (Allow) C:\Games\WOWS_PublicTest\WorldOfWarships.exe No File
FirewallRules: [{570BC9FC-E745-4981-B9E9-2AF77B03E09E}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{B35C619B-3516-4AFA-BDEF-D44B5A010A5F}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net Limited -> Wargaming.net)
FirewallRules: [{8055CD2E-C243-492F-8F2E-83CBF3550D5B}] => (Allow) C:\Games\World_of_Tanks_NA\WorldOfTanks.exe No File
FirewallRules: [{719D1792-BA1A-4478-81F0-2BE338B24463}] => (Allow) C:\Games\World_of_Tanks_NA\WorldOfTanks.exe No File
FirewallRules: [TCP Query User{1EFDF64C-69FE-4EA6-997C-D2A7DE6FC4EC}C:\program files\rockstar games\max payne 3 complete edition\maxpayne3.exe] => (Allow) C:\program files\rockstar games\max payne 3 complete edition\maxpayne3.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [UDP Query User{763CF12E-69AC-45B8-A78E-169B506CBC48}C:\program files\rockstar games\max payne 3 complete edition\maxpayne3.exe] => (Allow) C:\program files\rockstar games\max payne 3 complete edition\maxpayne3.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [TCP Query User{80539797-18EA-47A8-B81D-B1DEB1FB5B4C}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [UDP Query User{99CB6BBB-D565-4BA2-9B81-B28A473CC711}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve -> Valve Corporation)
FirewallRules: [{DCB76767-017F-405A-8A87-9EB9E7968250}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{118C6A51-FBD5-4720-A902-05C77A8FEC02}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{EF308B38-137A-42FD-9339-75F1E6E744A8}] => (Allow) C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{42517447-9E23-4086-8FB0-11FEA89D4754}] => (Allow) C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{17D0397B-2F76-478B-A827-344E1B9F8F57}] => (Allow) C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{55EA37D0-DD91-4CF6-B6B3-7CE27E13FEDA}] => (Allow) C:\Program Files\Rockstar Games\Launcher\RockstarService.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{05B1CB77-3B61-4730-A1D3-900848F48D52}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D9D06C3F-B33E-473A-923C-FA2419FDEDE3}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B96414DB-15A9-4D78-BEB4-10FA5AB14269}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{D562C4A8-B253-42BE-9693-395F97A77132}] => (Allow) C:\Program Files\Rockstar Games\Red Dead Redemption 2\RDR2.exe (Rockstar Games, Inc. -> Rockstar Games)
FirewallRules: [{B39F0560-0965-4718-83B6-549702A2C5B1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FB3A777-BE04-4F6B-9AE0-FD85D7ABB750}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E423327F-77D2-4A3C-829C-ECDEE1DBE3F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3F259630-BC2F-4C14-A9E2-CC1A0F363DBB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FAB7EFC9-9A6F-4894-86C8-FA7C6D346D45}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
==================== Restore Points =========================
12-11-2019 20:53:34 Windows Update
20-11-2019 15:08:05 Scheduled Checkpoint
29-11-2019 23:37:29 Scheduled Checkpoint
04-12-2019 19:35:55 JRT Pre-Junkware Removal
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/04/2019 07:26:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 10.0.17763.831, time stamp: 0x29cb4890
Faulting module name: ntdll.dll, version: 10.0.17763.831, time stamp: 0x1f1a0210
Exception code: 0xc0000409
Fault offset: 0x00000000000a4720
Faulting process id: 0x1e64
Faulting application start time: 0x01d5aaf945713ac5
Faulting application path: C:\WINDOWS\Explorer.EXE
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: d8958e72-778a-4812-9259-131752b18c23
Faulting package full name:
Faulting package-relative application ID:
Error: (11/28/2019 10:15:28 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchUI.exe version 10.0.17763.719 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 2398
Start Time: 01d5a5fe9714e0fc
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: a49d435d-5b32-4b55-801b-1b86122badda
Faulting package full name: Microsoft.Windows.Cortana_1.11.6.17763_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Hang type: Quiesce
Error: (11/26/2019 10:21:17 PM) (Source: MsiInstaller) (EventID: 1024) (User: nibbz-PC)
Description: Product: Adobe Reader XI - Update '{AC76BA86-7AD7-0000-2550-7A8C40011020}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support:
http://go.microsoft.com/fwlink/?LinkId=23127
Error: (11/14/2019 01:11:53 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 3564, ProfSvc PID: 1840.
Error: (11/14/2019 01:11:53 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 5136, ProfSvc PID: 1840.
Error: (11/13/2019 05:03:12 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1552) (User: NT AUTHORITY)
Description: User hive is loaded by another process (Registry Lock) Process name: C:\Windows\System32\svchost.exe, PID: 5136, ProfSvc PID: 1840.
Error: (11/12/2019 02:05:59 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Rockstar Games Launcher because of this error.
Program: Rockstar Games Launcher
File:
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: 00000000
Disk type: 0
Error: (11/12/2019 02:05:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Launcher.exe_Rockstar Games Launcher, version: 1.0.12.172, time stamp: 0x5dc554ed
Faulting module name: Launcher.exe, version: 1.0.12.172, time stamp: 0x5dc554ed
Exception code: 0xc0000096
Fault offset: 0x0000000001409b61
Faulting process id: 0x21c0
Faulting application start time: 0x01d5998b3526cce4
Faulting application path: C:\Program Files\Rockstar Games\Launcher\Launcher.exe
Faulting module path: C:\Program Files\Rockstar Games\Launcher\Launcher.exe
Report Id: d8d001e8-67d3-4b14-86b2-d839f0d46eab
Faulting package full name:
Faulting package-relative application ID:
System errors:
=============
Error: (12/04/2019 07:42:07 PM) (Source: DCOM) (EventID: 10016) (User: nibbz-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user nibbz-PC\nibbz SID (S-1-5-21-1243112257-1756932303-4238688702-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/04/2019 07:42:07 PM) (Source: DCOM) (EventID: 10016) (User: nibbz-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user nibbz-PC\nibbz SID (S-1-5-21-1243112257-1756932303-4238688702-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/04/2019 07:36:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (12/04/2019 07:36:50 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The NVIDIA Display Container LS service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service.
Error: (12/04/2019 07:25:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Defender Antivirus Network Inspection Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (12/04/2019 07:25:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Defender Antivirus Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Run the configured recovery program.
Error: (12/04/2019 07:24:05 PM) (Source: DCOM) (EventID: 10016) (User: nibbz-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user nibbz-PC\nibbz SID (S-1-5-21-1243112257-1756932303-4238688702-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (12/04/2019 07:24:05 PM) (Source: DCOM) (EventID: 10016) (User: nibbz-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user nibbz-PC\nibbz SID (S-1-5-21-1243112257-1756932303-4238688702-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Windows Defender:
===================================
Date: 2019-11-30 23:51:45.900
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {842E6335-7B43-436C-841A-211917045CD2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-22 23:36:39.002
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {B9BEDE7D-4715-452F-84C8-3AE87045B534}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-14 21:57:27.957
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {E2C2B385-8554-4AE4-9936-949778F8CD5C}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-14 21:13:40.952
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {1DD93A60-C9ED-4C26-B3A5-EE7A2BDE3762}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-11-13 18:11:33.377
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {394290EA-A593-47D5-913B-B43882EB42AE}
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===================================
Date: 2019-11-13 18:54:27.601
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-13 18:54:27.510
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-13 18:54:27.434
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-13 18:54:27.242
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-13 18:54:27.210
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-13 18:54:27.183
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-13 18:54:25.383
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2019-11-13 18:54:25.092
Description:
Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 0908 09/21/2010
Motherboard: ASUSTeK Computer INC. P6T SE
Processor: Intel(R) Core(TM) i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 31%
Total physical RAM: 18423.11 MB
Available physical RAM: 12585.34 MB
Total Virtual: 36855.11 MB
Available Virtual: 30982.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931.07 GB) (Free:423.99 GB) NTFS ==>[drive with boot components (obtained from BCD)]
\\?\Volume{e17099ab-0000-0000-0000-b0c4e8000000}\ () (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: E17099AB)
Partition 1: (Active) - (Size=931.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
==================== End of Addition.txt =======================