Jump to content

All Activity

This stream auto-updates     

  1. Today
  2. frazzm737

    July Desktops

    Time for a change of scene...
  3. frazzm737

    Summit

  4. frazzm737

    Putin

  5. frazzm737

    SCOTUS

  6. frazzm737

    Fran's Favorites

  7. frazzm737

    Today's Cartoons

  8. frazzm737

    Weather 7/17/18

    Maybe some rain today???
  9. MichaelJ

    Maxine

    A good salad!
  10. MichaelJ

    Daily picture

    Nice antlers.
  11. MichaelJ

    Honoring our troops

    Will do.
  12. MichaelJ

    7-17-18

    Thats me...lol!
  13. JAN

    Inspiration

  14. MichaelJ

    Weather 7/17/18

  15. MichaelJ

    7/17/18

    A fine singer.
  16. PeggyB

    7/17/18

    Birthday: July 17, 1976 Nationality: American Famous: Quotes By Luke Bryan American Men Also Known As: Thomas Luther Sun Sign: Cancer Age: 42 Years Born in: Leesburg, Georgia, United States Famous as: Singer-Songwriter Spouse/Ex-: Caroline Boyer father: Tommy Bryan mother: LeClaire Bryan siblings: Chris Bryan, Kelly Bryan children: Tatum Christopher Bryan, Thomas Boyer Bryan City, States, Provinces & Districts: Georgia Net worth: $70 million education: Georgia Southern University Luke Bryan is one of the most renowned singers and songwriters of the current generation who have become a rage with his sensational music and melodies. Starting his career in music officially late (it was in 2007 that he made his plunge into the industry), Bryan did not take long to establish a strong foothold in the music scene. His debut came with his single ‘All My Friends Say’ which was outstandingly received by the audience. He followed it up with his debut studio album ‘I’ll Stay Me’. A couple of albums and singles old, Bryan first tasted worldwide success with his third studio album ‘Tailgates & Tanlines’. The album peaked at number one on the Top Country Albums chart and number two on the Billboard 200 chart. This was the beginning of his success story which continued to follow as his other two albums ‘Crash My Party’ and ‘Kill the Lights’ became highpoints of his career. What’s more, Bryan became the only country music artist to achieve six number one singles from one album in the history of the Billboard Country Airplay chart. Though Bryan has achieved much of his fame as a country musician and singer, it would be wrong to say that he has limited himself to it. Bryan has explored other genres like alternative rock as well. He has frequently incorporated elements of other music genres into his music. His journey as a musician and singer has been an inspiring one. Currently, he has sold more than seven million albums, 27 million tracks and has 16 No. 1 hits and back-to-back double-platinum albums. Luke Bryan married his college sweetheart, Caroline Boyer, on December 8, 2006. He first met her at Georgia Southern University. The couple has two sons, Thomas ‘Bo’ Boyer Bryan and Tatum ‘Tate’ Christopher Bryan. He also takes care of his nephew Tilden (Till) following the death of his sister and brother-in-law. He shares a passion for hunting and outdoors. He co-owns Buck Commander, sister company of Duck Commander. It even initiated a TV show for hunting enthusiasts. Bryan has supported numerous charities and causes, including the City of Hope and Red Cross. The causes Bryan supports are AIDS and HIV, cancer, children's disaster relief, health, and human rights.
  17. PeggyB

    7/17/18

    1821 Spain ceded Florida to the United States. 1898 Spain surrendered to the United States at Santiago, Cuba, ending the Spanish-American War. 1938 "Wrong Way Corrigan" took off from New York, purportedly aiming for California and landing in Ireland. 1945 President Harry Truman, Soviet leader Joseph Stalin and British Prime Minister Winston Churchill meet at the opening of the Potsdam Conference. 1955 Disneyland opened in Anaheim, Calif. 1975 The American Apollo and Soviet Soyuz spacecraft linked up for the first time. 1998 The last Russian Czar Nicholas II was buried 80 years after he and his family were executed by the Bolsheviks. ****************************************************************************************DAILY EXTRA******************************************** 1917.............................................The British royal family changed its name from the House of Saxe-Coburg-Gotha to Windsor amid anti-German senitment during World War I. British royal family change their name to Windsor - archive 1917 One hundred years ago, King George V changed the name of the British royal family from the German Saxe-Coburg and Gotha to the English Windsor. This name change saw every German reference and title being replaced with something British. The use of “Degrees, Styles, Dignities, Titles and Honours of Dukes and Duchesses of Saxony and Princes and Princesses of Saxe-Coburg and Gotha, and all other German Degrees, Styles, Dignities, Titles, Honours and Appellations,” was to be discontinued. The decision to adopt Windsor as the family name came amid strong anti-German feeling during the first world war. But the turning point was public anger at air raids over London, and in particular the bombing of a school in the East End. On 13 June 1917, the Germans began daylight raids on Britain and in one of the first attacks 18 children were killed when a bomb fell directly onto Upper North Street School in Poplar. German Gotha bombers carried out the strike - by coincidence, the same name as the royal family. News of the proposed name change first appeared in the Manchester Guardian in mid-June 1917.
  18. Last scans... Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document. NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so. NOTE 2. SecurityCheck may produce some false warning(s), so leave the results reading to me. NOTE 3. If you receive UNSUPPORTED OPERATING SYSTEM! ABORTED! message restart computer and Security Check should run Please download Farbar Service Scanner (FSS) and run it on the computer with the issue. Make sure the following options are checked: Internet Services Windows Firewall System Restore Security Center Windows Update Windows Defender Other Services Press "Scan". It will create a log (FSS.txt) in the same directory the tool is run. Please copy and paste the log to your reply. Download Temp File Cleaner (TFC) Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe Double click on TFC.exe to run the program. Click on Start button to begin cleaning process. TFC will close all running programs, and it may ask you to restart computer. Download Sophos Free Virus Removal Tool and save it to your desktop. Double click the icon and select Run Click Next Select I accept the terms in this license agreement, then click Next twice Click Install Click Finish to launch the program Once the virus database has been updated click Start Scanning If any threats are found click Details, then View log file... (bottom left hand corner) Copy and paste the results in your reply Close the Notepad document, close the Threat Details screen, then click Start cleanup Click Exit to close the program
  19. Fix result of Farbar Recovery Scan Tool (x86) Version: 15.07.2018 Ran by User (17-07-2018 09:29:06) Run:1 Running from C:\Users\User\Desktop Loaded Profiles: User (Available Profiles: User & Brother's Account & Kid's Account) Boot Mode: Normal ============================================== fixlist content: ***************** GroupPolicy: Restriction - Chrome <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION Toolbar: HKU\S-1-5-21-170921496-1106030034-2206049285-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File FF Plugin: @t.garena.com/garenatalk -> C:\Program Files\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File] U3 idsvc; no ImagePath 2018-06-24 12:39 - 2018-06-24 12:39 - 000000000 _____ () C:\Users\User\AppData\Local\{DFAFF154-87B2-468C-863F-E36CD6B76D64} 2018-07-17 04:38 - 2018-07-06 15:14 - 001618280 _____ (Microsoft Corporation) C:\Users\User\AppData\Local\Temp\dllnt_dump.dll 20 18-07-15 09:59 - 2018-07-17 07:14 - 047971328 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Te mp\SkypeSetup.exe CustomCLSID: HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncShell.dll => No File CustomCLSID: HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncShell.dll => No File CustomCLSID: HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncShell.dll => No File ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File Contex tMenuHandlers5: [igfxcui] -> {3AB1675A- CCFF-11D2-8B20-00A0C93CB1F4 } => -> No File AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125] A lternateDataStreams: C:\Users\User\Desktop\passport.jpeg:3or4kl4x13tuuug3Byamue2s4b [93] AlternateDataS treams: C:\Users\User\Desktop\passport.jp eg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386 d} [0] ***************** C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully "HKLM\SOFTWARE\Policies\Google" => removed successfully. "HKU\S-1-5-21-170921496-1106030034-2206049285-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully. HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => not found "HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk" => removed successfully. "HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully. idsvc => service removed successfully. C:\Users\User\AppData\Local\{DFAFF154-87B2-468C-863F-E36CD6B76D64} => moved successfully C:\Users\User\AppData\Local\Temp\dllnt_dump.dll => moved successfully 20 18-07-15 09:59 - 2018-07-17 07:14 - 047971328 _____ (Skype Technologies S.A.) C:\Users\User\AppData\Local\Te mp\SkypeSetup.exe => Error: No automatic fix found for this entry. "HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}" => removed successfully. "HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}" => removed successfully. "HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}" => removed successfully. "HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully. HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found Contex tMenuHandlers5: [igfxcui] -> {3AB1675A- CCFF-11D2-8B20-00A0C93CB1F4 } => -> No File => Error: No automatic fix found for this entry. C:\ProgramData\TEMP => ":5C321E34" ADS removed successfully. A lternateDataStreams: C:\Users\User\Desktop\passport.jpeg:3or4kl4x13tuuug3Byamue2s4b [93] => Error: No automatic fix found for this entry. AlternateDataS treams: C:\Users\User\Desktop\passport.jp eg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386 d} [0] => Error: No automatic fix found for this entry. The system needed a reboot. ==== End of Fixlog 09:29:20 ====
  20. Download attached fixlist.txt file and save it to the Desktop. NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Run FRST(FRST64) and press the Fix button just once and wait. The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply. fixlist.txt
  21. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15.07.2018 Ran by User (17-07-2018 09:12:52) Running from C:\Users\User\Desktop Microsoft Windows 10 Pro Version 1803 17134.165 (X86) (2018-05-31 16:07:59) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-170921496-1106030034-2206049285-500 - Administrator - Disabled) Brother's Account (S-1-5-21-170921496-1106030034-2206049285-1006 - Limited - Enabled) => C:\Users\Brother's Account DefaultAccount (S-1-5-21-170921496-1106030034-2206049285-503 - Limited - Disabled) Guest (S-1-5-21-170921496-1106030034-2206049285-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-170921496-1106030034-2206049285-1002 - Limited - Enabled) Kid's Account (S-1-5-21-170921496-1106030034-2206049285-1007 - Limited - Enabled) => C:\Users\Kid's Account User (S-1-5-21-170921496-1106030034-2206049285-1000 - Administrator - Enabled) => C:\Users\User WDAGUtilityAccount (S-1-5-21-170921496-1106030034-2206049285-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated) Adobe Flash Player 30 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 30.0.0.113 - Adobe Systems Incorporated) Camfrog Video Chat 6.21 (HKLM\...\Camfrog) (Version: 6.21.677 - Camshare, Inc.) Corel Update Manager (HKLM\...\{1229A9FF-55FA-4D4A-B482-5CA26D46A624}) (Version: 2.7.355 - Corel corporation) Hidden Corel Update Manager (HKLM\...\{EE61B6C5-F017-4505-85D3-6D40B1797D32}) (Version: 2.7.355 - Corel corporation) Hidden CorelDRAW Graphics Suite 2017 - Capture (HKLM\...\{00793547-E14A-418D-BDCC-149912C2124C}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Common (HKLM\...\{82362937-7C2B-42DF-B5D3-B44EEE235F07}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Connect (HKLM\...\{436A680E-2380-4E19-9435-E4F8AEA6C81B}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Custom Data (HKLM\...\{BE42F28B-E03E-4016-B42F-47993CD9440D}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Draw (HKLM\...\{9460A7E0-E382-4585-89AB-2F2CC3200331}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - EN (HKLM\...\{FA6BA260-746E-4641-B89A-01AA723A7E88}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Filters (HKLM\...\{38C89065-DE8D-45CD-B263-DC4C99F5FEA1}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Font Manager (HKLM\...\{1B861CBD-0796-4186-87A8-3A1210F1CBE2}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - IPM Content EN (HKLM\...\{EECC170F-E8EE-4EE7-B7D3-F33B006DBFA1}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - IPM T (HKLM\...\{7662E81B-989F-4B9C-86A7-70CC5CA9D0D3}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - PHOTO-PAINT (HKLM\...\{0F52557B-1437-4CC5-8C00-8E1F0C03CB1F}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Redist (HKLM\...\{062981C0-0146-42B0-AD7B-BCF16193FE77}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Setup Files (HKLM\...\{C552452D-1DF7-49C4-8EED-C84DC5B4E1A8}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - VBA (HKLM\...\{A527F0CA-A6AC-4FE0-8FF9-BB63E23913CD}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - VideoBrowser (HKLM\...\{3773C79F-2986-4210-867A-3EA6C87CB70A}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Workspaces (HKLM\...\{F73639E3-80A0-484C-B93F-63E097C53724}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 - Writing Tools (HKLM\...\{64B94B95-964A-40BE-B778-74525B0BC64F}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite 2017 (HKLM\...\_{C552452D-1DF7-49C4-8EED-C84DC5B4E1A8}) (Version: 19.1.0.419 - Corel Corporation) CorelDRAW Graphics Suite 2017 (HKLM\...\{AEE51EE6-8592-410A-ADC8-544FC4E9F03B}) (Version: 19.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Capture (HKLM\...\{9640A543-E423-4D8D-8E82-A1CB6BECCB9C}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Common (HKLM\...\{0622E0CF-F11D-483C-B858-7E7933996EE4}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Connect (HKLM\...\{9F15073D-56EF-4F6F-AF06-74A3B3D6C5EB}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Custom Data (HKLM\...\{E4AF1B6B-8513-4DB7-B99D-BA2B58503829}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Draw (HKLM\...\{406E4433-96CF-4D4D-8317-6B8E6BDD8856}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - EN (HKLM\...\{0AAA51D9-5029-4F53-8AFC-B7A9658B4BD5}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Filters (HKLM\...\{D4C83508-8D3A-4FBC-9F4C-AEF0D02DEF33}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Font Manager (HKLM\...\{17D53EFD-57F4-43D8-96B7-46682C9C9741}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - IPM Content (HKLM\...\{D3515161-7F82-447A-9005-BDBDCC7B60AE}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - IPM T (HKLM\...\{442B9D08-9F56-43FE-905A-07364D0BFE8D}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - PHOTO-PAINT (HKLM\...\{7546E875-C203-4E87-8A3D-FD179944A763}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Redist (HKLM\...\{635BA79D-FF3B-47E6-98BE-05D9FA6F884C}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Setup Files (HKLM\...\{86F23E59-06B3-432A-9D16-B6A4DF379571}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - VBA (HKLM\...\{044AC1C1-C353-49D0-A97B-8BCCA9C4424E}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - VideoBrowser (HKLM\...\{24DBD064-369D-423F-964E-6064340342CB}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Workspaces (HKLM\...\{3C68A5EA-7CBF-4CF7-9E24-3502014B3BE7}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 - Writing Tools (HKLM\...\{7F9E5872-B446-4ADE-A9CC-0B7D7A5D8F08}) (Version: 18.0 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 (HKLM\...\_{86F23E59-06B3-432A-9D16-B6A4DF379571}) (Version: 18.0.0.448 - Corel Corporation) CorelDRAW Graphics Suite X8 (HKLM\...\{BD9B2CD9-7CC9-4C8C-92E5-4A1F19446B3D}) (Version: 18.0 - Corel Corporation) Hidden Epic Games Launcher (HKLM\...\{3ECF91A4-EE22-4A3A-921F-36ECAA04C13D}) (Version: 1.1.147.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x86) (HKLM\...\{B633DAAD-9294-4C7D-A625-D5B741A8C2B6}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Facebook Gameroom 1.10.6515.35995 (HKLM\...\{0B5F75BB-9192-4E2C-A0A6-D07DC31A2E84}) (Version: 1.10.6515.35995 - Facebook) Facebook Gameroom 1.21.6663.39782 (HKLM\...\{68176DF0-3139-406A-955D-E90916FB9EE8}) (Version: 1.21.6663.39782 - Facebook) Facebook Gameroom 1.3.1.3 (HKLM\...\{7E155A45-DE1A-46E0-A6B2-10FE1D8501FC}) (Version: 1.3.1.3 - Facebook) GameSpy Arcade (HKLM\...\GameSpy Arcade) (Version: - ) Garena (remove only) (HKLM\...\gxx) (Version: 2.0.1803.0214 - Garena) Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Ghostscript GPL 8.64 (Msi Setup) (HKLM\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden Google Chrome (HKLM\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.) Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.115 - Google Inc.) Hidden HP DeskJet 3630 series Basic Device Software (HKLM\...\{B07A5721-1C73-4B37-8320-76EBE729DA39}) (Version: 35.0.61.54677 - Hewlett-Packard Co.) HP DeskJet 3630 series Help (HKLM\...\{5F074370-FEB0-4477-820F-A59DF28A933E}) (Version: 35.0.0 - Hewlett Packard) HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 18.8 - Intel) Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation) KogamaLauncher-WWW (HKLM\...\{1CC9F278-D898-43D2-BBED-B3B765045888}) (Version: 1.0.3.0 - Multiverse ApS) Launcher Prerequisites (x86) (HKLM\...\{ec50c375-be9a-4642-9b8c-86dcc42e39c3}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes) ManyCam 6.4.1 (HKLM\...\ManyCam) (Version: 6.4.1 - Visicom Media Inc.) Metric Collection SDK 35 (HKLM\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Microsoft Visual Studio Tools for Applications 2015 (HKLM\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation) Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang) Mozilla Firefox 61.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x86 en-US)) (Version: 61.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1.6759 - Mozilla) NVIDIA Update 10.11.15 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.11.15 - NVIDIA Corporation) Opera Stable 53.0.2907.99 (HKLM\...\Opera 53.0.2907.99) (Version: 53.0.2907.99 - Opera Software) Product Improvement Study for HP DeskJet 3630 series (HKLM\...\{C9226AA7-1A8D-4DA1-96B5-D75D7A903D6C}) (Version: 35.0.61.54677 - Hewlett-Packard Co.) Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7161 - Realtek Semiconductor Corp.) Roblox Player for User (HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation) ROBLOX Studio (HKLM\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version: - ROBLOX Corporation) Rules of Survival version 1.146371.153333 (HKLM\...\{F560482D-4378-4FB8-8EB7-4F017FDBCC90}_is1) (Version: 1.146371.153333 - Hong Kong Netease Interactive Entertainment Limited) SHAREit (HKLM\...\SHAREit_is1) (Version: 2.5.1.5 - Lenovo Group Limited) Skype™ 7.41 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.) SMART BRO (HKLM\...\{AEFF9E60-3E93-41EE-9895-311F7D1C5FFD}) (Version: 1.0.0.3 - ZTE Corporation) Spotify (HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\Spotify) (Version: 1.0.68.407.g6864aaaf - Spotify AB) SpywareBlaster 5.5 (HKLM\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1248 - SUPERAntiSpyware.com) TeamViewer 13 (HKLM\...\TeamViewer) (Version: 13.1.3629 - TeamViewer) Unity Web Player (HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\UnityWebPlayer) (Version: 5.3.1f1 - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Viber (HKLM\...\{DD15B198-A4E2-4FE2-9039-C4931D248A6D}) (Version: 9.1.0.6 - Viber Media Inc.) Hidden Viber (HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\{d2bd1d7b-abd7-4d75-800a-485607f728d9}) (Version: 9.1.0.6 - Viber Media Inc.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN) Windows Movie Maker 2017 (HKLM\...\{3CC29C1A-B5FE-457B-8F22-32A3667A92C7}}_is1) (Version: - windows-movie-maker.org) WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncShell.dll => No File CustomCLSID: HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS) CustomCLSID: HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncShell.dll => No File CustomCLSID: HKU\S-1-5-21-170921496-1106030034-2206049285-1000_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\User\AppData\Local\Microsoft\OneDrive\18.065.0329.0002\FileSyncShell.dll => No File ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files\Lenovo\SHAREit\ShellEx\ShellExt32.dll [2015-09-17] (Lenovo) ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files\Lenovo\SHAREit\ShellEx\ShellExt32.dll [2015-09-17] (Lenovo) ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2015-10-14] (NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0777FCEF-85E3-4E4F-A9A0-580BCFDC34F5} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0810646C-742A-4D10-AEA5-9D636C0AD3AE} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {095DA93D-9B13-4BC6-A89A-27CC34F637F5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0F6B50A0-D23A-4204-B814-D419D055C774} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-25] (Google Inc.) Task: {11AEBF65-3FCF-4852-827F-6BB2D3733053} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {12B27D3E-1B3D-4AE3-AB5B-0CC1DF791FF3} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {14511F00-F3A0-4FF7-A8B0-7479B81BA83F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {16BADD43-A78C-44D7-9FD0-A055C148CE5B} - System32\Tasks\{BF51C794-6FFE-4ABC-93DA-177B8E085822} => C:\Program Files\ManyCam\ManyCam.exe [2018-06-05] (Visicom Media Inc.) Task: {2316A092-08E0-41AA-9DD8-7A67AA63AA9C} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {2A40C5D0-3C5F-4658-86B9-8F922D6B3FBB} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-170921496-1106030034-2206049285-1006 => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {2C1621E0-A723-40A7-AB2A-612B3B32EDEF} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo) Task: {2E3C9AE9-A6C0-4250-8E84-C76D5BF4D41F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-01] (Microsoft Corporation) Task: {347187DE-DB8A-44EA-98C4-8B0665EA43C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-11-25] (Google Inc.) Task: {3D0763F8-EC35-4392-A940-7F5F0AF83579} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-06-24] (AVAST Software) Task: {41D4265D-D67E-4815-BCD2-977190C14C71} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_30_0_0_113_Plugin.exe [2018-06-08] (Adobe Systems Incorporated) Task: {442DC905-5EE4-4E90-A26B-2A92F9CA4AA4} - System32\Tasks\{C97947F3-120B-48FF-907C-DC95E339B19D} => C:\Program Files\ManyCam\ManyCam.exe [2018-06-05] (Visicom Media Inc.) Task: {4B8285F3-026C-411F-897C-D9C0D4C193EF} - System32\Tasks\gxx speed launcher => C:\Program Files\Garena\Garena\Garena.exe [2018-03-02] (Garena Online ) Task: {52CEFE6D-09A1-4B16-9F44-733F74C98A4B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-170921496-1106030034-2206049285-1007 => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {5BBCBB82-C9D5-47AA-B744-C16D90CF2FB6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5DE8D14B-940F-446A-82A4-5395297D541A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-01] (Microsoft Corporation) Task: {5E6C0249-5713-47C5-9521-0AA14272FC1B} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {6205E9E4-A3C9-4006-ADE3-5F9DAADC32D8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-01] (Microsoft Corporation) Task: {659F484A-39FD-4F29-A5A0-AD0584B6A6F0} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {65A32121-3E75-4DD0-8F83-7DC561E537FD} - System32\Tasks\CorelUpdateHelperTask-32DDC59140EEA9AF6DFBC8F7953E075B => C:\Program Files\Corel\CUH\v2\CUH.exe [2018-02-23] (Corel Corporation) Task: {6DFA7D36-9D23-44A1-8025-84B42C92305A} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files\Corel\CUH\v2\CUH.exe [2018-02-23] (Corel Corporation) Task: {74417687-D431-49AF-ACC3-59A51C353CF1} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {7A078A90-E149-49A6-A146-3328FA87F879} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1806.18062-0\MpCmdRun.exe [2018-07-01] (Microsoft Corporation) Task: {7AD0804E-EBD8-4736-B85A-A4C22A5F2862} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {7E2BAFB9-249B-4192-932E-DB14B78A56A6} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {801AA534-DA82-455F-BB2D-C179D45DCD10} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8545A07A-5850-4643-B44E-3FEEFF136ECA} - System32\Tasks\{997DB58C-3BAD-4111-A9B8-43ACF5BACBBC} => C:\Program Files\ManyCam\ManyCam.exe [2018-06-05] (Visicom Media Inc.) Task: {868153E0-3C48-468B-AC0F-DC318EF5E22B} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {8849DDAD-BA41-4A13-B038-81CA813E7806} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-170921496-1106030034-2206049285-1005 => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {99856247-6588-4878-989E-1AD1408FE2A0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {A205DEF6-B389-4C24-9769-7FC1E754E61B} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe Task: {A53758E7-68E4-42D6-BE94-441EEFB5C348} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {AA813128-8FA4-45EE-9E39-6FA8E07D16A1} - System32\Tasks\{C2FD7ABB-3827-4108-9103-94943D2C13C2} => c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\Capture.exe [2016-03-05] (Corel Corporation) Task: {B233D596-2CBD-4B93-A800-1C7E45BCB4F3} - System32\Tasks\{34BD5512-90D1-4EAE-902F-884AC2F826E4} => C:\Windows\system32\pcalua.exe -a C:\PROGRA~1\3DO\ARMYME~1\UNWISE.EXE -c C:\PROGRA~1\3DO\ARMYME~1\INSTALL.LOG Task: {B7C8F649-7E0B-40E2-951E-73F7012D234B} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-170921496-1106030034-2206049285-1008 => C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe Task: {BECFE5E7-7E29-4EE9-AC04-842E096ACF07} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] () Task: {C26C0AE4-DECB-4949-802F-0AB8CE9ACE1F} - System32\Tasks\Opera scheduled Autoupdate 1450251767 => C:\Program Files\Opera\launcher.exe [2018-06-12] (Opera Software) Task: {CB73A36C-F2CC-4AED-A990-9D68E7D45120} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated) Task: {D808EE76-3F5B-410E-96E1-5EF794794DCD} - System32\Tasks\Microsoft\Windows\DeviceDirectoryClient\RegisterDeviceWnsFallback Task: {D86B8926-7647-473E-8115-8A16B7232909} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {D99F533B-6955-4C60-9ABD-11D52D3718D4} - System32\Tasks\Games\UpdateCheck_S-1-5-21-170921496-1106030034-2206049285-1000 Task: {DD156DBE-ED1C-467B-BB90-BA208D04D7DE} - System32\Tasks\{B8289DBA-B315-475C-AD9C-3445E6A55A86} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\51talk\uninst.exe" Task: {ED255155-AF1D-4A85-BB5C-768B13352905} - System32\Tasks\HPCustParticipation HP DeskJet 3630 series => C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPCustPartic.exe [2015-04-09] (Hewlett-Packard Development Company, LP) Task: {EFBB614D-08E6-44BA-A3F3-ABC09BF9254A} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F7D03C53-1BDA-4728-A1D4-1C0C39AD8C62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2018-06-08] (Adobe Systems Incorporated) Task: {F899CA0C-0DCD-49B1-B3E1-13069B0CC13A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F9FB6A57-2928-414E-8405-E1C0B3CE9494} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {FBE97EAA-5A45-48B1-9B35-3E3079BCE704} - System32\Tasks\{3FBACA53-4FB8-492C-9877-F55766A708D1} => C:\Program Files\ManyCam\ManyCam.exe [2018-06-05] (Visicom Media Inc.) Task: {FED72613-9E50-4B46-BE70-29163BD05AEA} - System32\Tasks\{C5941939-7FA8-45C4-B9E7-47CC095B4D15} => c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelDRW.exe [2016-03-05] (Corel Corporation) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\gxx speed launcher.job => C:\Program Files\Garena\Garena\Garena.exe ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Tao 1 - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" ==================== Loaded Modules (Whitelisted) ============== 2018-04-12 04:29 - 2018-04-12 04:29 - 000364200 _____ () C:\Windows\System32\InputHost.dll 2017-10-13 14:46 - 2017-10-13 14:46 - 000266424 _____ () C:\Program Files\Garena\Garena\2.0.1803.0214\libprotobuf-lite.dll 2018-03-02 14:57 - 2018-03-02 14:57 - 001442624 _____ () C:\Program Files\Garena\Garena\2.0.1803.0214\libs\gxx_pipe_engine.dll 2018-03-02 14:56 - 2018-03-02 14:56 - 002206528 _____ () C:\Program Files\Garena\Garena\2.0.1803.0214\libs\FSFileSytem.dll 2016-09-12 17:02 - 2015-12-23 18:31 - 000625440 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll 2015-07-08 12:02 - 2015-10-14 00:47 - 000113840 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll 2018-04-12 04:29 - 2018-04-12 04:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll 2018-04-12 04:29 - 2018-04-12 04:29 - 001670656 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll 2018-07-11 21:44 - 2018-07-06 14:53 - 001609216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2018-05-22 05:33 - 2018-05-22 05:35 - 000075264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkypeHost.exe 2018-05-22 05:33 - 2018-05-22 05:35 - 000166400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll 2018-05-22 05:33 - 2018-05-22 05:36 - 016203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkyWrap.dll 2018-05-22 05:33 - 2018-05-22 05:35 - 001811456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\skypert.dll 2018-05-22 05:33 - 2018-05-22 05:33 - 000508928 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\RtmMvrUap.dll 2017-08-14 09:33 - 2016-06-24 16:54 - 000474504 _____ () C:\Program Files\Hostless Modem\SMART BRO\CheckNDISPort_df.exe 2017-08-14 09:33 - 2016-06-24 16:54 - 000446344 _____ () C:\Program Files\Hostless Modem\SMART BRO\CancelAutoPlay_df.exe ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [125] AlternateDataStreams: C:\Users\User\Desktop\passport.jpeg:3or4kl4x13tuuug3Byamue2s4b [93] AlternateDataStreams: C:\Users\User\Desktop\passport.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0] ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\localhost -> localhost IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\0411dd.com -> 0411dd.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\0511zfhl.com -> 0511zfhl.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\0632qyw.com -> 0632qyw.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-170921496-1106030034-2206049285-1000\...\1001movie.com -> 1001movie.com There are 6091 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 10:04 - 2018-07-07 06:15 - 000000029 _____ C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-170921496-1106030034-2206049285-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: ) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == MSCONFIG\Services: dbupdate => 2 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\startupfolder: C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{0D4A14A5-285D-415F-BA30-2CABC5418CCA}] => (Allow) C:\Program Files\Opera\53.0.2907.68\opera.exe FirewallRules: [UDP Query User{07A13D84-191A-4CDB-9A5E-E19A028CA6A0}C:\ros\ros.exe] => (Block) C:\ros\ros.exe FirewallRules: [TCP Query User{A54F355E-85CC-4962-93A7-F6342D6D2BFA}C:\ros\ros.exe] => (Block) C:\ros\ros.exe FirewallRules: [UDP Query User{398F581E-B959-4E3E-BD66-306EDE7FB750}C:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [TCP Query User{FDA5A881-BEE4-4990-B64D-B7D4E74720A5}C:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) C:\program files\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe FirewallRules: [{24B777A1-2AC7-4983-8D55-6B2287C91432}] => (Allow) C:\Program Files\Garena\Garena\2.0.1801.1820\gxxsvc.exe FirewallRules: [UDP Query User{45A2FCB8-B993-4A60-B23A-416B0CBAC17D}C:\ros\ccmini\ccmini.exe] => (Block) C:\ros\ccmini\ccmini.exe FirewallRules: [TCP Query User{B5E4A5B2-18A2-49F6-B31D-88C55E62D51E}C:\ros\ccmini\ccmini.exe] => (Block) C:\ros\ccmini\ccmini.exe FirewallRules: [UDP Query User{40E06E20-0C07-4389-832A-5147AA72B3BA}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe FirewallRules: [TCP Query User{CB9C4092-04E6-47DE-9E8F-E0E2CF6C034F}C:\ros\ros.exe] => (Allow) C:\ros\ros.exe FirewallRules: [UDP Query User{D2D3D556-B7BB-41C9-8397-FC2074F966CF}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_151\bin\javaw.exe FirewallRules: [TCP Query User{A6D8890F-D650-4DE6-B8A4-A5C6974EB85F}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_151\bin\javaw.exe FirewallRules: [UDP Query User{8906E1F9-A288-4032-B47B-E662F7986AA3}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_151\bin\javaw.exe FirewallRules: [TCP Query User{7134E8B7-8637-406C-BBA2-9E651B83CB15}C:\program files\java\jre1.8.0_151\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_151\bin\javaw.exe FirewallRules: [UDP Query User{99C12928-25E6-4B7C-B806-FB4A1F573963}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [TCP Query User{BC299826-BE33-4858-9503-00EF8309A2CF}C:\program files\camfrog\camfrog video chat\camfrog video chat.exe] => (Allow) C:\program files\camfrog\camfrog video chat\camfrog video chat.exe FirewallRules: [{BAF353AC-C071-451C-98EB-9CA23182ECF4}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{2F10C0A1-B22A-4296-9B4A-D32B8B823B5F}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{132C7BEF-EB74-47D1-8300-04537434DC60}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\DeviceSetup.exe FirewallRules: [{1C278572-6D34-4864-A319-61BB2A0FA851}] => (Allow) LPort=5357 FirewallRules: [{2E485E6A-234E-4250-9A38-3894B74658A1}] => (Allow) C:\Program Files\HP\HP DeskJet 3630 series\Bin\HPNetworkCommunicatorCom.exe FirewallRules: [{B8F579E4-FEB9-4918-9310-8165BE2EDA15}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{601F1094-6D4E-4A14-9055-8ADF611DEBB5}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{66CE28F0-3852-4AAD-8970-0EF0B7033049}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelDrw.exe FirewallRules: [{08A25C0D-E8B4-4835-926E-C34A3139C12B}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs\CorelPP.exe FirewallRules: [TCP Query User{DF822C39-548B-4915-A206-24D194D42AF1}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{583FCD58-6CE4-46B3-BC9A-3DD89F48DB04}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{B9D0A988-821F-4ACD-AACB-4248231674C6}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{CE5C7DA9-DEDE-4878-B4EB-A1A69EB59860}C:\users\user\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\user\appdata\roaming\spotify\spotify.exe FirewallRules: [{2283A52F-8685-454D-A11A-5758A6F1D367}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{9953E8DA-70D2-4A05-8A26-9DC4952F9275}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{23136882-E600-42CC-A289-75EB1296475D}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs\CorelDrw.exe FirewallRules: [{1D8BB729-B205-4E0D-AC25-AAA530F9D053}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite 2017\Programs\CorelPP.exe FirewallRules: [{36FD7282-3368-499E-8E75-1FAE9AB6F3DF}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{A5DADC6E-813F-49EE-A833-1EE4D839141E}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{B0CDE47C-47F1-4401-8BBA-5124A73DD6FA}] => (Allow) LPort=5357 FirewallRules: [{4EB9C8FC-A413-4256-96AA-0DE18992FC02}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{2618E8BB-1A39-42C4-912F-60DE16F61BBC}] => (Allow) C:\Program Files\Lenovo\SHAREit\SHAREit.exe FirewallRules: [{2F15B074-B4F3-4325-880F-A3AE828B9005}] => (Allow) LPort=5357 FirewallRules: [{82288690-12BC-4471-B3F6-6B2F0E099CD6}] => (Allow) C:\Users\User\Downloads\AnyDesk.exe FirewallRules: [{0DC99847-DAC4-4C24-B033-D25FC1AD817E}] => (Allow) C:\Users\User\Downloads\AnyDesk.exe FirewallRules: [{37A73214-EDF0-4638-9145-D3F28B99583A}] => (Allow) C:\Users\User\Downloads\AnyDesk.exe FirewallRules: [{F83031AD-0142-45FB-BFE3-D4876397B707}] => (Allow) C:\Users\User\Downloads\AnyDesk.exe FirewallRules: [{B7F64661-5F70-4771-9F67-298EC493CD3E}] => (Allow) C:\Users\User\Downloads\AnyDesk.exe FirewallRules: [{6FB0720E-4FDE-4DA7-9C57-53186A3D3C11}] => (Allow) C:\Users\User\Downloads\AnyDesk.exe FirewallRules: [{E690A209-5FFC-48AC-886A-9999219BBE27}] => (Allow) C:\Program Files\Opera\53.0.2907.99\opera.exe FirewallRules: [{1AB25D19-F593-4EB0-BF94-FC2D0B09C9A0}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{81785A51-ED75-42CA-9E88-21F6DA70FC76}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe FirewallRules: [{77E0E075-7D84-40C3-BB97-29CAEB8CDE7C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{CA566875-F60E-4773-AAA1-86643628B558}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{D1DF20D3-6ECD-487C-93C5-2AF135B4A5DC}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{A4C49E38-4A10-44E8-A33C-AFF2CC132E68}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{FA682AEB-F109-4983-AD7A-5D9909FCDEC4}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe ==================== Restore Points ========================= ATTENTION: System Restore is disabled ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/17/2018 02:46:51 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program iexplore.exe version 11.0.17134.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 2bbc Start Time: 01d41d3538aa0b86 Termination Time: 5 Application Path: C:\Program Files\Internet Explorer\iexplore.exe Report Id: 803bd4b6-b578-45c3-bdb7-183e38cdc5e9 Faulting package full name: Faulting package-relative application ID: Error: (07/16/2018 11:52:28 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected Error: (07/16/2018 11:52:27 PM) (Source: COM) (EventID: 10031) (User: ) Description: An unmarshaling policy check was performed when unmarshaling a custom marshaled object and the class {41FD88F7-F295-4D39-91AC-A85F3149A05B} was rejected Error: (07/16/2018 01:03:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: backgroundTaskHost.exe, version: 10.0.17134.1, time stamp: 0xb3ceae44 Faulting module name: msvcrt.dll, version: 7.0.17134.1, time stamp: 0xc5dd3631 Exception code: 0xc0000005 Fault offset: 0x000889ea Faulting process id: 0x2964 Faulting application start time: 0x01d41cc1c2e2f179 Faulting application path: C:\WINDOWS\system32\backgroundTaskHost.exe Faulting module path: C:\WINDOWS\System32\msvcrt.dll Report Id: 8fe2ce72-463d-4c9e-b712-492008908cec Faulting package full name: Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy Faulting package-relative application ID: App Error: (07/15/2018 03:46:08 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SecHealthUI.exe, version: 10.0.17134.137, time stamp: 0x5b2344ff Faulting module name: SecHealthUIDataModel.dll, version: 0.0.0.0, time stamp: 0x5b234545 Exception code: 0xc0000005 Fault offset: 0x000c280b Faulting process id: 0x1f50 Faulting application start time: 0x01d41bab4b9e2039 Faulting application path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe Faulting module path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll Report Id: 8cc5876c-5b1f-4dbf-b3f1-56303cee6e13 Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.17134.1_neutral__cw5n1h2txyewy Faulting package-relative application ID: SecHealthUI Error: (07/15/2018 03:09:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Discord.exe, version: 0.0.45.0, time stamp: 0x5ae8012a Faulting module name: Discord.exe, version: 0.0.45.0, time stamp: 0x5ae8012a Exception code: 0x80000003 Fault offset: 0x00313579 Faulting process id: 0x2918 Faulting application start time: 0x01d41ba5f8203ca3 Faulting application path: C:\Users\Kid's Account\AppData\Local\Discord\app-0.0.301\Discord.exe Faulting module path: C:\Users\Kid's Account\AppData\Local\Discord\app-0.0.301\Discord.exe Report Id: e811a72d-f748-4c40-9229-81204f8d62b1 Faulting package full name: Faulting package-relative application ID: Error: (07/14/2018 12:25:36 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Discord.exe, version: 0.0.45.0, time stamp: 0x5ae8012a Faulting module name: Discord.exe, version: 0.0.45.0, time stamp: 0x5ae8012a Exception code: 0x80000003 Fault offset: 0x00313579 Faulting process id: 0x3324 Faulting application start time: 0x01d41ac617b0af13 Faulting application path: C:\Users\Kid's Account\AppData\Local\Discord\app-0.0.301\Discord.exe Faulting module path: C:\Users\Kid's Account\AppData\Local\Discord\app-0.0.301\Discord.exe Report Id: 144f6e12-cd0a-487b-b423-9fd76f1aa6d6 Faulting package full name: Faulting package-relative application ID: Error: (07/13/2018 09:43:38 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: FacebookGameroom.exe, version: 1.21.6663.39782, time stamp: 0x5abf173d Faulting module name: CefSharp.Core.dll, version: 0.0.0.0, time stamp: 0x5a6a3064 Exception code: 0xc0000005 Fault offset: 0x0007076f Faulting process id: 0x27bc Faulting application start time: 0x01d41a4a3c0d5a84 Faulting application path: C:\Users\Brother's Account\AppData\Local\Facebook\Games\FacebookGameroom.exe Faulting module path: C:\Users\Brother's Account\AppData\Local\Facebook\Games\CefSharp.Core.dll Report Id: 4997306c-8b18-47a9-929a-4f7b2a91e3a9 Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (07/17/2018 09:05:40 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/17/2018 07:10:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscDataProtection and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/17/2018 07:10:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID Windows.SecurityCenter.WscBrokerManager and APPID Unavailable to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/17/2018 07:10:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/17/2018 07:08:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool. Error: (07/17/2018 07:06:50 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Garena platform service service terminated unexpectedly. It has done this 1 time(s). Error: (07/17/2018 07:06:49 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Message Queuing service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (07/17/2018 07:06:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The ManyCam Service service terminated unexpectedly. It has done this 1 time(s). Windows Defender: =================================== Date: 2018-07-16 00:50:22.447 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {7C9D021A-469F-4595-8393-463F6D014A19} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-06-25 08:50:48.321 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Name: HackTool:Win32/Keygen ID: 2147593794 Severity: High Category: Tool Path: file:_D:\outocad10\en-US\Crack\Adesk2010_keygen_x64.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\SearchProtocolHost.exe Signature Version: AV: 1.269.1889.0, AS: 1.269.1889.0, NIS: 1.269.1889.0 Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4 Date: 2018-06-25 08:50:20.662 Description: Windows Defender Antivirus has detected malware or other potentially unwanted software. For more information please see the following: https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/Keygen&threatid=2147593794&enterprise=0 Name: HackTool:Win32/Keygen ID: 2147593794 Severity: High Category: Tool Path: file:_D:\outocad10\en-US\Crack\Adesk2010_keygen_x86.exe Detection Origin: Local machine Detection Type: Concrete Detection Source: Real-Time Protection Process Name: C:\Windows\System32\SearchProtocolHost.exe Signature Version: AV: 1.269.1889.0, AS: 1.269.1889.0, NIS: 1.269.1889.0 Engine Version: AM: 1.1.14901.4, NIS: 1.1.14901.4 Date: 2018-06-11 22:24:29.673 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {C6094EAA-8BEE-4C92-86E0-E3F06433A561} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-06-11 21:51:27.502 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {E1239987-65AC-4F6F-85E6-722C65AA488B} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2018-06-02 06:12:02.288 Description: Windows Defender Antivirus has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.269.412.0 Update Source: Microsoft Update Server Signature Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.14901.4 Error code: 0x80072ee2 Error description: The operation timed out CodeIntegrity: =================================== Date: 2018-07-14 22:15:21.524 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\ashShell.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-14 20:19:53.225 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhookx.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-14 15:31:20.836 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhookx.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-14 05:57:02.137 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhookx.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-14 05:45:33.757 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhookx.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-14 05:45:33.676 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhookx.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-14 00:44:18.957 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhookx.dll that did not meet the Microsoft signing level requirements. Date: 2018-07-14 00:24:52.591 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume2\Program Files\AVAST Software\Avast\aswhookx.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz Percentage of memory in use: 72% Total physical RAM: 1973.39 MB Available physical RAM: 542.52 MB Total Virtual: 6325.39 MB Available Virtual: 4577.17 MB ==================== Drives ================================ Drive 😄 () (Fixed) (Total:97.12 GB) (Free:19.27 GB) NTFS Drive d: () (Fixed) (Total:368.1 GB) (Free:152.85 GB) NTFS \\?\Volume{00db65b8-25a2-11e5-96ca-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS \\?\Volume{9f05d129-0000-0000-0000-e04d18000000}\ () (Fixed) (Total:0.44 GB) (Free:0.13 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 9F05D129) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=97.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  1. Load more activity
×