Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-07-2016 Ran by nehal patidar (2016-07-16 22:34:52) Running from C:\Users\nehal patidar\Downloads Windows 10 Pro (X64) (2016-07-14 04:42:08) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3632974632-978978755-2483695789-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3632974632-978978755-2483695789-503 - Limited - Disabled) Guest (S-1-5-21-3632974632-978978755-2483695789-501 - Limited - Disabled) nehal patidar (S-1-5-21-3632974632-978978755-2483695789-1001 - Administrator - Enabled) => C:\Users\nehal patidar ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: ESET NOD32 Antivirus 9.0.318.0 (Enabled - Out of date) {19259FAE-8396-A113-46DB-15B0E7DFA289} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: ESET NOD32 Antivirus 9.0.381.0 (Enabled - Out of date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) «Pro Evolution Soccer 2016» 1.8.0.0 (HKLM-x32\...\«Pro Evolution Soccer 2016»_is1) (Version: 1.8.0.0 - KONAMI) µTorrent (HKU\S-1-5-21-3632974632-978978755-2483695789-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.) Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1501.2801 - Micro-Star International Co., Ltd.) Dragon Gaming Center (x32 Version: 1.0.1501.2801 - Micro-Star International Co., Ltd.) Hidden ESET NOD32 Antivirus (HKLM\...\{60853F5E-E6F5-4A34-BBCD-C09D49BB5E64}) (Version: 9.0.318.0 - ESET, spol. s r.o.) FIFA 15 v.1.8.0.0 ModdingWay v.3.1.1 (HKLM-x32\...\FIFA 15_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Help Desk (HKLM-x32\...\InstallShield_{7E8181AF-9679-49B3-B133-C265709B6927}) (Version: 1.0.1511.2001 - Micro-Star International Co., Ltd.) Help Desk (x32 Version: 1.0.1511.2001 - Micro-Star International Co., Ltd.) Hidden Intel(R) Chipset Device Software (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation) Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{31C74FA2-2AB9-41C3-BFBE-693283E4C28B}) (Version: 17.1.1527.1534 - Intel Corporation) Intel® PROSet/Wireless Software (HKLM-x32\...\{795ee3a0-97fa-489a-9543-7564ccc43be4}) (Version: 18.12.0 - Intel Corporation) Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1509.2501 - Micro-Star International Co., Ltd.) MSI Remind Manager (x32 Version: 1.0.1510.1901 - Micro-Star International Co., Ltd.) Hidden NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation) NVIDIA Graphics Driver 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation) NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7576 - Realtek Semiconductor Corp.) SCM (HKLM\...\{716E4961-5876-45A5-AC78-F91B1D31F98B}) (Version: 13.015.10156 - Application) SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden Sizing Options (HKLM-x32\...\InstallShield_{DFAB6DE8-E45F-4D5D-95C0-E54C58993F9F}) (Version: 3.0.1512.0101 - Application) Sizing Options (x32 Version: 3.0.1512.0101 - Application) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.6.1 - Synaptics Incorporated) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3632974632-978978755-2483695789-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\nehal patidar\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0B0283CA-FF6F-4B76-B1E0-360BA502E510} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-05] (Synaptics Incorporated) Task: {1780B138-1177-454B-B98C-99CA1C1BC377} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>) Task: {3EE96444-EA04-4B41-BE66-A16E347C2F42} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-29] (Tencent) Task: {440983A4-B497-4B53-9186-0CE97E08D35B} - System32\Tasks\MSI_OnlineRegister => C:\Program Files (x86)\MSI\MSI Remind Manager\MSIOnlineRegister.exe [2015-09-25] () Task: {5749C0EF-CC05-4CDF-B9BE-A66030C27563} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-13] (Google Inc.) Task: {95F87B67-DEFE-46C4-B770-ACD171191FC4} - System32\Tasks\MSI_Help_Desk_Agent => C:\Program Files (x86)\MSI\Help Desk\MSI Update Agent.exe [2015-11-20] (Micro-Star International Co., Ltd.) Task: {9B6F640B-E35D-4B07-A070-FBF65287533C} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {B10CF49B-6022-4CE4-9457-74CFE292C30A} - System32\Tasks\Cotsqwutain Agent => C:\Program Files (x86)\Phlachhalicult\ctsAgentghr.exe Task: {B7344230-9720-4EAF-A68D-FEF739A3E642} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-13] (Google Inc.) Task: {BA07B0C8-36E1-4432-9BDD-56944591785F} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ShortcutWithArgument: C:\Users\nehal patidar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic ShortcutWithArgument: C:\Users\nehal patidar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --disable-quic ShortcutWithArgument: C:\Users\nehal patidar\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d896af6c02e0d57d\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=gregugitulestogagh ==================== Loaded Modules (Whitelisted) ============== 2016-07-13 10:31 - 2015-07-14 19:04 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll 2016-07-13 06:57 - 2015-11-13 23:20 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2016-07-13 10:30 - 2015-08-11 02:14 - 00404480 _____ () C:\Windows\System32\diagtrack_wininternal.dll 2016-07-13 10:30 - 2016-03-15 21:55 - 02495768 _____ () C:\Windows\system32\CoreUIComponents.dll 2016-07-13 06:51 - 2015-10-06 02:03 - 00395368 _____ () C:\Windows\system32\igfxTray.exe 2016-07-13 10:30 - 2016-03-15 21:55 - 02495768 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-07-13 23:30 - 2016-07-13 23:30 - 00959168 _____ () C:\Users\nehal patidar\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll 2016-07-13 10:29 - 2015-09-16 22:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2014-01-22 10:44 - 2014-01-22 10:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll 2015-09-25 09:58 - 2015-09-25 09:58 - 00352256 _____ () C:\Program Files (x86)\MSI\MSI Remind Manager\MSIOnlineRegister.exe 2016-07-13 06:57 - 2015-11-12 11:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2016-07-13 23:30 - 2016-07-13 23:30 - 00679624 _____ () C:\Users\nehal patidar\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll 2016-07-13 07:48 - 2016-06-15 02:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll 2016-07-13 07:48 - 2016-06-15 02:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll 2016-07-13 09:19 - 2016-07-06 18:01 - 17602240 _____ () C:\Users\nehal patidar\AppData\Local\Google\Chrome\User Data\PepperFlash\22.0.0.209\pepflashplayer.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 04:04 - 2016-07-16 07:25 - 00002395 ___RA C:\Windows\system32\Drivers\etc\hosts 107.178.255.88 www.google-analytics.com 107.178.255.88 www.statcounter.com 107.178.255.88 statcounter.com 107.178.255.88 ssl.google-analytics.com 107.178.255.88 partner.googleadservices.com 107.178.255.88 google-analytics.com 107.178.248.130 static.doubleclick.net 107.178.247.130 connect.facebook.net 107.178.255.88 www.google-analytics.com 107.178.255.88 www.statcounter.com 107.178.255.88 statcounter.com 107.178.255.88 ssl.google-analytics.com 107.178.255.88 partner.googleadservices.com 107.178.255.88 google-analytics.com 107.178.248.130 static.doubleclick.net 107.178.247.130 connect.facebook.net127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 union.baidu2019.com There are 7 more lines. ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3632974632-978978755-2483695789-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{466F048A-BF8D-4DD3-BA91-0463D4E1BD9C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{736BDD81-89E8-4750-A20D-35F4B08C3C92}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{423D734B-5EBA-44F9-9618-4B0664ACC75A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{0BFF5C48-34BB-4CFD-B32C-B06BFBA24AFF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{AFF41731-6CC8-4554-81AE-24478B74D0CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{9CF7C64F-6869-445C-843D-CC391DB43885}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{08ED9F11-0AA4-4313-9AF6-8480F13BC16A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{2A14F128-4D26-4C85-A12C-703CD8DAD22A}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{C1150C84-354C-4A61-866C-BB2996311C05}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{4AB00CF4-3799-498D-BC37-F6300AC9E46B}] => (Allow) C:\Users\nehal patidar\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{FB68C7B4-09B6-44D6-B6E9-3C77C71A3C84}] => (Allow) C:\Users\nehal patidar\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6994299E-7157-4621-B90B-3E62A287510D}] => (Allow) C:\Users\nehal patidar\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{6133620E-3156-4135-956A-EAA1D61FC2F6}] => (Allow) C:\Users\nehal patidar\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{99F0AAB0-04EE-480D-B5FA-F7DC150C2E08}] => (Allow) C:\Users\nehal patidar\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{C5FEB5E6-D395-4395-B381-ABCC1F15617A}] => (Allow) C:\Users\nehal patidar\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [TCP Query User{E7BAA575-A9EC-4539-ADE7-425269944AEC}G:\counter-strike\hl.exe] => (Allow) G:\counter-strike\hl.exe FirewallRules: [UDP Query User{61827E55-14EA-4EC1-A24F-8DB8248386B0}G:\counter-strike\hl.exe] => (Allow) G:\counter-strike\hl.exe FirewallRules: [{91AB435E-5EE3-4E15-B4C7-221DFDCA26A5}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{B2DF9F8C-19ED-45C2-BA65-9F1BDE4373F8}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{A6682179-ED88-4AA8-A38F-E62BB70901E1}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe FirewallRules: [{53329507-7332-4746-BCC0-290FDAD9809B}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe ==================== Restore Points ========================= 13-07-2016 06:48:51 Installed MSI Remind Manager 15-07-2016 01:33:37 Removed Turbo C++ 3.2. 16-07-2016 03:35:34 DLL-Files Fixer Sat, Jul 16, 16 03:35 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (07/16/2016 10:15:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-11TJHA5) Description: Activation of app Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/16/2016 08:57:22 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-11TJHA5) Description: Activation of app Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (07/16/2016 05:27:57 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1533) (User: NT AUTHORITY) Description: Windows cannot delete the profile directory C:\Users\TEMP. This error may be caused by files in this directory being used by another program. DETAIL - The directory is not empty. Error: (07/16/2016 05:27:34 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SystemSettings.exe, version: 10.0.10240.16384, time stamp: 0x559f39ae Faulting module name: SettingsHandlers_StorageSense.dll, version: 10.0.10240.16384, time stamp: 0x559f3d87 Exception code: 0xc0000005 Fault offset: 0x00000000000174b9 Faulting process id: 0xea70 Faulting application start time: 0xSystemSettings.exe0 Faulting application path: SystemSettings.exe1 Faulting module path: SystemSettings.exe2 Report Id: SystemSettings.exe3 Faulting package full name: SystemSettings.exe4 Faulting package-relative application ID: SystemSettings.exe5 Error: (07/16/2016 05:25:37 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: ShellExperienceHost.exe, version: 10.0.10240.16766, time stamp: 0x56e8dba8 Faulting module name: Windows.UI.Xaml.dll, version: 10.0.10240.16548, time stamp: 0x56133a14 Exception code: 0xc0000005 Fault offset: 0x0000000000365f2b Faulting process id: 0xdd74 Faulting application start time: 0xShellExperienceHost.exe0 Faulting application path: ShellExperienceHost.exe1 Faulting module path: ShellExperienceHost.exe2 Report Id: ShellExperienceHost.exe3 Faulting package full name: ShellExperienceHost.exe4 Faulting package-relative application ID: ShellExperienceHost.exe5 Error: (07/16/2016 05:16:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: DESKTOP-11TJHA5) Description: Windows cannot find the local profile and is logging you on with a temporary profile. Changes you make to this profile will be lost when you log off. Error: (07/16/2016 05:16:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: DESKTOP-11TJHA5) Description: Windows has backed up this user profile. Windows will automatically try to use the backup profile the next time this user logs on. Error: (07/16/2016 05:16:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: DESKTOP-11TJHA5) Description: Windows cannot load the locally stored profile. Possible causes of this error include insufficient security rights or a corrupt local profile. DETAIL - The process cannot access the file because it is being used by another process. Error: (07/16/2016 05:16:46 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY) Description: Windows was unable to load the registry. This problem is often caused by insufficient memory or insufficient security rights. DETAIL - The process cannot access the file because it is being used by another process. for C:\Users\nehal patidar\ntuser.dat Error: (07/16/2016 05:15:29 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program chrome.exe version 51.0.2704.103 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel. Process ID: 17f4 Start Time: 01d1df3f58e7b7d3 Termination Time: 4294967295 Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Report Id: ecf9fc6e-4b4e-11e6-9bcb-d8cb8af4bc5e Faulting package full name: Faulting package-relative application ID: System errors: ============= Error: (07/16/2016 10:20:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Cotsqwutain Agent service failed to start due to the following error: %%2 = The system cannot find the file specified. Error: (07/16/2016 10:18:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Fumnyg service failed to start due to the following error: %%2 = The system cannot find the file specified. Error: (07/16/2016 10:18:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Foubs service failed to start due to the following error: %%2 = The system cannot find the file specified. Error: (07/16/2016 10:17:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (07/16/2016 10:17:33 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (07/16/2016 10:17:28 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\IWMSSvc.dll Error: (07/16/2016 10:17:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_Session2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (07/16/2016 10:16:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 = An instance of the service is already running. Error: (07/16/2016 10:15:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MBAMScheduler service terminated unexpectedly. It has done this 1 time(s). Error: (07/16/2016 10:15:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The MBAMService service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2016-07-15 01:08:56.550 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz Percentage of memory in use: 33% Total physical RAM: 8068.52 MB Available physical RAM: 5372.71 MB Total Virtual: 9988.52 MB Available Virtual: 7192.05 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:931.02 GB) (Free:825.2 GB) NTFS Drive e: (G71-NDM1144) (CDROM) (Total:4.48 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B7B2850D) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================