Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Pop up on my computer with a screamer


  • Please log in to reply

#1
Betrayed

Betrayed

    Member

  • Member
  • PipPip
  • 96 posts

Yesterday I got a pop up from "Steam" which said something about java script I knew it was fishy so I closed it down and a screamer sound on my computer started and would not stop until I restarted, I'm pretty sure this came from a screamer link I opened in the steam browser.

 

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-06-2017 01
Ran by Betrayed (administrator) on BETRAYED (27-06-2017 15:18:13)
Running from D:\Users\Betrayed\Desktop
Loaded Profiles: Betrayed (Available Profiles: Betrayed)
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalservice.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\pcupdateservice.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(SeriousBit) D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Electronic Arts) D:\Program Files (x86)\Origin\OriginWebHelperService.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalsystray.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Sandboxie Holdings, LLC) D:\Program Files\Sandboxie\SbieCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Spotify Ltd) C:\Users\Betrayed\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Hammer & Chisel, Inc.) C:\Users\Betrayed\AppData\Local\Discord\app-0.0.297\Discord.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Hammer & Chisel, Inc.) C:\Users\Betrayed\AppData\Local\Discord\app-0.0.297\Discord.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hammer & Chisel, Inc.) C:\Users\Betrayed\AppData\Local\Discord\app-0.0.297\Discord.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Corsair Components, Inc.) D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Rainmeter) D:\Program Files\Rainmeter\Rainmeter.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.1\Lightshot.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\Betrayed\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Betrayed\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Betrayed\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Betrayed\AppData\Roaming\Spotify\Spotify.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotator.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdwtxag.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8804608 2016-04-29] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [322312 2017-04-24] (Bitdefender)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2017-04-13] (Razer Inc.)
HKLM-x32\...\Run: [Corsair Utility Engine] => D:\Program Files (x86)\Corsair\Corsair Utility Engine\CorsairHID.exe [14885552 2016-03-23] (Corsair Components, Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2016-07-11] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2383040 2016-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [3042592 2017-06-08] (Valve Corporation)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [SandboxieControl] => D:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Spotify Web Helper] => C:\Users\Betrayed\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1562224 2017-06-23] (Spotify Ltd)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Spotify] => C:\Users\Betrayed\AppData\Roaming\Spotify\Spotify.exe [7047792 2017-06-23] (Spotify Ltd)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Discord] => C:\Users\Betrayed\AppData\Local\Discord\app-0.0.297\Discord.exe [64290304 2017-01-04] (Hammer & Chisel, Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [978456 2016-08-03] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [EADM] => D:\Program Files (x86)\Origin\Origin.exe [3044848 2017-02-11] (Electronic Arts)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [5077792 2017-05-16] (Nota Inc.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [NetBalancer] => D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe [1915256 2016-06-23] (SeriousBit)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27716568 2017-05-04] (Skype Technologies S.A.)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9803992 2017-06-13] (Piriform Ltd)
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Run: [GoogleChromeAutoLaunch_C1BDF7A752CABCCEC37F2A5D7AA45B34] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1143640 2017-05-09] (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OBS Studio.lnk [2016-10-10]
ShortcutTarget: OBS Studio.lnk -> D:\Program Files (x86)\obs-studio\bin\32bit\obs32.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-06-22]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)
Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2016-07-09]
ShortcutTarget: Rainmeter.lnk -> D:\Program Files\Rainmeter\Rainmeter.exe (Rainmeter)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{BD584BD8-9D46-4F4B-B346-6A00849ED96C}: [DhcpNameServer] 10.211.254.254 8.8.8.8
Tcpip\..\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A}: [DhcpNameServer] 192.168.1.1 0.0.0.0
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-ie/?ocid=iehp
BHO: Bitdefender Wallet  -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-24] (Oracle Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-24] (Oracle Corporation)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
 
FireFox:
========
FF DefaultProfile: dvfgafen.default
FF ProfilePath: C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\dvfgafen.default [2017-06-27]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-04-27]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-24] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-10-25] (Adobe Systems)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-06-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-10-25] (Adobe Systems)
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.ie/"
CHR Profile: C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default [2017-06-27]
CHR Extension: (Heartbeat) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aailiojlhjbichheofhdpcongebcgcgm [2017-01-24]
CHR Extension: (Google Slides) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-09]
CHR Extension: (Google Docs) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-09]
CHR Extension: (Google Drive) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-09]
CHR Extension: (YouTube) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-09]
CHR Extension: (Google Cast) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-12-01]
CHR Extension: (uBlock Origin) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2017-06-21]
CHR Extension: (Steam Inventory Helper) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-06-25]
CHR Extension: (Tampermonkey) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2017-06-09]
CHR Extension: (Google Sheets) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-09]
CHR Extension: (LoungeDestroyer) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2017-01-31]
CHR Extension: (Google Docs Offline) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-09]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-06-23]
CHR Extension: (Iron Man-Material Design) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nekeenfmlfhgoaojceionblcpbbjmnpk [2016-07-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-09]
CHR Extension: (Chrome Media Router) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-13]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [744640 2016-10-25] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
R2 BdParental; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdparentalservice.exe [121232 2017-03-03] (Bitdefender)
R2 BdParentalUpdate; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\PCUpdateService.exe [65096 2017-03-03] (Bitdefender)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-16] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-08-03] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-08-03] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-08-03] (BlueStack Systems, Inc.)
R2 DevMgmtService; C:\Program Files\Bitdefender\Bitdefender Device Management\DevMgmtService.exe [104096 2017-05-18] (Bitdefender)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [387360 2016-11-19] (EasyAntiCheat Ltd)
R2 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel® Corporation)
R3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [209184 2016-03-16] (Intel Corporation)
S3 MBAMService; D:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-12-14] (Malwarebytes)
R2 NetBalancerService; D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Service.exe [179064 2016-06-23] (SeriousBit)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-05-03] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462968 2017-06-08] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-06-08] (NVIDIA Corporation)
S3 OpenVPNService; D:\Program Files\OpenVPN\bin\openvpnserv.exe [37504 2016-05-10] (The OpenVPN Project)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [2122248 2017-02-11] (Electronic Arts)
R2 Origin Web Helper Service; D:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184208 2017-02-11] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1254736 2017-04-11] (Bitdefender)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-24] ()
R2 SbieSvc; D:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-14] (Sandboxie Holdings, LLC)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R2 TeamViewer; D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10888944 2017-04-25] (TeamViewer GmbH)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2016-08-26] (Popcorn Time) [File not signed]
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1442896 2017-05-29] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1612648 2017-05-29] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [879600 2017-05-29] (BitDefender)
R3 bddevflt; C:\Windows\System32\DRIVERS\bddevflt.sys [91040 2015-08-03] (BitDefender LLC)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 bdfwfpf_pc; C:\Program Files\Bitdefender\Bitdefender Parental Advisor\bdfwfpf_pc.sys [135808 2016-09-19] (Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-08-03] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [307768 2016-07-28] (Bluestack System Inc. )
R3 CorsairVBusDriver; C:\Windows\System32\drivers\CorsairVBusDriver.sys [47840 2016-01-20] (Corsair)
R3 CorsairVHidDriver; C:\Windows\System32\drivers\CorsairVHidDriver.sys [21728 2016-01-20] (Corsair)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [541136 2016-05-10] (Intel Corporation)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
S3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [102856 2017-01-09] (Malwarebytes)
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-01-09] (Malwarebytes)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-09] (Malwarebytes)
R1 nbdrv; C:\Windows\system32\DRIVERS\nbdrv.sys [42128 2016-01-15] (SeriousBit)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-05-03] (NVIDIA Corporation)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [46200 2017-06-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-05-03] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57792 2017-01-20] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [137840 2016-09-07] (Razer, Inc.)
R3 SbieDrv; D:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-14] (Sandboxie Holdings, LLC)
R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R3 ssdevfactory; C:\Windows\System32\drivers\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
R3 VUSB3HUB; C:\Windows\System32\drivers\ViaHub3.sys [227840 2014-10-31] (VIA Technologies, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
R3 xhcdrv; C:\Windows\System32\drivers\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-27 15:18 - 2017-06-27 15:18 - 00000000 ____D C:\FRST
2017-06-27 12:57 - 2017-06-27 12:57 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Tempzxpsigne19e124eb6a3e775
2017-06-22 15:06 - 2017-06-22 15:06 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-06-22 15:06 - 2017-06-22 15:06 - 00000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-06-22 15:06 - 2017-06-22 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-06-22 15:06 - 2017-06-22 15:06 - 00000000 ____D C:\Program Files\CCleaner
2017-06-22 01:14 - 2017-06-22 01:14 - 00030966 _____ C:\ProgramData\agent.update.1498090442.bdinstall.bin
2017-06-17 17:32 - 2017-06-17 17:32 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-06-17 17:32 - 2017-06-08 00:38 - 00134592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2017-06-17 17:32 - 2017-03-10 22:17 - 00536864 _____ C:\Windows\system32\vulkan-1.dll
2017-06-17 17:32 - 2017-03-10 22:17 - 00525600 _____ C:\Windows\SysWOW64\vulkan-1.dll
2017-06-17 17:32 - 2017-03-10 22:17 - 00254240 _____ C:\Windows\system32\vulkaninfo.exe
2017-06-17 17:32 - 2017-03-10 22:17 - 00233760 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2017-06-17 17:30 - 2017-06-17 17:32 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-06-17 17:30 - 2017-06-08 02:35 - 40201664 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 35350136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 35281344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 28593272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 14276216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2017-06-17 17:30 - 2017-06-08 02:35 - 11056272 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 11027968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 10551072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 09248144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 09014976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 08808488 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 03437504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 03020920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 01988216 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438253.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 01606776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438253.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00993728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00964032 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00914880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00895968 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcumd.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00688784 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00609728 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00577728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00499136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00426128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00406552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00218712 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2017-06-17 17:30 - 2017-06-08 02:35 - 00170360 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00153184 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00148016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00131720 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00124352 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00046200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2017-06-17 17:30 - 2017-06-08 02:35 - 00045976 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2017-06-17 17:30 - 2017-06-08 02:35 - 00000669 _____ C:\Windows\SysWOW64\nv-vk32.json
2017-06-17 17:30 - 2017-06-08 02:35 - 00000669 _____ C:\Windows\system32\nv-vk64.json
2017-06-14 12:35 - 2017-06-14 12:35 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Tempzxpsign9d4211c4fdfd4dc4
2017-06-14 12:22 - 2017-05-14 21:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 12:22 - 2017-05-14 20:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 12:22 - 2017-05-14 20:32 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2017-06-14 12:22 - 2017-05-14 20:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 12:22 - 2017-05-14 19:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 12:22 - 2017-05-14 19:48 - 05274112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2017-06-14 12:22 - 2017-05-14 19:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 12:22 - 2017-05-14 19:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 12:22 - 2017-05-14 19:16 - 05268992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 12:22 - 2017-05-14 19:06 - 07441240 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 12:22 - 2017-05-12 00:36 - 22361848 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 12:22 - 2017-05-12 00:32 - 19788672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 12:21 - 2017-06-02 13:15 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-14 12:21 - 2017-06-02 13:12 - 00468992 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-06-14 12:21 - 2017-06-02 13:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-06-14 12:21 - 2017-06-02 13:06 - 01001984 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 12:21 - 2017-06-02 13:01 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-06-14 12:21 - 2017-06-02 12:30 - 03635200 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 12:21 - 2017-06-02 12:03 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 12:21 - 2017-06-02 11:58 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 12:21 - 2017-06-02 11:25 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-14 12:21 - 2017-06-02 11:24 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-06-14 12:21 - 2017-06-02 11:17 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-06-14 12:21 - 2017-06-02 11:02 - 02751488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 12:21 - 2017-06-02 10:43 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 12:21 - 2017-06-02 10:43 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 12:21 - 2017-05-15 20:58 - 00121184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2017-06-14 12:21 - 2017-05-14 21:44 - 04170240 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-14 12:21 - 2017-05-14 21:42 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 12:21 - 2017-05-14 21:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-14 12:21 - 2017-05-14 21:19 - 01364040 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-14 12:21 - 2017-05-14 21:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-06-14 12:21 - 2017-05-14 20:31 - 01033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-06-14 12:21 - 2017-05-14 20:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-14 12:21 - 2017-05-14 20:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-14 12:21 - 2017-05-14 20:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-06-14 12:21 - 2017-05-14 20:04 - 00315224 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 12:21 - 2017-05-14 20:03 - 00373080 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 12:21 - 2017-05-14 19:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-14 12:21 - 2017-05-14 19:46 - 00880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-06-14 12:21 - 2017-05-14 19:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-14 12:21 - 2017-05-14 19:38 - 07796736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-06-14 12:21 - 2017-05-14 19:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-14 12:21 - 2017-05-14 19:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-14 12:21 - 2017-05-14 19:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-14 12:21 - 2017-05-14 19:13 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-14 12:21 - 2017-05-14 19:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-14 12:21 - 2017-05-14 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-14 12:21 - 2017-05-14 19:06 - 01737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-14 12:21 - 2017-05-14 19:06 - 01502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-14 12:21 - 2017-05-12 18:05 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 12:21 - 2017-05-12 17:16 - 01084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-14 12:21 - 2017-05-12 17:13 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 12:21 - 2017-05-12 16:51 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-06-14 12:21 - 2017-05-12 16:50 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-06-14 12:21 - 2017-05-12 16:48 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-06-14 12:21 - 2017-05-12 16:47 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-14 12:21 - 2017-05-12 05:10 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 12:21 - 2017-05-12 03:58 - 01985536 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 12:21 - 2017-05-12 03:48 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 12:21 - 2017-05-12 03:18 - 03714560 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 12:21 - 2017-05-12 03:11 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-14 12:21 - 2017-05-12 03:10 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-14 12:21 - 2017-05-12 03:07 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2017-06-14 12:21 - 2017-05-12 03:06 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-14 12:21 - 2017-05-12 03:04 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-14 12:21 - 2017-05-12 03:00 - 02240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-14 12:21 - 2017-05-10 19:19 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-06-14 12:21 - 2017-05-06 17:05 - 01094656 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 12:21 - 2017-05-06 17:04 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 12:21 - 2017-04-06 18:37 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-14 12:21 - 2017-04-06 18:16 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2017-06-14 12:21 - 2017-04-06 17:50 - 01436672 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 12:21 - 2017-04-06 17:46 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-06-14 12:21 - 2017-04-06 17:46 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-14 12:21 - 2017-04-06 17:35 - 01362432 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2017-06-14 12:21 - 2017-04-06 17:15 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-06-14 12:21 - 2017-04-06 16:44 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2017-06-14 12:21 - 2017-04-02 15:49 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2017-06-14 12:21 - 2017-04-02 14:40 - 02013016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-06-09 18:53 - 2017-06-09 18:53 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\FACEIT
2017-06-09 18:49 - 2017-06-09 18:49 - 00040233 _____ C:\ProgramData\dm.update.1497030584.bdinstall.bin
2017-06-09 17:47 - 2017-06-09 17:47 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Tempzxpsignc9867b0379d43927
2017-05-31 12:44 - 2017-05-31 12:44 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Tempzxpsign5a07dbb537f10ccf
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2017-06-27 15:15 - 2016-07-10 11:43 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Arma 3 Launcher
2017-06-27 15:03 - 2016-07-09 13:09 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\Spotify
2017-06-27 15:02 - 2016-07-09 11:43 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\Skype
2017-06-27 15:00 - 2016-07-09 11:13 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\TS3Client
2017-06-27 14:38 - 2016-07-10 11:41 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Arma 3
2017-06-27 14:26 - 2016-07-09 12:28 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-06-27 13:49 - 2016-07-09 13:51 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\vlc
2017-06-27 12:51 - 2016-10-09 21:54 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\obs-studio
2017-06-27 12:25 - 2016-07-09 01:32 - 00000000 ____D C:\ProgramData\NVIDIA
2017-06-27 10:58 - 2016-07-09 13:11 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Spotify
2017-06-27 10:46 - 2016-11-07 16:40 - 00003408 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2017-06-27 10:46 - 2016-11-07 16:40 - 00003282 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2017-06-27 10:46 - 2016-11-07 16:40 - 00000000 ____D C:\Program Files (x86)\Gyazo
2017-06-27 10:29 - 2016-08-31 16:26 - 00000000 ____D C:\ProgramData\Origin
2017-06-27 10:29 - 2016-07-09 00:53 - 00003926 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5300C48B-BF93-4A18-917D-7F8F63F8C0CE}
2017-06-27 01:30 - 2016-07-17 13:38 - 00000000 ____D C:\Users\Betrayed\.junique
2017-06-26 21:12 - 2014-03-18 16:26 - 00863592 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-26 21:12 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-06-26 21:07 - 2016-07-16 14:05 - 00000000 ____D C:\Users\Betrayed\AppData\Local\CrashDumps
2017-06-26 21:06 - 2016-07-22 14:24 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Adobe
2017-06-26 21:05 - 2016-07-10 17:46 - 00039155 _____ C:\bdlog.txt
2017-06-26 21:05 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-06-26 21:05 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2017-06-26 12:10 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-06-25 00:31 - 2017-01-14 12:50 - 00000000 ____D C:\Program Files\Rockstar Games
2017-06-25 00:31 - 2017-01-14 12:50 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2017-06-24 18:36 - 2017-05-27 16:52 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\BitTorrent
2017-06-23 15:25 - 2016-07-09 00:56 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1719391309-1542172637-2612288240-1001
2017-06-23 13:11 - 2017-01-16 18:02 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\steelseries-engine-3-client
2017-06-22 15:08 - 2016-09-18 10:27 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\FileZilla
2017-06-22 15:08 - 2016-08-04 22:50 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\TeamViewer
2017-06-22 15:08 - 2016-07-09 01:48 - 00000000 ____D C:\Windows\Panther
2017-06-22 15:08 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\ModemLogs
2017-06-22 12:46 - 2016-12-16 20:59 - 00003172 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2
2017-06-22 12:46 - 2016-09-02 22:28 - 00002302 _____ C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2017-06-22 12:46 - 2016-09-01 22:44 - 00003180 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1719391309-1542172637-2612288240-1001
2017-06-21 18:26 - 2016-07-09 12:30 - 00001790 _____ C:\Windows\Sandboxie.ini
2017-06-19 20:47 - 2016-12-07 00:57 - 01804640 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2017-06-17 17:32 - 2016-07-09 01:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-06-17 17:32 - 2016-07-09 01:32 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2017-06-17 17:31 - 2016-07-09 01:32 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2017-06-16 18:40 - 2016-12-10 22:45 - 00000000 ____D C:\Users\Betrayed\AppData\LocalLow\Mozilla
2017-06-16 13:27 - 2016-07-09 11:54 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\MultiBit
2017-06-16 13:21 - 2016-07-09 00:50 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Packages
2017-06-16 13:21 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-16 13:21 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2017-06-15 13:28 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2017-06-15 13:12 - 2013-08-22 15:44 - 00414544 _____ C:\Windows\system32\FNTCACHE.DAT
2017-06-15 01:54 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2017-06-14 17:39 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-06-14 12:40 - 2016-08-31 16:26 - 00000000 ____D C:\ProgramData\Electronic Arts
2017-06-14 12:13 - 2016-07-10 05:15 - 00000000 ____D C:\Windows\system32\MRT
2017-06-14 12:10 - 2016-07-10 05:15 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-14 12:02 - 2017-04-12 11:50 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-06-14 12:02 - 2017-04-12 11:50 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-06-14 12:02 - 2017-04-12 11:50 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-06-10 02:29 - 2016-07-09 00:50 - 00000000 ____D C:\Users\Betrayed
2017-06-09 18:11 - 2017-03-09 17:07 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-09 18:11 - 2016-07-09 11:42 - 00000000 ____D C:\ProgramData\Skype
2017-06-08 02:35 - 2016-12-23 21:15 - 00001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2017-06-08 02:35 - 2016-10-21 16:59 - 00491024 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 20064880 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 17424984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 16436488 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 13402816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 04090528 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 03604368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 01606776 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 01056192 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2017-06-08 02:35 - 2016-07-09 10:41 - 00507688 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2017-06-08 02:35 - 2015-11-10 02:48 - 01615448 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2017-06-08 02:35 - 2015-11-10 01:13 - 00042999 _____ C:\Windows\system32\nvinfo.pb
2017-06-08 01:01 - 2016-09-16 18:24 - 00001951 _____ C:\Windows\NvContainerRecovery.bat
2017-06-08 00:55 - 2016-07-09 10:42 - 00549312 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2017-06-08 00:55 - 2016-07-09 10:42 - 00082040 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2017-06-08 00:55 - 2016-07-09 01:32 - 06467008 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2017-06-08 00:55 - 2016-07-09 01:32 - 02479552 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2017-06-08 00:55 - 2016-07-09 01:32 - 01762936 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2017-06-08 00:55 - 2016-07-09 01:32 - 00392312 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2017-06-08 00:55 - 2016-07-09 01:32 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2017-06-07 15:59 - 2016-08-08 15:52 - 00000000 ____D C:\Users\Betrayed\AppData\Roaming\Kodi
2017-06-07 13:42 - 2016-07-09 01:32 - 08075477 _____ C:\Windows\system32\nvcoproc.bin
2017-06-03 03:31 - 2013-08-22 16:38 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-03 03:31 - 2013-08-22 16:38 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 03:44 - 2016-11-03 22:25 - 00046408 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\ssdevfactory.sys
2017-06-01 17:38 - 2016-07-30 21:14 - 00000000 ____D C:\Users\Betrayed\AppData\Local\Ubisoft Game Launcher
2017-05-29 15:36 - 2017-03-02 17:25 - 01612648 _____ (BitDefender) C:\Windows\system32\Drivers\avc3.sys
2017-05-29 15:36 - 2017-03-02 17:25 - 00879600 _____ (BitDefender) C:\Windows\system32\Drivers\avckf.sys
 
==================== Files in the root of some directories =======
 
2016-10-20 21:22 - 2017-02-12 00:45 - 0000301 _____ () C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Login.ini
2016-07-09 19:08 - 2017-02-12 01:50 - 0001427 _____ () C:\Users\Betrayed\AppData\Roaming\BreakingPoint_Options.ini
2016-11-08 00:45 - 2016-11-08 00:45 - 0000054 _____ () C:\Users\Betrayed\AppData\Roaming\updater.cfg
2016-07-09 21:05 - 2016-07-09 21:05 - 0007605 _____ () C:\Users\Betrayed\AppData\Local\Resmon.ResmonCfg
2016-07-10 23:42 - 2016-07-10 23:42 - 0000003 _____ () C:\Users\Betrayed\AppData\Local\updater.log
2016-07-10 23:42 - 2016-08-06 11:31 - 0000424 _____ () C:\Users\Betrayed\AppData\Local\UserProducts.xml
2017-03-02 17:13 - 2017-03-02 17:13 - 0219341 _____ () C:\ProgramData\1488471187.bdinstall.bin
2017-06-22 01:14 - 2017-06-22 01:14 - 0030966 _____ () C:\ProgramData\agent.update.1498090442.bdinstall.bin
2017-03-02 17:25 - 2017-03-02 17:25 - 0374819 _____ () C:\ProgramData\cl.1488471780.bdinstall.bin
2017-03-02 17:39 - 2017-03-02 17:39 - 0057902 _____ () C:\ProgramData\dm.1488472749.bdinstall.bin
2017-06-09 18:49 - 2017-06-09 18:49 - 0040233 _____ () C:\ProgramData\dm.update.1497030584.bdinstall.bin
2016-07-09 01:24 - 2016-07-09 01:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-12-23 21:15 - 2017-02-01 18:39 - 0009669 _____ () C:\ProgramData\NvTelemetryContainer.log
2016-12-23 21:15 - 2017-01-27 15:11 - 0013001 _____ () C:\ProgramData\NvTelemetryContainer.log_backup1
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2017-06-27 11:32
 
==================== End of FRST.txt ============================
 
 
 
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-06-2017 01
Ran by Betrayed (27-06-2017 15:18:40)
Running from D:\Users\Betrayed\Desktop
Windows 8.1 (Update) (X64) (2016-07-08 23:50:55)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1719391309-1542172637-2612288240-500 - Administrator - Disabled)
Guest (S-1-5-21-1719391309-1542172637-2612288240-501 - Limited - Disabled)
Betrayed (S-1-5-21-1719391309-1542172637-2612288240-1001 - Administrator - Enabled) => C:\Users\Betrayed
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Antivirus (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Antispyware (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.9.1.335 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015.5 (HKLM-x32\...\PHSP_17_0_1) (Version: 17.0.1 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Ansel (Version: 382.53 - NVIDIA Corporation) Hidden
Arma 3 (HKLM\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma 3 Tools (HKLM\...\Steam App 233800) (Version:  - Bohemia Interactive)
ArmA3Sync 1.5.80 (HKLM-x32\...\{F097E7D7-D093-4394-9EED-43AFCCD12B7A}_is1) (Version: 1.5.80 - The [S.o.E] team)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
AutoHotkey 1.1.24.02 (HKLM\...\AutoHotkey) (Version: 1.1.24.02 - Lexikos)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.29.1517 - Bitdefender)
Bitdefender Device Management (HKLM\...\Bitdefender Device Management) (Version: 21.0.23.1101 - Bitdefender)
Bitdefender Parental Advisor (HKLM\...\Bitdefender Parental Advisor) (Version: 1.2.0.291 - Bitdefender)
Bitdefender Total Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
BitTorrent (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\BitTorrent) (Version: 7.10.0.43581 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.4.43.6254 - BlueStack Systems, Inc.)
Breaking Point (HKLM-x32\...\Breaking Point 5.0.2.9) (Version: 5.0.2.9 - The Zombie Infection)
Breaking Point (x32 Version: 5.0.2.9 - The Zombie Infection) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Clicker Heroes (HKLM\...\Steam App 363970) (Version:  - Playsaurus)
Corsair Utility Engine (HKLM-x32\...\{46A3EEB3-8F6F-4BC4-9A53-CDE33D089D08}) (Version: 1.16.42 - Corsair)
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM\...\Steam App 221100) (Version:  - Bohemia Interactive)
Discord (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
EAC eSports (HKLM\...\Steam App 282660) (Version:  - EasyAntiCheat Ltd)
Fallout 4 (HKLM\...\Steam App 377160) (Version:  - Bethesda Game Studios)
FileZilla Client 3.17.0.1 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0.1 - Tim Kosse)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Facepunch Studios)
Golf With Your Friends (HKLM\...\Steam App 431240) (Version:  - Blacklight Interactive)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Gyazo 3.3.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version:  - Daybreak Game Company)
Insurgency (HKLM\...\Steam App 222880) (Version:  - New World Interactive)
Intel® Chipset Device Software (x32 Version: 10.1.2.19 - Intel® Corporation) Hidden
Intel® Driver Update Utility 2.6 (x32 Version: 2.6.0.32 - Intel) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.4.1186 - Intel Corporation)
Intel® Network Connections 21.0.504.0 (HKLM\...\PROSetDX) (Version: 21.0.504.0 - Intel)
Intel® Driver Update Utility (HKLM-x32\...\{3e714701-b89c-4cf2-bf3b-41b2c105ffdc}) (Version: 2.6.0.32 - Intel)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Kodi) (Version:  - XBMC-Foundation)
Lightshot-5.4.0.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.1 - Skillbrains)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{93488C33-D8D6-472A-83BB-F71603355CF0}) (Version: 11.1.0 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.1.0 - Red Giant Software) Hidden
Malwarebytes version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 en-US)) (Version: 48.0 - Mozilla)
Mozilla Firefox 53.0.3 (x86 en-US) (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Mozilla Firefox 53.0.3 (x86 en-US)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0 - Mozilla)
MultiBit Classic 0.5.19 (HKLM\...\0884-5076-5786-4986) (Version: 0.5.19 - Bitcoin Solutions Ltd)
MultiBit HD 0.3.0 (HKLM\...\6925-4794-5772-4956) (Version: 0.3.0 - Bitcoin Solutions Ltd)
NetBalancer (HKLM\...\NetBalancer_is1) (Version:  - SeriousBit)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 382.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.6.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.6.0.74 - NVIDIA Corporation)
NVIDIA Graphics Driver 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 382.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.27 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.27 - NVIDIA Corporation)
NVIDIA Miracast Virtual Audio 382.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 382.53 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0329 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0329 - NVIDIA Corporation)
NvNodejs (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
NvTelemetry (Version: 2.4.10.0 - NVIDIA Corporation) Hidden
NvvHci (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.16.3 - OBS Project)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenVPN 2.3.11-I601  (HKLM\...\OpenVPN) (Version: 2.3.11-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 10.4.3.15631 - Electronic Arts, Inc.)
PBO Manager v.1.4 beta (HKLM\...\{127B5371-1802-4EDD-A25A-A43BF761D383}) (Version: 1.4.0 -  )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.11.0 - )
pidgin-otr 4.0.2 (HKLM-x32\...\pidgin-otr) (Version: 4.0.2 - Cypherpunks CA)
Platform (x32 Version: 1.42 - VIA Technologies, Inc.) Hidden
PLAYERUNKNOWN'S BATTLEGROUNDS (HKLM\...\Steam App 578080) (Version:  - Bluehole, Inc.)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.6.1.0 - Popcorn Time) <==== ATTENTION
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 4.0 beta r2613 - )
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.17.413 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7806 - Realtek Semiconductor Corp.)
Rocket League (HKLM\...\Steam App 252950) (Version:  - Psyonix, Inc.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.1.9 - Rockstar Games)
Rust (HKLM\...\Steam App 252490) (Version:  - Facepunch Studios)
Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
SHIELD Streaming (Version: 7.1.0370 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 3.6.0.74 - NVIDIA Corporation) Hidden
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\Spotify) (Version: 1.0.57.474.gca9c9538 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.10.8 (HKLM\...\SteelSeries Engine 3) (Version: 3.10.8 - SteelSeries ApS)
Sublime Text Build 3114 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.77242 - TeamViewer)
The Culling (HKLM\...\Steam App 437220) (Version:  - Xaviant)
Tom Clancy's Rainbow Six Siege (HKLM\...\Steam App 359550) (Version:  - Ubisoft Montreal)
UE4 Prerequisites (x64) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (x32 Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 18.1 - Ubisoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.42 - VIA Technologies, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.42.1 (HKLM\...\VulkanRT1.0.42.1) (Version: 1.0.42.1 - LunarG, Inc.)
War Thunder (HKLM\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 beta 3 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.3 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1719391309-1542172637-2612288240-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Betrayed\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1719391309-1542172637-2612288240-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {149BF295-3248-4D34-9FA7-5EC4BF7E1FA5} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {1DD779AA-A750-4369-8D7B-66D1923A813A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-05-03] (NVIDIA Corporation)
Task: {20133336-7EE7-444A-B003-81A641398DC1} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
Task: {26D20519-EA71-499D-B791-D63FCE4D3A91} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-05-03] (NVIDIA Corporation)
Task: {35386CF1-51D3-4CDB-AAE6-E4A831819BF8} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-04-11] (Bitdefender)
Task: {58BBA558-2959-42FC-9902-821282282918} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)
Task: {74BFFE8C-382B-4AC2-A021-B884EDAA936A} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-02-19] (Intel® Corporation)
Task: {7ED5D0A4-501F-4306-AA3A-32AB31C0694A} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-05-03] (NVIDIA Corporation)
Task: {86C6ED19-6C18-437C-B942-10E7BE362D5D} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-05-03] (NVIDIA Corporation)
Task: {AFACBA89-BFF1-4157-B006-B56889770DB7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {B38997CE-A5D1-40DD-8152-F8135DA8454C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-05-03] (NVIDIA Corporation)
Task: {B96C2DD7-1BAE-400D-8186-2F71817DF220} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
Task: {BDF43C40-AA3C-45A7-B70C-D9C32D8BBC42} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => Wscript.exe //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {BFE19B39-EC2B-4708-8BE6-D9322CE361E1} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {C945DA90-4C5E-4A02-B1E1-43D03C942852} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-09] (Google Inc.)
Task: {E23AE4EA-680B-4F9C-9D83-0178C04B8A8C} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2017-05-16] ()
Task: {E7001B7D-776C-47F9-9384-54DC33A99934} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-05-03] (NVIDIA Corporation)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2017-04-24 16:23 - 2017-04-24 16:23 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-03-02 17:39 - 2017-03-02 17:39 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-03-02 17:39 - 2017-03-02 17:39 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-03-02 17:39 - 2017-03-02 17:39 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-03-02 17:39 - 2017-03-02 17:39 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2017-02-07 17:41 - 2017-02-07 17:41 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02451_004\ashttpbr.mdl
2017-02-07 17:41 - 2017-02-07 17:41 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02451_004\ashttpdsp.mdl
2017-02-07 17:41 - 2017-02-07 17:41 - 03654344 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02451_004\ashttpf.mdl
2017-02-07 17:41 - 2017-02-07 17:41 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender Parental Advisor\otengines_02451_004\ashttprbl.mdl
2017-05-12 11:59 - 2017-05-12 11:59 - 00496640 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_64\SeriousBit.3cb6c405#\c5f5f8b193e144e8ca4cf04bb7d309eb\SeriousBit.NetBalancer.DeskBand.ni.dll
2016-09-16 18:24 - 2017-05-03 21:21 - 01267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-09-24 23:20 - 2016-09-24 23:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-06-08 18:04 - 2016-06-08 18:04 - 00117400 _____ () C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
2016-07-09 11:05 - 2016-06-08 18:12 - 00416408 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
2016-07-09 11:05 - 2016-06-08 18:18 - 00709272 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_modeler.dll
2016-07-09 11:05 - 2016-06-08 18:15 - 00130712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_process_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 00025752 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_system_power_state_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 00059544 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_quality_and_reliability_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 00194712 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\acpi_battery_input.dll
2016-07-09 11:05 - 2016-06-08 18:17 - 00159896 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\sema_thermal_input.dll
2016-07-09 11:05 - 2016-06-08 18:17 - 00158360 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\wifi_input.dll
2016-07-09 11:05 - 2016-06-08 18:16 - 00050840 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\devices_use_input.dll
2016-07-09 11:05 - 2016-06-08 18:15 - 00032920 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\intel_disktrace_input.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2017-05-29 15:37 - 2017-05-29 15:37 - 00023328 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\en-us\bdsystray.txtui
2017-05-12 09:33 - 2017-05-09 10:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll
2017-05-12 09:33 - 2017-05-09 10:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll
2016-07-09 11:05 - 2016-06-08 18:07 - 00458904 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv.exe
2016-07-09 11:05 - 2016-06-08 18:17 - 00188568 _____ () C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\foreground_window_input.dll
2016-10-25 09:57 - 2016-10-25 09:57 - 31723696 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-06-23 12:02 - 2017-04-14 12:39 - 00176408 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll
2017-01-12 17:35 - 2017-03-21 17:12 - 00020248 _____ () D:\Program Files\TeamSpeak 3 Client\libEGL.DLL
2017-01-12 17:35 - 2017-03-21 17:12 - 01975064 _____ () D:\Program Files\TeamSpeak 3 Client\libGLESv2.dll
2016-06-23 12:02 - 2017-04-14 12:39 - 00107288 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2016-06-23 12:02 - 2017-04-14 12:39 - 00128280 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2017-02-15 13:21 - 2017-02-15 13:21 - 00134144 _____ () C:\Users\Betrayed\AppData\Roaming\TS3Client\plugins\gamepad_joystick_win64.dll
2017-01-12 17:35 - 2016-11-09 19:09 - 00263680 _____ () C:\Users\Betrayed\AppData\Roaming\TS3Client\plugins\ClownfishForTeamspeak_win64.dll
2017-03-24 17:10 - 2017-04-04 16:16 - 00345880 _____ () C:\Users\Betrayed\AppData\Roaming\TS3Client\plugins\clientquery_plugin_win64.dll
2017-01-12 17:35 - 2017-02-16 20:19 - 00479744 _____ () C:\Users\Betrayed\AppData\Roaming\TS3Client\plugins\soundboard.dll
2017-01-12 17:35 - 2017-05-26 13:39 - 09666048 _____ () C:\Users\Betrayed\AppData\Roaming\TS3Client\plugins\rp_soundboard_win64.dll
2017-06-16 23:15 - 2017-06-16 23:15 - 31133184 _____ () C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\PepperFlash\26.0.0.131\pepflashplayer.dll
2017-02-11 11:46 - 2017-02-11 11:46 - 02493440 _____ () D:\Program Files (x86)\Origin\libGLESv2.dll
2016-03-16 01:54 - 2016-03-16 01:54 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2016-09-16 18:24 - 2017-05-03 21:21 - 01040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-06-02 13:55 - 2017-05-17 02:54 - 00678176 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 04969248 _____ () D:\Program Files (x86)\Steam\v8.dll
2017-06-09 12:32 - 2017-06-08 06:42 - 02485536 _____ () D:\Program Files (x86)\Steam\video.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 01563936 _____ () D:\Program Files (x86)\Steam\icui18n.dll
2016-10-14 08:48 - 2016-09-01 02:02 - 01195296 _____ () D:\Program Files (x86)\Steam\icuuc.dll
2016-10-14 08:48 - 2016-01-27 08:49 - 02549760 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2016-10-14 08:48 - 2016-01-27 08:49 - 00491008 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2016-10-14 08:48 - 2016-01-27 08:49 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2016-10-14 08:48 - 2016-01-27 08:49 - 00442880 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2016-10-14 08:48 - 2016-01-27 08:49 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2017-06-09 12:32 - 2017-06-08 06:42 - 00877856 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-10-14 08:48 - 2016-07-04 23:17 - 00266560 _____ () D:\Program Files (x86)\Steam\openvr_api.dll
2017-06-09 12:32 - 2017-06-08 06:42 - 00147232 _____ () D:\Program Files (x86)\Steam\bin\audio.dll
2016-10-14 08:48 - 2014-04-09 05:25 - 00071680 _____ () D:\Program Files (x86)\Steam\bin\mssmp3.asi
2016-10-14 08:48 - 2014-04-09 05:25 - 00153088 _____ () D:\Program Files (x86)\Steam\bin\mssvoice.asi
2016-09-16 18:24 - 2017-05-03 21:20 - 65709176 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-01-11 22:15 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Betrayed\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-12 17:09 - 2017-01-12 17:09 - 01082880 _____ () \\?\C:\Users\Betrayed\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-12 17:09 - 2017-01-12 17:09 - 03750400 _____ () \\?\C:\Users\Betrayed\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-12 17:09 - 2017-01-12 17:09 - 00914432 _____ () \\?\C:\Users\Betrayed\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-12 17:09 - 2017-01-12 17:09 - 01127424 _____ () \\?\C:\Users\Betrayed\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-06-02 13:55 - 2017-05-08 20:45 - 69516064 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2017-06-09 12:32 - 2017-05-17 02:54 - 00678176 _____ () D:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2017-06-09 12:32 - 2017-06-08 06:42 - 00385312 _____ () D:\Program Files (x86)\Steam\steam.dll
2017-01-11 22:15 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Betrayed\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-11 22:15 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Betrayed\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-04-26 15:19 - 2017-04-26 15:19 - 02005976 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2017-06-27 10:26 - 2017-06-27 10:26 - 00148992 _____ () \\?\C:\Users\Betrayed\AppData\Local\Temp\E9DA.tmp.node
2017-01-12 17:09 - 2017-04-27 16:06 - 02658296 _____ () \\?\C:\Users\Betrayed\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-12 17:10 - 2017-03-23 17:08 - 02665976 _____ () \\?\C:\Users\Betrayed\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
2017-01-16 12:40 - 2017-01-16 12:40 - 00143824 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2016-03-23 11:04 - 2016-03-23 11:04 - 00091136 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\LuaQtWrapperLibrary.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00224256 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\quazip.dll
2016-03-23 11:02 - 2016-03-23 11:02 - 00200704 _____ () D:\Program Files (x86)\Corsair\Corsair Utility Engine\lua52.dll
2016-10-25 10:51 - 2016-10-25 10:51 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 00118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00223232 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-10-12 01:08 - 2016-10-12 01:08 - 00124928 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-10-25 10:49 - 2016-10-25 10:49 - 00098496 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin.dll
2016-10-12 01:08 - 2016-10-12 01:08 - 00166400 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-10-14 08:48 - 2015-09-25 00:52 - 00119208 _____ () D:\Program Files (x86)\Steam\winh264.dll
2016-07-09 13:11 - 2017-06-23 13:37 - 67117168 _____ () C:\Users\Betrayed\AppData\Roaming\Spotify\libcef.dll
2016-07-09 13:11 - 2017-06-23 13:37 - 02253424 _____ () C:\Users\Betrayed\AppData\Roaming\Spotify\libglesv2.dll
2016-07-09 13:11 - 2017-06-23 13:37 - 00086640 _____ () C:\Users\Betrayed\AppData\Roaming\Spotify\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\hola.org -> hxxp://hola.org
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2017-06-27 14:25 - 00000002 _____ C:\Windows\system32\Drivers\etc\hosts
 
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
HKU\S-1-5-21-1719391309-1542172637-2612288240-1001\...\StartupApproved\Run: => "BlueStacks Agent"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{43280E25-5FDA-4220-A4AE-5002A736D28B}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B004BAD1-39D2-44EB-B190-2075321C648C}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{FB9ED71A-662C-455F-87E9-0A790C95A5EC}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{37271229-BE7A-47BC-BFB4-8C54924854FF}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{05F9763A-ED1A-4A80-9C2E-0F779D2D7450}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F3BF32E7-1337-46D7-89C5-72D92A81628D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B7E95E14-D16D-46B5-8867-574F60FA4F27}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{234A17CE-C1FC-40E0-B9C2-8D307AEE884E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0EF71D9A-6EBD-4FB3-B8AF-6213F01C9E46}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{EE668382-30B4-4F1B-A1AF-8C150FDF1865}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E9236B93-1444-4B91-AA69-A0DAF2F075BE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{65731801-274A-4B92-ADEE-7459398520C9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{798A58B1-B109-4ADD-8381-426C0FBD0E7E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{245F0650-001A-4902-9819-648CD12269EE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Golf With Your Friends\Golf With Your Friends.exe
FirewallRules: [{30259389-E83B-4C5D-B331-5BAA43CEF69B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{F66CEA2F-E70B-473D-90B4-B00EE0C6F7A6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\TheCulling\TheCulling_Launcher.exe
FirewallRules: [{4ED2FE8A-41F6-4816-BC4C-EC9EEAF85BB5}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{04E34E84-F003-456B-88E4-627EE82E1E7C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{7C8B5660-833E-45C2-8C6F-FD38B71BE3FA}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{69AF4406-4F7D-4D16-8168-4BC33C3201B9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{757AAA05-5B51-4F5F-AA36-12F1AB7036B9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{6F7BB62C-B54E-405F-A1F1-FEE0ABDF8650}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\EasyAntiCheat\EasyAntiCheat.exe
FirewallRules: [{C45F44B3-0D47-4A40-ACF7-F9395BE8E5D4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{25891BB6-3C4E-4F4E-B890-55A02AEF4D98}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{BAB0FB19-F5C5-4C0D-B681-2C80D499A029}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{B6717B1B-21C1-4168-A665-31FB8598F555}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\rainbowsix.exe
FirewallRules: [{D78D9F29-C391-4F4D-B44C-EB43EAD3BBF9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{A1BEA2B7-CE10-4D6E-998D-BC5D4F4C7834}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Tom Clancy's Rainbow Six Siege\RainbowSixGame.exe
FirewallRules: [{4D20DBF2-0C1E-432E-AC59-DAEBB9F28C6C}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68AD369D-B8A4-494F-83AA-1926FA3263D0}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AD5458E8-667C-458E-9FF4-2EB84ABF8C42}D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [UDP Query User{12590890-1217-4AA1-A426-BD3B1C29EA3E}D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\shatteredskies\shatteredskies.exe
FirewallRules: [TCP Query User{5E966F72-502D-4C81-954D-A28DC77BE3F0}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{EB1D1430-426B-4945-A818-02E532AE9977}D:\program files (x86)\kodi\kodi.exe] => (Allow) D:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{4F823053-4909-4AB2-9291-BD68248ADF32}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3A0DA01A-C88E-4EEE-A304-3B115F5AA62E}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\Betrayed\appdata\roaming\spotify\spotify.exe
FirewallRules: [{094A09AB-4776-424C-A2E2-C232E04F7705}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{1221CC45-8FA2-471E-9947-9E0C2BFF8D9A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Rust\Rust.exe
FirewallRules: [{47903F2F-EA33-4737-8BF8-9D5DDB4890A7}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{78B44BAC-D5E4-4A53-AC9A-5AA42A7606F6}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{75EA8C07-E02B-42B2-859D-2A041D76B6D2}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{EDEBF04E-4D77-4140-9642-0F8F955531FF}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\H1Z1 King of the Kill\LaunchPad.exe
FirewallRules: [{ADD96FA6-B2C5-4E0A-8489-756CD795492C}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{51905D0F-9C42-4DA6-A34E-896A36FEA620}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{9CC85030-5885-4EAF-81BD-3B47F7F17C6E}] => (Allow) C:\Users\Betrayed\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{A12C97BC-7E5A-4F0B-A47B-6B87058C1773}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{2127FAC9-E30B-4FB4-BDDC-07D661F068F5}] => (Allow) LPort=2869
FirewallRules: [{E696FF9E-C112-4FF2-BF34-6A7060266C46}] => (Allow) LPort=1900
FirewallRules: [{2D3695A1-326F-4523-9C8A-25B32C2DF4EC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{598F6D8E-24E5-401A-84AA-05B79FC20419}D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1EAD2AF8-5037-4106-822E-74BF9CB3CED4}D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [TCP Query User{15DBF988-5F71-4099-B7B4-CCA393546DB5}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [UDP Query User{2A8C7067-B59E-49EA-A540-10687AD386EE}C:\program files\sony\vegas pro 13.0\vegas130.exe] => (Allow) C:\program files\sony\vegas pro 13.0\vegas130.exe
FirewallRules: [{C59428CB-1F85-4957-ADB6-F8B9C42FDA22}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{3D955DC0-0228-475A-8253-724E6E51F3C4}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{45E440E8-F608-4CF0-939B-62A2569FB968}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{CA3EA36B-DBD2-4096-BD8E-7DC75DF0D7A1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{CDA5438B-5EBF-4CD0-8035-D806C3F6617A}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe
FirewallRules: [{1D8DD10C-926F-41E7-B2E7-9F796956ECEC}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe
FirewallRules: [{5D70229B-081B-4E3F-9F6B-F3A85EA32D15}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\starter.exe
FirewallRules: [{04DD16C0-B189-4C7A-A05A-9C79D0A1B256}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\starter.exe
FirewallRules: [{35D6B5A8-BBC8-4BB4-8437-C37302CFE7DE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe
FirewallRules: [{3AC0E794-A4BB-4258-8A73-9AAA95B7BCFB}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe
FirewallRules: [{221061C7-8755-4DEF-8822-67CA3FE03698}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe
FirewallRules: [{31D892F4-9BBD-45B4-B1F1-DFBD1DE1BD3E}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe
FirewallRules: [{CAEB01B5-C51A-461B-A739-C6AC5AB00FB8}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6DBADAEC-90BF-4150-9699-A1ACE2670A65}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{65BCB92C-B7A7-40AB-B562-618EAB4B0A7B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EF547CEC-C447-49E3-9CD4-1389A4015C2E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3A85E5E7-F1BB-4852-ABDF-C9C041DEC30D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3EAF9153-995F-4A07-9483-53C6687072DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{66108248-7899-4FA5-9652-D0A501EA97D4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{735D853C-757E-4787-A993-DB3669620016}D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe
FirewallRules: [UDP Query User{39BF3FC7-1DB0-4AAF-946E-062467332DA7}D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\battlegrounds\shootergame\binaries\win64\shootergame-win64-shipping.exe
FirewallRules: [{2160D76B-EB08-4EF7-8F0B-8D43C3F36EDD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [{46A5FD97-5C8F-4787-95E1-D319D0CC1857}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe
FirewallRules: [TCP Query User{3D306803-4323-4135-B7AB-1A884466D43D}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [UDP Query User{6272F8B5-5F4F-49A3-A028-7F2D061D22CA}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe
FirewallRules: [TCP Query User{B48D565B-1064-4A1E-B333-4F807DA52358}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{ACDD4940-14C5-4278-B928-392B3C2497B6}D:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) D:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{716510F5-2508-4E63-B021-D8FAB54E4A5E}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [UDP Query User{8A6DE1DC-7909-45AB-94DD-57F285AC9C7A}D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\h1z1 king of the kill\h1z1.exe
FirewallRules: [{213D75CB-C013-4ECF-BA3E-11B2401C297B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{4C95CAF3-85C6-4037-B23F-567A834C79FD}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{50AEE256-883D-4332-B58B-C80BCCCE4231}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{FD018097-6E5C-44CF-9455-4AF9D576E895}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe
FirewallRules: [{0E5379BD-D85F-4321-A400-9FD1A6A3AEAD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3493E0EA-612A-465C-99FA-1F7FF368B1DD}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BF2208F8-467B-4B5D-B728-6F4D65D12F35}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{97BBEDEF-967C-4D34-B438-D9971445F5AC}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5B116891-FCD2-4BEA-A423-C0E475A24859}] => (Allow) D:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F1D6B41D-31AB-4D7B-B7D8-56D468FE1E35}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{361D7308-9B4B-4728-8920-C023FB8D020A}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{0525ABC2-2A74-4AF9-9A48-D7ABDEA9620A}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{033CE73D-8BA2-4C62-96F7-1FE59B88B3BB}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{828E9277-E9B4-44FD-9688-53005615BAA0}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{E1920F54-4271-4054-88D8-985EA69CD803}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{5A5B3439-AB38-4242-B4C9-8457B117B963}] => (Allow) C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{63F895A9-84B3-450E-943E-D7D51B2848F4}] => (Allow) C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{14A970D5-009F-4E35-9A24-A8380BE6568C}] => (Allow) C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{A8888945-DFBA-4060-9078-E193C4EF79EA}] => (Allow) C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{4331BA20-7EEB-41DF-A634-205837C07376}] => (Allow) C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{781F9E07-A98C-40E0-814B-317021B7FEB1}] => (Allow) C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe
 
==================== Restore Points =========================
 
10-06-2017 16:28:04 Windows Update
14-06-2017 12:10:39 Windows Update
14-06-2017 12:41:00 Removed League of Legends
21-06-2017 13:29:48 Installed DirectX
 
==================== Faulty Device Manager Devices =============
 
Name: 690LC
Description: 690LC
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/27/2017 12:45:44 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Error: (06/26/2017 09:07:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: QtWebEngineProcess.exe, version: 0.0.0.0, time stamp: 0x58868bba
Faulting module name: Qt5WebEngineCore.dll, version: 5.6.0.0, time stamp: 0x58868b0b
Exception code: 0x80000003
Fault offset: 0x00a3f1d1
Faulting process ID: 0x2a90
Faulting application start time: 0x01d2eeb7ceee062c
Faulting application path: D:\Program Files (x86)\Origin\QtWebEngineProcess.exe
Faulting module path: D:\Program Files (x86)\Origin\Qt5WebEngineCore.dll
Report ID: 0db02b10-5aab-11e7-829d-d8cb8a318c74
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/26/2017 09:06:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SeriousBit.NetBalancer.Tray.exe, version: 9.4.1.0, time stamp: 0x576bb689
Faulting module name: ntdll.dll, version: 6.3.9600.18696, time stamp: 0x59153753
Exception code: 0xc0000005
Fault offset: 0x00000000000209af
Faulting process ID: 0x17d0
Faulting application start time: 0x01d2eeb7b80ea441
Faulting application path: D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report ID: fa05930f-5aaa-11e7-829d-d8cb8a318c74
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/26/2017 04:42:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ts3client_win64.exe, version: 3.1.2.0, time stamp: 0x58ee0528
Faulting module name: task_force_radio_win64.dll, version: 1.0.0.1, time stamp: 0x58e10ef2
Exception code: 0xc0000409
Fault offset: 0x00000000000f2444
Faulting process ID: 0x2684
Faulting application start time: 0x01d2ee8aa5fb3066
Faulting application path: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
Faulting module path: C:\Users\Betrayed\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll
Report ID: 18be07bb-5a86-11e7-829c-d8cb8a318c74
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/26/2017 03:43:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ts3client_win64.exe, version: 3.1.2.0, time stamp: 0x58ee0528
Faulting module name: task_force_radio_win64.dll, version: 1.0.0.1, time stamp: 0x58e10ef2
Exception code: 0xc0000409
Fault offset: 0x00000000000f2444
Faulting process ID: 0x2978
Faulting application start time: 0x01d2ee85f2bfa4eb
Faulting application path: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
Faulting module path: C:\Users\Betrayed\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll
Report ID: e1c78e30-5a7d-11e7-829c-d8cb8a318c74
Faulting package full name: 
Faulting package-relative application ID:
 
Error: (06/26/2017 12:50:07 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Error: (06/25/2017 07:52:57 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume Recovery was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (06/25/2017 01:55:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Error: (06/25/2017 12:33:06 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Error: (06/24/2017 06:28:54 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
 
System errors:
=============
Error: (06/27/2017 11:33:35 AM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Error: (06/27/2017 11:33:05 AM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (06/26/2017 09:06:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/26/2017 09:06:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (06/26/2017 12:11:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Origin Web Helper Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.
 
Error: (06/26/2017 12:11:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Error: (06/26/2017 12:10:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 02:39:22 on ‎26/‎06/‎2017 was unexpected.
 
Error: (06/25/2017 04:46:23 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Error: (06/25/2017 04:45:53 PM) (Source: DCOM) (EventID: 10010) (User: Betrayed)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Error: (06/24/2017 09:43:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-5820K CPU @ 3.30GHz
Percentage of memory in use: 34%
Total physical RAM: 16279.26 MB
Available physical RAM: 10608.71 MB
Total Virtual: 21143.26 MB
Available Virtual: 14653.45 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:232.37 GB) (Free:157.27 GB) NTFS
Drive d: () (Fixed) (Total:931.39 GB) (Free:98.79 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP

Nothing obvious.  May just have been an infected website but let's run let's run Rogue Killer and see if it finds anything we can't see

 
 
Portable 64 bits <==USE THIS ONE
 
Download and Save.
 
 
 
Right click on the downloaded file (RogueKillerX64.exe or RogueKiller.exe)  and Run As admin
 
Start Scan
Start Scan
 
Will take about 20 minutes to complete.
 
Open Report
Export TXT (save it to your desktop as rk) Save
 
Do not let Rogue Killer remove anything until you hear from me.  Leave Rogue Killer up (but minimized) so you won't have to rescan.
 
Open rk.txt and copy and paste it to your next Reply. 

  • 0

#3
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
RogueKiller V12.11.4.0 (x64) [Jun 26 2017] (Free) by Adlice Software
 
Operating System : Windows 8.1 (6.3.9600) 64 bits version
Started in : Normal mode
User : Jamie [Administrator]
Started from : D:\Users\Jamie\Desktop\RogueKiller_portable64.exe
Mode : Scan -- Date : 06/28/2017 14:56:37 (Duration : 00:28:15)
 
¤¤¤ Processes : 0 ¤¤¤
 
¤¤¤ Registry : 5 ¤¤¤
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][X])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BD584BD8-9D46-4F4B-B346-6A00849ED96C} | DhcpNameServer : 10.211.254.254 8.8.8.8 ([X][-])  -> Found
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DACC77B7-7177-45A0-8F40-D6D799727D5A} | DhcpNameServer : 192.168.1.1 0.0.0.0 ([-][])  -> Found
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
 
¤¤¤ Tasks : 0 ¤¤¤
 
¤¤¤ Files : 2 ¤¤¤
[PUP.Gen1][Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time -> Found
[PUP.Gen1][Folder] C:\Program Files (x86)\Popcorn Time -> Found
 
¤¤¤ WMI : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Samsung SSD 850 EVO 250GB +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 300 MB
1 - [MAN-MOUNT] EFI system partition | Offset (sectors): 616448 | Size: 99 MB
2 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 819200 | Size: 128 MB
3 - Basic data partition | Offset (sectors): 1081344 | Size: 237947 MB
User = LL1 ... OK
User = LL2 ... OK
 
+++++ PhysicalDrive1: WDC WD10EZEX-00BN5A0 +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - Microsoft reserved partition | Offset (sectors): 34 | Size: 128 MB
1 - Basic data partition | Offset (sectors): 264192 | Size: 953740 MB
User = LL1 ... OK
User = LL2 ... OK

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP

RK didn't find anything worth worrying about.   It always shows us the DNS settings and I know it doesn't like popcorn but if you don't mind its ads it can stay.

 

Just close it.


  • 0

#5
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

RK didn't find anything worth worrying about.   It always shows us the DNS settings and I know it doesn't like popcorn but if you don't mind its ads it can stay.

 

Just close it.

 

Thing is that it was a program pop up, there was a steam icon on the program that popped up, I closed it and the screamer started and wouldnt stop, myabe it was just steam browser not sure.


  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP

I can't see anything in my scans.  If it's related to a Steam Browser we don't have any scans that look at a Steam Browser so you would have to uninstall the browser then reinstall it.  You can try the free ESET online scan.  Takes several hours:

 

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner.  Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).  
 
# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.
 
 
Let's also try the bitdefender quickscan.  (Much quicker than ESET)
 
 
When it finishes there is a View Report option at the bottom.  Click on it and copy and paste the report (even if it says nothing found).

  • 0

#7
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

I just had a problem with my computer where I tried to open up a link which was safe (youtube) and it made my PC stutter, I restarted it and it took ages to boot and load anything up. After a couple of restarts it was back to normal but this was pretty strange.


  • 0

#8
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP

Did you run the ESET scan?

 

Let's look at the event log:

 

See if there are any clues there:

 

 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0

#9
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 29/06/2017 23:08:58
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/06/2017 19:30:16
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 26/06/2017 11:10:44
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 09/06/2017 17:48:10
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/05/2017 10:10:27
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 27/04/2017 15:05:52
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 12/03/2017 10:05:45
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 11/03/2017 11:43:17
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 03/03/2017 16:08:46
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 26/02/2017 11:49:57
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 24/02/2017 07:18:35
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 14/02/2017 10:55:27
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 28/12/2016 12:11:20
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 27/12/2016 11:22:10
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 24/12/2016 11:12:23
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 20/12/2016 20:11:58
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 01/12/2016 18:32:39
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 27/11/2016 16:18:20
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 22/11/2016 07:08:24
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 22/10/2016 10:34:26
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 21/10/2016 15:25:18
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/06/2017 19:30:57
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Origin Web Helper Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 29/06/2017 19:30:57
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Log: 'System' Date/Time: 29/06/2017 19:30:22
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 19:35:15 on ?29/?06/?2017 was unexpected.
 
Log: 'System' Date/Time: 29/06/2017 18:54:51
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Log: 'System' Date/Time: 29/06/2017 18:53:11
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 29/06/2017 18:52:41
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 29/06/2017 18:52:41
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Log: 'System' Date/Time: 29/06/2017 11:55:16
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 29/06/2017 11:54:46
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 28/06/2017 10:06:27
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 28/06/2017 10:05:57
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 28/06/2017 01:31:14
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 28/06/2017 01:30:44
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 27/06/2017 14:57:50
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 27/06/2017 14:57:20
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 27/06/2017 10:33:35
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 27/06/2017 10:33:05
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 26/06/2017 20:06:27
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Origin Web Helper Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 26/06/2017 20:06:27
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Log: 'System' Date/Time: 26/06/2017 11:11:26
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Origin Web Helper Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/06/2017 19:49:13
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
 
Log: 'System' Date/Time: 29/06/2017 19:16:12
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 29/06/2017 18:48:27
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 29/06/2017 18:43:00
Type: Warning Category: 0
Event: 1073 Source: User32
The attempt by user Betrayed\Jamie to restart/shutdown computer BETRAYED failed
 
Log: 'System' Date/Time: 29/06/2017 11:39:32
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 28/06/2017 04:58:01
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name gateway.discord.gg timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 27/06/2017 09:25:47
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 26/06/2017 23:06:18
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
 
Log: 'System' Date/Time: 26/06/2017 12:42:13
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
 
Log: 'System' Date/Time: 25/06/2017 11:43:13
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 24/06/2017 11:09:41
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 23/06/2017 12:06:12
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 22/06/2017 11:39:41
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 21/06/2017 12:26:31
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 20/06/2017 14:08:02
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name api.steampowered.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 20/06/2017 14:04:36
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name livechat.boldchat.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 20/06/2017 13:59:59
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name livechat.boldchat.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 20/06/2017 10:38:03
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 19/06/2017 12:12:23
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 18/06/2017 19:53:38
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 

  • 0

#10
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 29/06/2017 23:10:12
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/06/2017 18:41:00
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program UNKNOWN version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: 22e0  Start Time: 01d2f0f7bb6f6948  Termination Time: 10002  Application Path: UNKNOWN  Report Id: 6e52a83b-5cfa-11e7-829d-d8cb8a318c74  Faulting package full name:   Faulting package-relative application ID:  
 
Log: 'Application' Date/Time: 28/06/2017 23:33:14
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 28/06/2017 22:10:49
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ts3client_win64.exe, version: 3.1.2.0, time stamp: 0x58ee0528 Faulting module name: task_force_radio_win64.dll, version: 1.0.0.1, time stamp: 0x58e10ef2 Exception code: 0xc0000409 Fault offset: 0x00000000000f2444 Faulting process ID: 0x2dc0 Faulting application start time: 0x01d2eff82d061d15 Faulting application path: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe Faulting module path: C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll Report ID: a41d58cd-5c4e-11e7-829d-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 28/06/2017 14:24:50
Type: Error Category: 0
Event: 5000 Source: Microsoft Security Client
The event description cannot be found.
 
Log: 'Application' Date/Time: 28/06/2017 14:24:50
Type: Error Category: 0
Event: 5000 Source: Microsoft Security Client
The event description cannot be found.
 
Log: 'Application' Date/Time: 27/06/2017 23:41:05
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 26/06/2017 23:45:44
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 26/06/2017 20:07:18
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: QtWebEngineProcess.exe, version: 0.0.0.0, time stamp: 0x58868bba Faulting module name: Qt5WebEngineCore.dll, version: 5.6.0.0, time stamp: 0x58868b0b Exception code: 0x80000003 Fault offset: 0x00a3f1d1 Faulting process ID: 0x2a90 Faulting application start time: 0x01d2eeb7ceee062c Faulting application path: D:\Program Files (x86)\Origin\QtWebEngineProcess.exe Faulting module path: D:\Program Files (x86)\Origin\Qt5WebEngineCore.dll Report ID: 0db02b10-5aab-11e7-829d-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 26/06/2017 20:06:45
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SeriousBit.NetBalancer.Tray.exe, version: 9.4.1.0, time stamp: 0x576bb689 Faulting module name: ntdll.dll, version: 6.3.9600.18696, time stamp: 0x59153753 Exception code: 0xc0000005 Fault offset: 0x00000000000209af Faulting process ID: 0x17d0 Faulting application start time: 0x01d2eeb7b80ea441 Faulting application path: D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report ID: fa05930f-5aaa-11e7-829d-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 26/06/2017 15:42:45
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ts3client_win64.exe, version: 3.1.2.0, time stamp: 0x58ee0528 Faulting module name: task_force_radio_win64.dll, version: 1.0.0.1, time stamp: 0x58e10ef2 Exception code: 0xc0000409 Fault offset: 0x00000000000f2444 Faulting process ID: 0x2684 Faulting application start time: 0x01d2ee8aa5fb3066 Faulting application path: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe Faulting module path: C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll Report ID: 18be07bb-5a86-11e7-829c-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 26/06/2017 14:43:57
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ts3client_win64.exe, version: 3.1.2.0, time stamp: 0x58ee0528 Faulting module name: task_force_radio_win64.dll, version: 1.0.0.1, time stamp: 0x58e10ef2 Exception code: 0xc0000409 Fault offset: 0x00000000000f2444 Faulting process ID: 0x2978 Faulting application start time: 0x01d2ee85f2bfa4eb Faulting application path: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe Faulting module path: C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll Report ID: e1c78e30-5a7d-11e7-829c-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 25/06/2017 23:50:07
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 25/06/2017 18:52:57
Type: Error Category: 0
Event: 257 Source: Microsoft-Windows-Defrag
The volume Recovery was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)
 
Log: 'Application' Date/Time: 25/06/2017 00:55:57
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 24/06/2017 23:33:06
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 24/06/2017 17:28:54
Type: Error Category: 1
Event: 2006 Source: Microsoft-Windows-LocationProvider
There was an error with the Windows Location Provider database
 
Log: 'Application' Date/Time: 24/06/2017 11:10:32
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: QtWebEngineProcess.exe, version: 0.0.0.0, time stamp: 0x58868bba Faulting module name: Qt5WebEngineCore.dll, version: 5.6.0.0, time stamp: 0x58868b0b Exception code: 0x80000003 Fault offset: 0x00a3f1d1 Faulting process ID: 0x2710 Faulting application start time: 0x01d2ecda7cd5037a Faulting application path: D:\Program Files (x86)\Origin\QtWebEngineProcess.exe Faulting module path: D:\Program Files (x86)\Origin\Qt5WebEngineCore.dll Report ID: bca952b3-58cd-11e7-829b-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 24/06/2017 11:10:16
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SeriousBit.NetBalancer.Tray.exe, version: 9.4.1.0, time stamp: 0x576bb689 Faulting module name: ntdll.dll, version: 6.3.9600.18696, time stamp: 0x59153753 Exception code: 0xc0000005 Fault offset: 0x0000000000037fcc Faulting process ID: 0x3850 Faulting application start time: 0x01d2ecda6eb8204f Faulting application path: D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report ID: b2fe514c-58cd-11e7-829b-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 24/06/2017 00:43:27
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 23/06/2017 12:06:20
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/05/2017 15:08:09
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.
 
Log: 'Application' Date/Time: 01/05/2017 07:50:45
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6 with error 0x80070057.
 
Log: 'Application' Date/Time: 01/05/2017 07:50:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe' (pid 7948) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 01/05/2017 07:50:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 8976) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 29/04/2017 20:04:25
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe' (pid 5788) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 13/04/2017 10:43:25
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace root\standardcimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/04/2017 10:43:25
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace root\standardcimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/04/2017 10:43:25
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace root\standardcimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 12/04/2017 17:35:35
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 2860) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 11/04/2017 12:35:24
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.
 
Log: 'Application' Date/Time: 16/03/2017 00:35:07
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\taskhost.exe' (pid 11924) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 09/03/2017 16:07:56
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.
 
Log: 'Application' Date/Time: 09/03/2017 16:07:49
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.
 
Log: 'Application' Date/Time: 05/03/2017 18:29:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe' (pid 14812) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 05/03/2017 18:29:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 8948) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 05/03/2017 18:29:33
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe' (pid 6668) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 19/02/2017 11:13:57
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe' (pid 10692) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 19/02/2017 11:13:49
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe' (pid 10136) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 10/02/2017 17:47:01
Type: Warning Category: 0
Event: 2 Source: NVIDIA OpenGL Driver
The NVIDIA OpenGL driver has not been able to initialize
a connection with the GPU. This might be due to out of memory error,
an exhaustion of system resources or too many graphical applications running.
The application will not render correctly.
 
Log: 'Application' Date/Time: 18/01/2017 16:10:13
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.

  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP

I don't like this one:

 

 
Event: 1002 Source: Application Hang

The program UNKNOWN version 0.0.0.0 stopped interacting with Windows and was closed. 

 

 

 

See if you can get Malwarebytes Anti-Rootkit BETA to run.

 

https://www.malwareb...om/antirootkit/

 

Save it then right click on the file and Run As Admin.  Follow the instructions at the bottom of the download page.


  • 0

#12
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

No malware found.


  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,788 posts
  • MVP
Open an elevated command prompt:
 
 
 
If you open an elevated command prompt it will by default open in c:\Windows\system32
 
Once you have an elevated command prompt:
 
Now Type(with an Enter after each line):
 
 DISM  /Online  /Cleanup-Image  /RestoreHealth
 
 (I use two spaces so you can be sure to see where one space goes.)
This will take a while to complete.  Once the prompt returns:
 
Reboot.  Open an elevated Command Prompt again and type (with an Enter after the line):
 
sfc  /scannow
 
 
 
This will also take a few minutes.  
 
When it finishes it will say one of the following:
 
Windows did not find any integrity violations (a good thing)
Windows Resource Protection found corrupt files and repaired them (a good thing)
Windows Resource Protection found corrupt files but was unable to fix some (or all) of them (not a good thing)
 
If you get the last result then type:
 
findstr  /c:"[SR]"  \windows\logs\cbs\cbs.log  >  \junk.txt 
 
Hit Enter.  Then type::
 
 
notepad  \junk.txt 
 
Hit Enter. 
 
 Copy the text from notepad and paste it into a reply.
 
 
After you finish SFC, regardless of the result:
 
 
 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

  • 0

#14
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 30/06/2017 13:35:55
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 29/06/2017 19:30:16
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 26/06/2017 11:10:44
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 09/06/2017 17:48:10
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 19/05/2017 10:10:27
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 27/04/2017 15:05:52
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 12/03/2017 10:05:45
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 11/03/2017 11:43:17
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 03/03/2017 16:08:46
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 26/02/2017 11:49:57
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 24/02/2017 07:18:35
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 14/02/2017 10:55:27
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 28/12/2016 12:11:20
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 27/12/2016 11:22:10
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 24/12/2016 11:12:23
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 20/12/2016 20:11:58
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 01/12/2016 18:32:39
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 27/11/2016 16:18:20
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 22/11/2016 07:08:24
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 22/10/2016 10:34:26
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
Log: 'System' Date/Time: 21/10/2016 15:25:18
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/06/2017 12:19:14
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Origin Web Helper Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 30/06/2017 12:19:14
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Log: 'System' Date/Time: 30/06/2017 00:49:12
Type: Error Category: 0
Event: 36887 Source: Schannel
A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.
 
Log: 'System' Date/Time: 29/06/2017 19:30:57
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Origin Web Helper Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 29/06/2017 19:30:57
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Origin Web Helper Service service to connect.
 
Log: 'System' Date/Time: 29/06/2017 19:30:22
Type: Error Category: 0
Event: 6008 Source: EventLog
The previous system shutdown at 19:35:15 on ?29/?06/?2017 was unexpected.
 
Log: 'System' Date/Time: 29/06/2017 18:54:51
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Windows Error Reporting Service service to connect.
 
Log: 'System' Date/Time: 29/06/2017 18:53:11
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 29/06/2017 18:52:41
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The Steam Client Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
 
Log: 'System' Date/Time: 29/06/2017 18:52:41
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Log: 'System' Date/Time: 29/06/2017 11:55:16
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 29/06/2017 11:54:46
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 28/06/2017 10:06:27
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 28/06/2017 10:05:57
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 28/06/2017 01:31:14
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 28/06/2017 01:30:44
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 27/06/2017 14:57:50
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 27/06/2017 14:57:20
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 27/06/2017 10:33:35
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.
 
Log: 'System' Date/Time: 27/06/2017 10:33:05
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 30/06/2017 11:59:03
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name win8.ipv6.microsoft.com. timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 30/06/2017 11:58:56
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 29/06/2017 19:49:13
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
 
Log: 'System' Date/Time: 29/06/2017 19:16:12
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 29/06/2017 18:48:27
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 29/06/2017 18:43:00
Type: Warning Category: 0
Event: 1073 Source: User32
The attempt by user Betrayed\Jamie to restart/shutdown computer BETRAYED failed
 
Log: 'System' Date/Time: 29/06/2017 11:39:32
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 28/06/2017 04:58:01
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name gateway.discord.gg timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 27/06/2017 09:25:47
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 26/06/2017 23:06:18
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
 
Log: 'System' Date/Time: 26/06/2017 12:42:13
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WudfRd failed to load for the device SWD\SensorsAndLocationEnum\LPSensorSWDevice.
 
Log: 'System' Date/Time: 25/06/2017 11:43:13
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 24/06/2017 11:09:41
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 23/06/2017 12:06:12
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 22/06/2017 11:39:41
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 21/06/2017 12:26:31
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 
 
Log: 'System' Date/Time: 20/06/2017 14:08:02
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name api.steampowered.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 20/06/2017 14:04:36
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name livechat.boldchat.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 20/06/2017 13:59:59
Type: Warning Category: 1014
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name livechat.boldchat.com timed out after none of the configured DNS servers responded.
 
Log: 'System' Date/Time: 20/06/2017 10:38:03
Type: Warning Category: 0
Event: 27 Source: e1dexpress
Intel® Ethernet Connection (2) I218-V  Network link is disconnected. 

  • 0

#15
Betrayed

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts
Vino's Event Viewer v01c run on Windows 7 in English
Report run at 30/06/2017 13:36:25
 
Note: All dates below are in the format dd/mm/yyyy
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 29/06/2017 23:12:52
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 29/06/2017 22:55:38
Type: Error Category: 1
Event: 2006 Source: Microsoft-Windows-LocationProvider
There was an error with the Windows Location Provider database
 
Log: 'Application' Date/Time: 29/06/2017 18:41:00
Type: Error Category: 101
Event: 1002 Source: Application Hang
The program UNKNOWN version 0.0.0.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.  Process ID: 22e0  Start Time: 01d2f0f7bb6f6948  Termination Time: 10002  Application Path: UNKNOWN  Report Id: 6e52a83b-5cfa-11e7-829d-d8cb8a318c74  Faulting package full name:   Faulting package-relative application ID:  
 
Log: 'Application' Date/Time: 28/06/2017 23:33:14
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 28/06/2017 22:10:49
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ts3client_win64.exe, version: 3.1.2.0, time stamp: 0x58ee0528 Faulting module name: task_force_radio_win64.dll, version: 1.0.0.1, time stamp: 0x58e10ef2 Exception code: 0xc0000409 Fault offset: 0x00000000000f2444 Faulting process ID: 0x2dc0 Faulting application start time: 0x01d2eff82d061d15 Faulting application path: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe Faulting module path: C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll Report ID: a41d58cd-5c4e-11e7-829d-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 28/06/2017 14:24:50
Type: Error Category: 0
Event: 5000 Source: Microsoft Security Client
The event description cannot be found.
 
Log: 'Application' Date/Time: 28/06/2017 14:24:50
Type: Error Category: 0
Event: 5000 Source: Microsoft Security Client
The event description cannot be found.
 
Log: 'Application' Date/Time: 27/06/2017 23:41:05
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 26/06/2017 23:45:44
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 26/06/2017 20:07:18
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: QtWebEngineProcess.exe, version: 0.0.0.0, time stamp: 0x58868bba Faulting module name: Qt5WebEngineCore.dll, version: 5.6.0.0, time stamp: 0x58868b0b Exception code: 0x80000003 Fault offset: 0x00a3f1d1 Faulting process ID: 0x2a90 Faulting application start time: 0x01d2eeb7ceee062c Faulting application path: D:\Program Files (x86)\Origin\QtWebEngineProcess.exe Faulting module path: D:\Program Files (x86)\Origin\Qt5WebEngineCore.dll Report ID: 0db02b10-5aab-11e7-829d-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 26/06/2017 20:06:45
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SeriousBit.NetBalancer.Tray.exe, version: 9.4.1.0, time stamp: 0x576bb689 Faulting module name: ntdll.dll, version: 6.3.9600.18696, time stamp: 0x59153753 Exception code: 0xc0000005 Fault offset: 0x00000000000209af Faulting process ID: 0x17d0 Faulting application start time: 0x01d2eeb7b80ea441 Faulting application path: D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report ID: fa05930f-5aaa-11e7-829d-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 26/06/2017 15:42:45
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ts3client_win64.exe, version: 3.1.2.0, time stamp: 0x58ee0528 Faulting module name: task_force_radio_win64.dll, version: 1.0.0.1, time stamp: 0x58e10ef2 Exception code: 0xc0000409 Fault offset: 0x00000000000f2444 Faulting process ID: 0x2684 Faulting application start time: 0x01d2ee8aa5fb3066 Faulting application path: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe Faulting module path: C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll Report ID: 18be07bb-5a86-11e7-829c-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 26/06/2017 14:43:57
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: ts3client_win64.exe, version: 3.1.2.0, time stamp: 0x58ee0528 Faulting module name: task_force_radio_win64.dll, version: 1.0.0.1, time stamp: 0x58e10ef2 Exception code: 0xc0000409 Fault offset: 0x00000000000f2444 Faulting process ID: 0x2978 Faulting application start time: 0x01d2ee85f2bfa4eb Faulting application path: D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe Faulting module path: C:\Users\Jamie\AppData\Roaming\TS3Client\plugins\task_force_radio_win64.dll Report ID: e1c78e30-5a7d-11e7-829c-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 25/06/2017 23:50:07
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 25/06/2017 18:52:57
Type: Error Category: 0
Event: 257 Source: Microsoft-Windows-Defrag
The volume Recovery was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)
 
Log: 'Application' Date/Time: 25/06/2017 00:55:57
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 24/06/2017 23:33:06
Type: Error Category: 0
Event: 78 Source: SideBySide
Activation context generation failed for "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe".Error in manifest or policy file "" on line . A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest. Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
 
Log: 'Application' Date/Time: 24/06/2017 17:28:54
Type: Error Category: 1
Event: 2006 Source: Microsoft-Windows-LocationProvider
There was an error with the Windows Location Provider database
 
Log: 'Application' Date/Time: 24/06/2017 11:10:32
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: QtWebEngineProcess.exe, version: 0.0.0.0, time stamp: 0x58868bba Faulting module name: Qt5WebEngineCore.dll, version: 5.6.0.0, time stamp: 0x58868b0b Exception code: 0x80000003 Fault offset: 0x00a3f1d1 Faulting process ID: 0x2710 Faulting application start time: 0x01d2ecda7cd5037a Faulting application path: D:\Program Files (x86)\Origin\QtWebEngineProcess.exe Faulting module path: D:\Program Files (x86)\Origin\Qt5WebEngineCore.dll Report ID: bca952b3-58cd-11e7-829b-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
Log: 'Application' Date/Time: 24/06/2017 11:10:16
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: SeriousBit.NetBalancer.Tray.exe, version: 9.4.1.0, time stamp: 0x576bb689 Faulting module name: ntdll.dll, version: 6.3.9600.18696, time stamp: 0x59153753 Exception code: 0xc0000005 Fault offset: 0x0000000000037fcc Faulting process ID: 0x3850 Faulting application start time: 0x01d2ecda6eb8204f Faulting application path: D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report ID: b2fe514c-58cd-11e7-829b-d8cb8a318c74 Faulting package full name:  Faulting package-relative application ID: 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 11/05/2017 15:08:09
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.
 
Log: 'Application' Date/Time: 01/05/2017 07:50:45
Type: Warning Category: 0
Event: 8303 Source: Microsoft-Windows-System-Restore
Scoping unsuccessful for shadowcopy \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy6 with error 0x80070057.
 
Log: 'Application' Date/Time: 01/05/2017 07:50:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'D:\Program Files\NetBalancer\SeriousBit.NetBalancer.Tray.exe' (pid 7948) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 01/05/2017 07:50:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 8976) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 29/04/2017 20:04:25
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files\Sony\Vegas Pro 13.0\vegas130.exe' (pid 5788) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 13/04/2017 10:43:25
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace root\standardcimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/04/2017 10:43:25
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace root\standardcimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 13/04/2017 10:43:25
Type: Warning Category: 0
Event: 63 Source: Microsoft-Windows-WMI
A provider, NetEventPacketCapture, has been registered in the Windows Management Instrumentation namespace root\standardcimv2 to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.
 
Log: 'Application' Date/Time: 12/04/2017 17:35:35
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 2860) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 11/04/2017 12:35:24
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.
 
Log: 'Application' Date/Time: 16/03/2017 00:35:07
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\System32\taskhost.exe' (pid 11924) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 09/03/2017 16:07:56
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.
 
Log: 'Application' Date/Time: 09/03/2017 16:07:49
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.
 
Log: 'Application' Date/Time: 05/03/2017 18:29:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe' (pid 14812) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 05/03/2017 18:29:43
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Windows\explorer.exe' (pid 8948) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 05/03/2017 18:29:33
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe' (pid 6668) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 19/02/2017 11:13:57
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe' (pid 10692) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 19/02/2017 11:13:49
Type: Warning Category: 0
Event: 10010 Source: Microsoft-Windows-RestartManager
Application 'C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe' (pid 10136) cannot be restarted - Application SID does not match Conductor SID..
 
Log: 'Application' Date/Time: 10/02/2017 17:47:01
Type: Warning Category: 0
Event: 2 Source: NVIDIA OpenGL Driver
The NVIDIA OpenGL driver has not been able to initialize
a connection with the GPU. This might be due to out of memory error,
an exhaustion of system resources or too many graphical applications running.
The application will not render correctly.
 
Log: 'Application' Date/Time: 18/01/2017 16:10:13
Type: Warning Category: 0
Event: 1032 Source: MsiInstaller
An error occurred while refreshing environment variables updated during the installation of ''. Some users logged on to the machine may not see these changes until they log off and then log back on again.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP