Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-03-2017
Ran by Keylor Mo (09-03-2017 19:03:43)
Running from C:\Users\Keylor Mo\Desktop
Microsoft Windows 10 Pro Version 1607 (X86) (2016-10-02 15:54:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1925041687-3826732043-3313555696-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1925041687-3826732043-3313555696-503 - Limited - Disabled)
Guest (S-1-5-21-1925041687-3826732043-3313555696-501 - Limited - Disabled)
Keylor Mo (S-1-5-21-1925041687-3826732043-3313555696-1002 - Administrator - Enabled) => C:\Users\Keylor Mo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . . (Version: 2.6.2.4 - Intel) Hidden
µTorrent (HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adblock Plus for IE (32-bit) (HKLM\...\{E93152F1-E3AE-4B2A-9BAC-F770203F67E5}) (Version: 1.5 - Eyeo GmbH)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{3EB745BA-194F-4475-9164-B20BB2172395}) (Version: 12.0 - Adobe Systems Incorporated)
Bandicam (HKLM\...\Bandicam) (Version: 3.1.1.1073 - Bandisoft.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Counter-Strike 1.6 (HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\Counter-Strike 1.6) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
League client alpha (HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (Version: 4.1.2 - Riot Games) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Modem HDM EC156 (HKLM\...\Modem HDM EC156) (Version: 21.005.20.03.649 - Huawei Technologies Co.,Ltd)
NetCut 2.1.4 (HKLM\...\NetCut_is1) (Version: - arcai.com)
Node.js (HKLM\...\{47840698-D4F5-414F-A3A9-9A23BF6C6A1A}) (Version: 4.4.3 - Node.js Foundation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Security Task Manager 2.1i (HKLM\...\Security Task Manager) (Version: 2.1i - Neuber Software)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B6A8048-AC2F-42D1-A341-9F2F6F00DC2F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-keylormo@outlook.com => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {2D42E3FB-F3B8-4B39-82BC-A1FB43224CD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.)
Task: {3AF4B9E6-F405-4D0D-8C0C-FBFBEDC2C448} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {47C402C7-F033-4894-BA1B-0418CF56CC38} - System32\Tasks\{2E3FD621-58EF-4CAB-AEBA-A4E4CBB54E59} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.16.0.101/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {6BC28B8E-69D6-477B-B4FE-E1F4508A9199} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.)
Task: {A33E1E70-6E1F-4F26-A418-93F9B5FFC21C} - System32\Tasks\{EB027DF4-EF5F-4BCA-8582-E2AFEABC560A} => pcalua.exe -a "E:\Driver\8187Driver\8187-Win XP\Setup.exe" -d "E:\Driver\8187Driver\8187-Win XP"
Task: {C2918BC0-5EBF-45DC-9F60-3AADA2759A31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-12] (Adobe Systems Incorporated)
Task: {CC38EBDC-3B1D-4D44-A483-09F3333885C1} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: {F5A5F1A8-81B4-4C3C-87C7-6673BC89B02B} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-11-07] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 08:25 - 2016-07-16 08:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-17 16:41 - 2016-12-09 10:11 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2011-03-14 15:27 - 2011-03-14 15:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2016-11-30 11:01 - 2016-12-29 18:57 - 00655712 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\ouc.exe
2016-11-30 11:01 - 2016-11-29 20:27 - 00011362 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\mingwm10.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 00043008 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\libgcc_s_dw2-1.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 02415104 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\QtCore4.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 01148416 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\QtNetwork4.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 00843264 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\QueryStrategy.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 00398336 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\QtXml4.dll
2016-12-17 16:41 - 2016-12-09 10:11 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 23:36 - 2016-10-02 23:37 - 00679624 _____ () C:\Users\Keylor Mo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-03-28 18:07 - 2016-03-28 18:07 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-07-16 08:25 - 2016-07-16 08:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 05:37 - 2016-12-21 04:42 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 05:37 - 2016-12-21 04:41 - 00492032 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-01-11 05:36 - 2016-12-21 04:25 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 05:36 - 2016-12-21 04:21 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-03 00:11 - 2016-10-03 00:11 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 05:36 - 2016-12-21 04:21 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 05:36 - 2016-12-21 04:22 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 05:36 - 2016-12-21 04:24 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-02 18:17 - 2017-03-02 18:25 - 00019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 18:17 - 2017-03-02 18:25 - 17431552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 18:17 - 2017-03-02 18:25 - 04697600 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\MediaEngine.dll
2016-06-24 18:24 - 2016-06-24 18:25 - 00541696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 18:17 - 2017-03-02 18:25 - 00250880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 18:17 - 2017-03-02 18:25 - 00645632 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-03 20:07 - 2016-03-03 20:40 - 00180224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-22 16:25 - 2017-02-22 16:34 - 00064512 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 16:25 - 2017-02-22 16:34 - 00153088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 16:25 - 2017-02-22 16:34 - 30889472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-02-07 21:33 - 2017-02-07 22:01 - 01733120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\roottools.dll
2017-02-22 16:25 - 2017-02-22 16:34 - 00098816 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeHost.Proxies.dll
2016-06-23 11:02 - 2016-06-23 11:02 - 00149272 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2016-06-23 11:02 - 2016-06-23 11:02 - 00089880 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2016-06-23 11:02 - 2016-06-23 11:02 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2016-06-23 11:02 - 2016-06-23 11:02 - 00259352 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00118872 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\filesystem_stdio.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 01840440 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\hw.dll
2017-02-25 23:16 - 2011-08-23 19:09 - 00352256 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\vgui.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00351744 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\mss32.dll
2017-02-25 23:13 - 2011-02-05 16:43 - 00207872 _____ () c:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\steamclient.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00081920 _____ () c:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\valve\cl_dlls\particleman.dll
2017-02-25 23:16 - 2011-08-23 19:09 - 00245819 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\vgui2.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00845112 _____ () c:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\valve\cl_dlls\GameUI.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00125952 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\Mp3dec.asi
2017-02-25 23:13 - 2011-08-23 19:09 - 00142848 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\Mssv12.asi
2017-02-25 23:13 - 2011-08-23 19:09 - 00161792 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\Mssv29.asi
2017-02-25 23:16 - 2011-08-23 19:09 - 00053248 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\voice_miles.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00090112 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\demoplayer.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00258106 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\core.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00535552 _____ () c:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\platform\Servers\serverbrowser.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00344064 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\tier0.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 08:28 - 2016-02-24 22:28 - 00001236 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 thislineskipsanyemptylines
127.0.0.1 mirillis.com
127.0.0.1 www.mirillis.com
127.0.0.1 serwer2.paka-service.com
127.0.0.1 ns386119.ovh.net
127.0.0.1 mirillis.pl
127.0.0.1 www.ovh.com
127.0.0.1 176.31.241.10
127.0.0.1 91.121.143.139
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Keylor Mo\Desktop\422954_379568645388594_4256134_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "Baidu PC Faster 5.1.0.0"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "EagleGet"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6B082E3ECDAA2487AA2D9D07650D2274"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{43E1A9CD-0BF3-4CCD-BC6E-37B670958620}C:\users\keylor mo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\keylor mo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D1DCC661-5EDE-4C2A-8B95-F3968B9F7763}C:\users\keylor mo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\keylor mo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{D52BAE50-03C7-427E-B74F-5DAB1CB8BA86}C:\program files\counter-strike 1.6 omonas\hl.exe] => (Allow) C:\program files\counter-strike 1.6 omonas\hl.exe
FirewallRules: [UDP Query User{A185A841-226B-4484-9509-4C83C04D06FB}C:\program files\counter-strike 1.6 omonas\hl.exe] => (Allow) C:\program files\counter-strike 1.6 omonas\hl.exe
FirewallRules: [TCP Query User{EE74611E-98A8-4F3E-A4FA-9DCC0A99A3FD}C:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\hl.exe] => (Allow) C:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\hl.exe
FirewallRules: [UDP Query User{16CF5B43-7295-4B94-B25F-B76E8E64C6D0}C:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\hl.exe] => (Allow) C:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\hl.exe
FirewallRules: [{22232E71-0E4C-40DA-803D-3E587E81A922}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{A4EB1D2F-3A11-439B-90EC-B5EE5B95C3A9}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{E6DF524C-B670-483B-B113-795922D58A35}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{16DA58C8-579B-4005-8D0C-067CA8553560}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
==================== Restore Points =========================
21-02-2017 01:26:00 Intel® Driver Update Utility
24-02-2017 07:58:04 Windows Update
03-03-2017 12:42:27 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/09/2017 05:30:03 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (03/09/2017 05:29:19 PM) (Source: ESENT) (EventID: 490) (User: )
Description: wuaueng.dll (1116) SUS20ClientDataStore: An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/09/2017 04:41:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LeagueClientUx.exe version 7.5.178.8497 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 7b4
Start Time: 01d298ead3682990
Termination Time: 4294967295
Application Path: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.56\deploy\LeagueClientUx.exe
Report Id: 2f13c761-04e7-11e7-951d-b4b52f347934
Faulting package full name:
Faulting package-relative application ID:
Error: (03/09/2017 04:49:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WiFiTask.exe, version: 10.0.14393.187, time stamp: 0x57cf9d82
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x58256cad
Exception code: 0xc0000005
Fault offset: 0x00056af8
Faulting process id: 0x1250
Faulting application start time: 0x01d298906f8e42b0
Faulting application path: C:\WINDOWS\System32\WiFiTask.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 841db25f-91b8-4381-b4ed-c361e1b0f2d8
Faulting package full name:
Faulting package-relative application ID:
Error: (03/09/2017 03:56:12 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (03/08/2017 05:01:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819c280
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.594, time stamp: 0x5850ccd7
Exception code: 0xc000027b
Fault offset: 0x0070d26c
Faulting process id: 0x1b48
Faulting application start time: 0x01d297a8612c83fd
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 587364dd-bad2-4569-b964-c63a0143cc56
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (03/08/2017 01:07:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819c280
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.594, time stamp: 0x5850ccd7
Exception code: 0xc000027b
Fault offset: 0x0070d26c
Faulting process id: 0x9c8
Faulting application start time: 0x01d297919de299be
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: c54535b6-b5a3-4cde-81a1-31d9d7fdef56
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (03/07/2017 09:19:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LeagueClientUx.exe version 7.4.176.9146 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: afc
Start Time: 01d297881d667e36
Termination Time: 4294967295
Application Path: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.55\deploy\LeagueClientUx.exe
Report Id: b42d7c25-037b-11e7-951b-b4b52f347934
Faulting package full name:
Faulting package-relative application ID:
Error: (03/07/2017 01:12:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819c280
Faulting module name: combase.dll, version: 10.0.14393.479, time stamp: 0x58256dbb
Exception code: 0xc000027b
Fault offset: 0x001a5741
Faulting process id: 0x1eb4
Faulting application start time: 0x01d2971628bf69ba
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: 5dae8fe5-51ea-4b4f-b725-da240ad8dc4c
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (03/06/2017 11:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Music.UI.exe, version: 10.17012.1030.0, time stamp: 0x58a42d97
Faulting module name: Music.UI.exe, version: 10.17012.1030.0, time stamp: 0x58a42d97
Exception code: 0x80000003
Fault offset: 0x00035d48
Faulting process id: 0x23a4
Faulting application start time: 0x01d296cb327c6a14
Faulting application path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10301.0_x86__8wekyb3d8bbwe\Music.UI.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10301.0_x86__8wekyb3d8bbwe\Music.UI.exe
Report Id: 54c71466-393c-406d-9994-e880429cef13
Faulting package full name: Microsoft.ZuneMusic_10.17012.10301.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.ZuneMusic
System errors:
=============
Error: (03/09/2017 05:36:11 PM) (Source: DCOM) (EventID: 10016) (User: INCONNU-4C-0F-C)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user INCONNU-4C-0F-C\Keylor Mo SID (S-1-5-21-1925041687-3826732043-3313555696-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 05:35:54 PM) (Source: DCOM) (EventID: 10016) (User: INCONNU-4C-0F-C)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user INCONNU-4C-0F-C\Keylor Mo SID (S-1-5-21-1925041687-3826732043-3313555696-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 05:31:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (03/09/2017 05:29:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%3355444232
Error: (03/09/2017 03:58:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 03:58:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 03:58:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 03:58:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 04:48:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 04:47:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Modem HDM EC156. RunOuc service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===================================
Date: 2016-10-19 13:43:30.298
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-19 13:43:29.507
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 77%
Total physical RAM: 1942.36 MB
Available physical RAM: 439.85 MB
Total Virtual: 4118.36 MB
Available Virtual: 1605.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:145.71 GB) (Free:102.93 GB) NTFS
Drive d: () (Fixed) (Total:151.51 GB) (Free:137.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: ABA1A315)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=792 MB) - (Type=27)
Partition 4: (Not Active) - (Size=151.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Keylor Mo (09-03-2017 19:03:43)
Running from C:\Users\Keylor Mo\Desktop
Microsoft Windows 10 Pro Version 1607 (X86) (2016-10-02 15:54:11)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1925041687-3826732043-3313555696-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1925041687-3826732043-3313555696-503 - Limited - Disabled)
Guest (S-1-5-21-1925041687-3826732043-3313555696-501 - Limited - Disabled)
Keylor Mo (S-1-5-21-1925041687-3826732043-3313555696-1002 - Administrator - Enabled) => C:\Users\Keylor Mo
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . . (Version: 2.6.2.4 - Intel) Hidden
µTorrent (HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
Adblock Plus for IE (32-bit) (HKLM\...\{E93152F1-E3AE-4B2A-9BAC-F770203F67E5}) (Version: 1.5 - Eyeo GmbH)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM\...\{3EB745BA-194F-4475-9164-B20BB2172395}) (Version: 12.0 - Adobe Systems Incorporated)
Bandicam (HKLM\...\Bandicam) (Version: 3.1.1.1073 - Bandisoft.com)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Counter-Strike 1.6 (HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\Counter-Strike 1.6) (Version: - )
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel® Driver Update Utility (HKLM\...\{66e8e99a-eb6f-4403-9fc2-0ddd4d6f353e}) (Version: 2.6.2.4 - Intel)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
League client alpha (HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\League client alpha 1.0) (Version: 1.0 - Riot Games, Inc)
League of Legends (HKLM\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (Version: 4.1.2 - Riot Games) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Modem HDM EC156 (HKLM\...\Modem HDM EC156) (Version: 21.005.20.03.649 - Huawei Technologies Co.,Ltd)
NetCut 2.1.4 (HKLM\...\NetCut_is1) (Version: - arcai.com)
Node.js (HKLM\...\{47840698-D4F5-414F-A3A9-9A23BF6C6A1A}) (Version: 4.4.3 - Node.js Foundation)
Notepad++ (HKLM\...\Notepad++) (Version: 6.9.1 - Notepad++ Team)
NVIDIA PhysX (HKLM\...\{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}) (Version: 9.13.0725 - NVIDIA Corporation)
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Security Task Manager 2.1i (HKLM\...\Security Task Manager) (Version: 2.1i - Neuber Software)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.98 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0B6A8048-AC2F-42D1-A341-9F2F6F00DC2F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-keylormo@outlook.com => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {2D42E3FB-F3B8-4B39-82BC-A1FB43224CD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.)
Task: {3AF4B9E6-F405-4D0D-8C0C-FBFBEDC2C448} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {47C402C7-F033-4894-BA1B-0418CF56CC38} - System32\Tasks\{2E3FD621-58EF-4CAB-AEBA-A4E4CBB54E59} => launchwinapp.exe hxxp://ui.skype.com/ui/0/7.16.0.101/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {6BC28B8E-69D6-477B-B4FE-E1F4508A9199} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.)
Task: {A33E1E70-6E1F-4F26-A418-93F9B5FFC21C} - System32\Tasks\{EB027DF4-EF5F-4BCA-8582-E2AFEABC560A} => pcalua.exe -a "E:\Driver\8187Driver\8187-Win XP\Setup.exe" -d "E:\Driver\8187Driver\8187-Win XP"
Task: {C2918BC0-5EBF-45DC-9F60-3AADA2759A31} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-12] (Adobe Systems Incorporated)
Task: {CC38EBDC-3B1D-4D44-A483-09F3333885C1} - System32\Tasks\DriverToolkit Autorun => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: {F5A5F1A8-81B4-4C3C-87C7-6673BC89B02B} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2016-11-07] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DriverToolkit Autorun.job => C:\Program Files\DriverToolkit\DriverToolkit.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-07-16 08:25 - 2016-07-16 08:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-17 16:41 - 2016-12-09 10:11 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2011-03-14 15:27 - 2011-03-14 15:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2016-11-30 11:01 - 2016-12-29 18:57 - 00655712 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\ouc.exe
2016-11-30 11:01 - 2016-11-29 20:27 - 00011362 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\mingwm10.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 00043008 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\libgcc_s_dw2-1.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 02415104 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\QtCore4.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 01148416 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\QtNetwork4.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 00843264 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\QueryStrategy.dll
2016-11-30 11:01 - 2016-11-29 20:27 - 00398336 _____ () C:\ProgramData\Modem HDM EC156\OnlineUpdate\QtXml4.dll
2016-12-17 16:41 - 2016-12-09 10:11 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-02 23:36 - 2016-10-02 23:37 - 00679624 _____ () C:\Users\Keylor Mo\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-03-28 18:07 - 2016-03-28 18:07 - 00267952 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2016-07-16 08:25 - 2016-07-16 08:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 05:37 - 2016-12-21 04:42 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 05:37 - 2016-12-21 04:41 - 00492032 _____ () C:\Windows\ShellExperiences\MtcUvc.dll
2017-01-11 05:36 - 2016-12-21 04:25 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 05:36 - 2016-12-21 04:21 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-03 00:11 - 2016-10-03 00:11 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 05:36 - 2016-12-21 04:21 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-11 05:36 - 2016-12-21 04:22 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 05:36 - 2016-12-21 04:24 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-02 18:17 - 2017-03-02 18:25 - 00019968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 18:17 - 2017-03-02 18:25 - 17431552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 18:17 - 2017-03-02 18:25 - 04697600 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\MediaEngine.dll
2016-06-24 18:24 - 2016-06-24 18:25 - 00541696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 18:17 - 2017-03-02 18:25 - 00250880 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 18:17 - 2017-03-02 18:25 - 00645632 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-03 20:07 - 2016-03-03 20:40 - 00180224 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x86__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-22 16:25 - 2017-02-22 16:34 - 00064512 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 16:25 - 2017-02-22 16:34 - 00153088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 16:25 - 2017-02-22 16:34 - 30889472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-02-07 21:33 - 2017-02-07 22:01 - 01733120 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\roottools.dll
2017-02-22 16:25 - 2017-02-22 16:34 - 00098816 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x86__kzf8qxf38zg5c\SkypeHost.Proxies.dll
2016-06-23 11:02 - 2016-06-23 11:02 - 00149272 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2016-06-23 11:02 - 2016-06-23 11:02 - 00089880 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2016-06-23 11:02 - 2016-06-23 11:02 - 00103192 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2016-06-23 11:02 - 2016-06-23 11:02 - 00259352 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00118872 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\filesystem_stdio.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 01840440 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\hw.dll
2017-02-25 23:16 - 2011-08-23 19:09 - 00352256 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\vgui.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00351744 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\mss32.dll
2017-02-25 23:13 - 2011-02-05 16:43 - 00207872 _____ () c:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\steamclient.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00081920 _____ () c:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\valve\cl_dlls\particleman.dll
2017-02-25 23:16 - 2011-08-23 19:09 - 00245819 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\vgui2.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00845112 _____ () c:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\valve\cl_dlls\GameUI.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00125952 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\Mp3dec.asi
2017-02-25 23:13 - 2011-08-23 19:09 - 00142848 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\Mssv12.asi
2017-02-25 23:13 - 2011-08-23 19:09 - 00161792 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\Mssv29.asi
2017-02-25 23:16 - 2011-08-23 19:09 - 00053248 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\voice_miles.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00090112 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\demoplayer.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00258106 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\core.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00535552 _____ () c:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\platform\Servers\serverbrowser.dll
2017-02-25 23:13 - 2011-08-23 19:09 - 00344064 _____ () C:\Users\Keylor Mo\Desktop\Half-Life(www.fullypcgames.net)\tier0.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 08:28 - 2016-02-24 22:28 - 00001236 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 thislineskipsanyemptylines
127.0.0.1 mirillis.com
127.0.0.1 www.mirillis.com
127.0.0.1 serwer2.paka-service.com
127.0.0.1 ns386119.ovh.net
127.0.0.1 mirillis.pl
127.0.0.1 www.ovh.com
127.0.0.1 176.31.241.10
127.0.0.1 91.121.143.139
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Keylor Mo\Desktop\422954_379568645388594_4256134_n.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run: => "RtHDVBg"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run: => "Baidu PC Faster 5.1.0.0"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\StartupFolder: => "PalTalk.lnk"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "EagleGet"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_6B082E3ECDAA2487AA2D9D07650D2274"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-1925041687-3826732043-3313555696-1002\...\StartupApproved\Run: => "Discord"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{43E1A9CD-0BF3-4CCD-BC6E-37B670958620}C:\users\keylor mo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\keylor mo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D1DCC661-5EDE-4C2A-8B95-F3968B9F7763}C:\users\keylor mo\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\keylor mo\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{D52BAE50-03C7-427E-B74F-5DAB1CB8BA86}C:\program files\counter-strike 1.6 omonas\hl.exe] => (Allow) C:\program files\counter-strike 1.6 omonas\hl.exe
FirewallRules: [UDP Query User{A185A841-226B-4484-9509-4C83C04D06FB}C:\program files\counter-strike 1.6 omonas\hl.exe] => (Allow) C:\program files\counter-strike 1.6 omonas\hl.exe
FirewallRules: [TCP Query User{EE74611E-98A8-4F3E-A4FA-9DCC0A99A3FD}C:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\hl.exe] => (Allow) C:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\hl.exe
FirewallRules: [UDP Query User{16CF5B43-7295-4B94-B25F-B76E8E64C6D0}C:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\hl.exe] => (Allow) C:\users\keylor mo\desktop\half-life(www.fullypcgames.net)\hl.exe
FirewallRules: [{22232E71-0E4C-40DA-803D-3E587E81A922}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{A4EB1D2F-3A11-439B-90EC-B5EE5B95C3A9}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{E6DF524C-B670-483B-B113-795922D58A35}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{16DA58C8-579B-4005-8D0C-067CA8553560}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
==================== Restore Points =========================
21-02-2017 01:26:00 Intel® Driver Update Utility
24-02-2017 07:58:04 Windows Update
03-03-2017 12:42:27 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/09/2017 05:30:03 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (03/09/2017 05:29:19 PM) (Source: ESENT) (EventID: 490) (User: )
Description: wuaueng.dll (1116) SUS20ClientDataStore: An attempt to open the file "C:\WINDOWS\SoftwareDistribution\DataStore\DataStore.edb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (03/09/2017 04:41:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LeagueClientUx.exe version 7.5.178.8497 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 7b4
Start Time: 01d298ead3682990
Termination Time: 4294967295
Application Path: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.56\deploy\LeagueClientUx.exe
Report Id: 2f13c761-04e7-11e7-951d-b4b52f347934
Faulting package full name:
Faulting package-relative application ID:
Error: (03/09/2017 04:49:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: WiFiTask.exe, version: 10.0.14393.187, time stamp: 0x57cf9d82
Faulting module name: ntdll.dll, version: 10.0.14393.479, time stamp: 0x58256cad
Exception code: 0xc0000005
Fault offset: 0x00056af8
Faulting process id: 0x1250
Faulting application start time: 0x01d298906f8e42b0
Faulting application path: C:\WINDOWS\System32\WiFiTask.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 841db25f-91b8-4381-b4ed-c361e1b0f2d8
Faulting package full name:
Faulting package-relative application ID:
Error: (03/09/2017 03:56:12 AM) (Source: SideBySide) (EventID: 63) (User: )
Description: Activation context generation failed for "c:\program files\common files\adobe air\versions\1.0\Adobe AIR.dll".Error in manifest or policy file "c:\program files\common files\adobe air\versions\1.0\Adobe AIR.dll" on line 3.
The value "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" of attribute "version" in element "assemblyIdentity" is invalid.
Error: (03/08/2017 05:01:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819c280
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.594, time stamp: 0x5850ccd7
Exception code: 0xc000027b
Fault offset: 0x0070d26c
Faulting process id: 0x1b48
Faulting application start time: 0x01d297a8612c83fd
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: 587364dd-bad2-4569-b964-c63a0143cc56
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (03/08/2017 01:07:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819c280
Faulting module name: Windows.UI.Xaml.dll, version: 10.0.14393.594, time stamp: 0x5850ccd7
Exception code: 0xc000027b
Fault offset: 0x0070d26c
Faulting process id: 0x9c8
Faulting application start time: 0x01d297919de299be
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\Windows\System32\Windows.UI.Xaml.dll
Report Id: c54535b6-b5a3-4cde-81a1-31d9d7fdef56
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (03/07/2017 09:19:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program LeagueClientUx.exe version 7.4.176.9146 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: afc
Start Time: 01d297881d667e36
Termination Time: 4294967295
Application Path: C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.55\deploy\LeagueClientUx.exe
Report Id: b42d7c25-037b-11e7-951b-b4b52f347934
Faulting package full name:
Faulting package-relative application ID:
Error: (03/07/2017 01:12:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.14393.447, time stamp: 0x5819c280
Faulting module name: combase.dll, version: 10.0.14393.479, time stamp: 0x58256dbb
Exception code: 0xc000027b
Fault offset: 0x001a5741
Faulting process id: 0x1eb4
Faulting application start time: 0x01d2971628bf69ba
Faulting application path: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Faulting module path: C:\WINDOWS\System32\combase.dll
Report Id: 5dae8fe5-51ea-4b4f-b725-da240ad8dc4c
Faulting package full name: Microsoft.Windows.ShellExperienceHost_10.0.14393.693_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: App
Error: (03/06/2017 11:13:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Music.UI.exe, version: 10.17012.1030.0, time stamp: 0x58a42d97
Faulting module name: Music.UI.exe, version: 10.17012.1030.0, time stamp: 0x58a42d97
Exception code: 0x80000003
Fault offset: 0x00035d48
Faulting process id: 0x23a4
Faulting application start time: 0x01d296cb327c6a14
Faulting application path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10301.0_x86__8wekyb3d8bbwe\Music.UI.exe
Faulting module path: C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17012.10301.0_x86__8wekyb3d8bbwe\Music.UI.exe
Report Id: 54c71466-393c-406d-9994-e880429cef13
Faulting package full name: Microsoft.ZuneMusic_10.17012.10301.0_x86__8wekyb3d8bbwe
Faulting package-relative application ID: Microsoft.ZuneMusic
System errors:
=============
Error: (03/09/2017 05:36:11 PM) (Source: DCOM) (EventID: 10016) (User: INCONNU-4C-0F-C)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user INCONNU-4C-0F-C\Keylor Mo SID (S-1-5-21-1925041687-3826732043-3313555696-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 05:35:54 PM) (Source: DCOM) (EventID: 10016) (User: INCONNU-4C-0F-C)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user INCONNU-4C-0F-C\Keylor Mo SID (S-1-5-21-1925041687-3826732043-3313555696-1002) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 05:31:08 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {E60687F7-01A1-40AA-86AC-DB1CBF673334} did not register with DCOM within the required timeout.
Error: (03/09/2017 05:29:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%3355444232
Error: (03/09/2017 03:58:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 03:58:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 03:58:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 03:58:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 04:48:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (03/09/2017 04:47:30 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Modem HDM EC156. RunOuc service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
CodeIntegrity:
===================================
Date: 2016-10-19 13:43:30.298
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-19 13:43:29.507
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU B970 @ 2.30GHz
Percentage of memory in use: 77%
Total physical RAM: 1942.36 MB
Available physical RAM: 439.85 MB
Total Virtual: 4118.36 MB
Available Virtual: 1605.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:145.71 GB) (Free:102.93 GB) NTFS
Drive d: () (Fixed) (Total:151.51 GB) (Free:137.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: ABA1A315)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=145.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=792 MB) - (Type=27)
Partition 4: (Not Active) - (Size=151.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================