View Single Post
  #39  
Old March 2nd, 2019, 03:21 PM
evanandrew3333 evanandrew3333 is offline
Banned
 
Join Date: Feb 2019
Posts: 79
Task: {931BFB6B-43B7-48FD-ABBD-BBE9F8E87B19} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1214944576-273379327-1179527443-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {98643E9A-3100-4C82-B8F2-2479E6D0CD79} - System32\Tasks\{D075CA06-AD03-4A8F-A6C2-80849C413FE7} => C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Task: {9926F9E7-085E-4357-8802-CFD443A58E87} - System32\Tasks\{C48EE6B2-B124-4668-99B3-32FE44C84236} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {9B2C4C46-85A6-4E37-9DDB-0C759EBB5DD2} - System32\Tasks\{22AB7CB5-E2D6-47FB-89CB-F7DD4645C3D0} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {9C8C785D-6236-4CFB-8C1F-672EDA75AB3F} - System32\Tasks\{5E551F7B-6C63-4A60-B16C-F7139979B0FC} => C:\Program Files (x86)\GOG.com\Imperial Glory\ImperialGlory.exe
Task: {9D3D9A68-16EE-40B4-9F69-1962FCF5C974} - System32\Tasks\{1853B9A2-B520-42EA-8540-8D11FBD4550A} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\JavaSetup6u30.exe -d C:\Windows\system32
Task: {9EDCA184-073F-4723-962F-9E4944A17DDE} - System32\Tasks\{C6B2519B-FD6F-42D0-9921-BBD29210F098} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe -d C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf
Task: {A5E30CFD-D984-4449-B5B7-8D4BD44F21B4} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_ 0_0_142_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A9544911-6457-4023-B0ED-B6C3914E8B6D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {AA1C1554-4C46-476B-B90B-D77EA92EA72A} - System32\Tasks\{294337F2-906B-49FB-BE87-B9BEA7AE8D74} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{5BAC798E-FA02-4251-B850-FF37E1FA7CC4}\setup.exe" -d "C:\Program Files (x86)\InstallShield Installation Information\{5BAC798E-FA02-4251-B850-FF37E1FA7CC4}"
Task: {ABA1791F-492F-42F5-832B-936BAC84D4B3} - System32\Tasks\{08F30E53-59FB-4B06-AF7D-3F1755874511} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\Civ4v161.exe -d C:\Windows\system32
Task: {AC350091-875E-43F4-A72A-ED4D524E3840} - System32\Tasks\{7DAECC71-F0B4-4F66-A8A7-92D755D560EB} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {ADF8B210-75CF-40FC-AD30-3BF4B5783353} - System32\Tasks\{62B6BB08-9DF6-430C-AB6F-B3AFE449E9AB} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {B3B041B6-A0B3-4858-AF1C-B2AA02DCEB24} - System32\Tasks\{EFAC76D2-CBD2-48F2-BFDE-B69355B790EE} => C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe (THQ Canada Inc. -> THQ Canada Inc.)
Task: {B592A8D6-D56B-4A6C-ACC6-A9227447A38B} - System32\Tasks\{6D50D271-AF03-416C-AA26-D3F45DAACD03} => C:\Program Files (x86)\PANZERS - Phase2\Run\Panzers_Phase_2.exe
Task: {B6619EE6-852A-4B31-B142-09AA3886E15E} - System32\Tasks\{7FCEF96A-C000-4D67-B40E-CD8B35DED455} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\GameRangerSetup(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {B8B5ECE2-D5AE-48A2-A694-CED2EDA5394E} - System32\Tasks\{0CF645FF-1AF6-4E05-B815-C4F159C80A58} => C:\Windows\system32\pcalua.exe -a "C:\Users\beatcat\Desktop\Company of Heroes- Tales of Valor\Setup.exe" -d "C:\Users\beatcat\Desktop\Company of Heroes- Tales of Valor"
Task: {BB9E20F0-A4AA-41C4-93E6-22FE76FA8465} - System32\Tasks\{D1F4CF87-99D5-471F-8B1B-AD48ECCE7BC6} => C:\Users\beatcat\Desktop\Games\ctp2.exe
Task: {BD1244CA-E1AA-4CDF-A9C1-9AB3153AE5D3} - System32\Tasks\{6D45DF5E-380D-4A7D-8F59-DE34CB67E7B2} => C:\Program Files (x86)\GOG.com\IL-2 Sturmovik 1946\il2fb.exe
Task: {BDD55C4B-FEDC-4FE6-BA3C-DCCDC9F371AB} - System32\Tasks\{55DF7917-9717-4224-AF45-87F86A5949DC} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {BE9D874F-8DAE-4F23-A13C-5FA812D28553} - System32\Tasks\{36E76C9C-33D6-441C-9B14-305A6A21995A} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {C080811C-87FA-4A92-B746-3BDE1729A281} - System32\Tasks\{227D324E-ADD9-4714-89F6-44D9A524B6B9} => C:\Program Files (x86)\GOG.com\Imperial Glory\ImperialGlory.exe
Task: {C0D237EB-E8F8-4C0F-BBE2-70B5137EB121} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {C2D5B192-8DED-4F5D-838D-5A50DE0FD58C} - System32\Tasks\{40009517-DF8E-4047-80DC-F8C35193DCFF} => C:\Windows\system32\pcalua.exe -a E:\setup.exe -d E:\
Task: {C3A9DC12-0C55-4371-A150-4CBF3C8C9C9B} - System32\Tasks\{C0806817-6357-4165-9292-6F63F70C8D05} => C:\Windows\system32\pcalua.exe -a "J:\Program Files\AnyDVD more trouble\AnyDVD\ExecuteWithUAC.exe" -d "J:\Program Files\AnyDVD more trouble\AnyDVD"
Task: {C76447E4-E159-47BC-A44F-44BE8426FB4A} - System32\Tasks\{DB5719FF-E3BC-49B6-92F8-CDA3CDEF5F0D} => C:\Users\beatcat\Desktop\Empire Earth\Empire Earth.exe
Task: {C92A0933-951C-4418-859E-C95EAF0341EC} - System32\Tasks\{2D8A58DF-350F-4D4C-8656-FBF49D348B07} => C:\Windows\system32\pcalua.exe -a E:\Setup.exe -d E:\
Task: {D202BBC3-6F96-451B-A61A-C6572478EAE4} - System32\Tasks\{5418C855-C725-4C78-9D32-8F51277B5898} => E:\SETUP\ENGLISH\SETUP.EXE
Task: {D5453437-9C88-4A37-AA9F-A0936351E9F4} - System32\Tasks\{F70334A4-7013-4D99-8A12-573A82B222D1} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {D7718B91-ABA1-474C-8C7A-CB33448B8E0F} - System32\Tasks\{71410954-DF81-41DE-8716-9E7932A6F958} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/15230
Task: {D8A93CB9-8B03-4BE9-880F-3DE4F1A494A2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe (HP Inc. -> HP Inc.)
Task: {DDC3F84E-F745-46E9-9A16-BF13ED7E8D85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {E0B7446A-3013-40FE-A6BF-70B368315BBE} - System32\Tasks\{5AAE3448-273D-46A6-A153-9CA366B348F0} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\GameRangerSetup(2).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {E0F5AC29-D2A8-4E47-AAAE-486C96D99E22} - System32\Tasks\HPCeeScheduleForbeatcat => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe (HP Inc. -> HP Inc.)
Task: {E12BADB3-5E12-4158-A214-6BD18CD6C24F} - System32\Tasks\{75C58183-7560-4756-B2C1-915BD9EAC739} => C:\Windows\system32\pcalua.exe -a C:\Users\beatcat\Downloads\Xvid-1.2.1-04122008(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {E1708AC4-E23A-4B6C-B336-E57FF56E6CA8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {E2BE4015-97F8-46F1-87DA-80EAE1461857} - System32\Tasks\{2ECBE3DE-547E-4D77-BAA9-C34825E45C9E} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {E32079F9-8603-4B2B-8ACC-435EF18D06B8} - System32\Tasks\{A8896C4F-726B-4373-ACAA-CEC30076B462} => E:\SETUP\ENGLISH\SETUP.EXE
Task: {E3F4A74B-83F8-4744-9BFD-08B4AB5FACE6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe (HP Inc. -> HP Inc.)
Task: {E4BB2CF1-D570-4E1B-8430-43BE662C1505} - System32\Tasks\{20BB2548-64D3-4C51-8FEB-87205A54ACE4} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {E9EEE5D6-69AA-44F4-8588-A1C0E13F2A57} - System32\Tasks\{1A2A40F3-0775-4C08-8BAD-FB525B06CB4A} => C:\Users\beatcat\Downloads\CompanyOfHeroesOpposing Fronts_English_ddmf\Setup.exe (THQ Canada Inc. -> THQ Canada Inc.)
Task: {EEDAE7BB-909E-4702-B14C-035F61ACD0FF} - System32\Tasks\{7DEC482E-5A65-4F83-BC3D-DE9DBD4E2D94} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {EEF94BB0-E476-4E42-A281-411997F591CC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe (HP Inc. -> HP Inc.)
Task: {EFE6AF4D-BCE2-4F5E-8FFF-51D49AB8E546} - System32\Tasks\{B69F8BA5-E10B-4BA9-9CF2-1D0350CD0222} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/4.2.0.166.272/en/abandoninstall?page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {F61B920E-C4A3-4853-AF97-B3BC5C669F82} - System32\Tasks\{B8D753B3-1B82-4CA4-B541-F30C28572291} => C:\Program Files (x86)\Infogrames Interactive\Civilization III\Civilization3.exe () [File not signed]
Task: {FCA5CE8F-7865-488A-B9A6-38D0CEF45C78} - System32\Tasks\{06B2CA6E-D09A-40C3-B278-31D59B50850A} => C:\Program Files (x86)\Microsoft Games\Rise Of Legends\legends.exe
Task: {FD6FABCB-CBAE-4D7B-8FEE-A075C4CF8D95} - System32\Tasks\{88C91B33-B1C2-478C-A1CC-119AA5222976} => C:\Users\beatcat\Desktop\Games\Company of Heroes- Tales of Valor\Autorun.exe (THQ Canada Inc. -> THQ Canada Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForbeatcat.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-08-06 10:15 - 2010-08-06 10:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 10:15 - 2010-08-06 10:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2012-09-18 12:15 - 2012-09-18 12:15 - 008525728 ____H (Error3: CryptCATAdminCalcHashFromFileHandle failed to return cbHash, #2 -> Electronic Arts, Inc.) [File not signed] C:\Program Files (x86)\Monopoly\monopolywin.exe
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files (x86)\hp\digital imaging\bin\hpqcxs08.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000138752 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libpng15.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000075264 _____ (Zlib) [File not signed] C:\Program Files (x86)\Monopoly\zlib1.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000032768 _____ () [File not signed] C:\Program Files (x86)\Monopoly\alut.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000029184 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libvorbisfile.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 000017920 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libogg.dll
2014-01-08 11:00 - 2012-09-13 19:05 - 001624576 _____ () [File not signed] C:\Program Files (x86)\Monopoly\libvorbis.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:2CB9631F [134]
AlternateDataStreams: C:\ProgramData\Temp:6764D965 [460]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.

IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1214944576-273379327-1179527443-1000\...\123simsen.com -> www.123simsen.com

There are 7942 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2018-10-21 11:16 - 000454816 ____R C:\Windows\system32\drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15609 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\J ava\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoo t%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowe rShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\;c:\Program Files (x86)\Common Files\Roxio Shared\12.0\DLLShared\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\QuickTime\QTSystem\;C:\Program Files (x86)\Calibre2\
HKU\S-1-5-21-1214944576-273379327-1179527443-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\beatcat\AppData\Roaming\Microsoft\Windows \Themes\TranscodedWallpaper.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: ACDaemon => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: bthserv => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: GalaxyCommunication => 3
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: HPClientSvc => 2
MSCONFIG\Services: HPSLPSVC => 2
MSCONFIG\Services: HPSupportSolutionsFrameworkService => 2
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: pdfcDispatcher => 2
MSCONFIG\Services: RoxioNow Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodecPackTrayMenu.lnk => C:\Windows\pss\CodecPackTrayMenu.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Works Calendar Reminders.lnk => C:\Windows\pss\Microsoft Works Calendar Reminders.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^beatcat^AppData^Roaming^Microsoft^Windows ^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: AnyDVD => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ArcSoft Connection Service => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
MSCONFIG\startupreg: CCleaner Smart Cleaning => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Codec Pack Update Checker => "C:\Windows\system32\Codecs\UpdateChecker.exe"
MSCONFIG\startupreg: Codec Settings UAC Manager => "C:\Windows\system32\Codecs\CodecUACManager.ex e"
MSCONFIG\startupreg: Comrade.exe => C:\Program Files (x86)\GameSpy\Comrade\Comrade.exe
MSCONFIG\startupreg: Discord => C:\Users\beatcat\AppData\Local\Discord\app-0.0.304\Discord.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: GOGDownloader => "C:\Users\beatcat\Documents\gogdownloader_0901376\ GOGDownloader.exe" /minimized
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: iCloudDrive => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
MSCONFIG\startupreg: igndlm.exe => C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Microsoft Works Portfolio => C:\Program Files (x86)\Microsoft Works\WksSb.exe /AllUsers
MSCONFIG\startupreg: Microsoft Works Update Detection => C:\Program Files (x86)\Microsoft Works\WkDetect.exe
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: Skype for Desktop => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: snp2std => C:\Windows\vsnp2std.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
MSCONFIG\startupreg: WorksFUD => C:\Program Files (x86)\Microsoft Works\wkfud.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3B1A0EB0-0BE1-44D5-827B-8A812E7ABF55}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8C81FF89-5A54-4F52-A8C0-BFC192E63DEB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C3CA126B-1BF3-4259-975D-EC04BEEDE89D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{9DD09435-9489-49B7-A123-170C355456E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5F425BFC-9B1E-453C-86CB-0D6F3A6D6D6A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{85EADD90-6157-4418-871A-EAA3276C603D}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{E082A3C7-EB39-4813-9EE8-A043F27B3D4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ogre\Ogre.exe () [File not signed]
FirewallRules: [{5AC52F89-BFD8-4B3B-8FE9-2A91379C94AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Ogre\Ogre.exe () [File not signed]
FirewallRules: [{29D31D65-7441-4FDF-9C8E-AAE61A9AECD5}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{15AECC1F-74B4-4FB8-A14D-9ED0F59707B3}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{74BFBCA3-1429-42AD-BE0F-BF663709C735}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{68B2EBF1-DDCC-449C-8A80-5853D39AA595}] => (Allow) C:\Program Files\pia_manager\pia_manager.exe No File
FirewallRules: [{B7A95BAB-6480-4FD2-95ED-EF5ADA72ED3F}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe No File
FirewallRules: [{8DF47870-117A-4DDD-ADAF-11A17E0E3C81}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Screen Recorder\Apowersoft Free Screen Recorder.exe No File
FirewallRules: [TCP Query User{6EBD9521-ED82-4D80-A883-2DAA8B8FB7D5}C:\program files\itunes\itunes.exe] => (Block) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [UDP Query User{B7376F44-6E20-45AF-AB59-457704035BBF}C:\program files\itunes\itunes.exe] => (Block) C:\program files\itunes\itunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F20DD5AE-E6C9-4FC5-8F49-18A4CCD6C525}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{F2D18ED8-D5EF-44D0-B116-2734D0E78231}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{AC4545FB-B44D-4854-B680-8A3B5E3618E4}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1347BB47-0B9C-486D-A3B1-1A8E7A0A527E}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5FD114F2-D6EF-4715-B200-E18BE36AA220}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{02AB7049-B922-492D-BDF9-0F221FDE0694}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{AF03FED6-2163-45D9-A2D6-62D56FC16C0E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [{ADAD7637-E182-412E-9CE9-12576C22C19E}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe No File
FirewallRules: [TCP Query User{63114C7A-C437-440F-BEBB-58E386B6151E}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{3A582666-12D6-4E6A-82E9-B4981273BBFC}C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\company of heroes\relicdownloader\relicdownloader.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [{9352A71D-B0E9-41B9-B2AC-3FD26EA7A764}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\company of heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{0E1F4F55-2FA6-4042-97F4-5F1391DC4BA8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\company of heroes\RelicCOH.exe (THQ Canada Inc. -> THQ Canada Inc.)
FirewallRules: [{54103766-1CCF-463F-8C4F-7F5CA47DCB46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{5C09489C-FD22-496B-B613-016FA234FDBF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe (Bethesda Softworks) [File not signed]
FirewallRules: [{939F0445-1284-477E-B01C-A66AC7A7F783}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{8764215F-9D0B-4AF4-9E17-7A2754221495}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dawn of War Soulstorm\Soulstorm.exe (Relic Entertainment, Inc. -> Sega Corporation)
FirewallRules: [{E3547861-2332-4F1D-92A8-43932B2ADD4A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe No File
FirewallRules: [{CA66F132-36A9-4634-9320-50C77AB0F762}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6582149F-C93D-412D-8BAD-4B15E57E5313}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A926A5B3-F822-4FE2-8984-10839B80AC93}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{8F8D7659-F2CD-4F82-A785-13411860A3C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{80A93997-E474-48BF-9C02-D6784AF40718}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{8AACAE9F-E470-43D2-A7B1-D66ABA58248D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{5337273C-CE64-4AD1-BAAF-20A216D8744E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad\mow_assault_squad.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{3DC898BA-5668-4D71-842F-EC20C497E816}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Men of War Assault Squad\mow_assault_squad.exe (Digitalmindsoft) [File not signed]
FirewallRules: [{31AB5CBA-A855-4FC5-AF29-2ECAC395A81E}] => (Allow) C:\Program Files\BlueStacks\HD-Player.exe No File
FirewallRules: [{00EB342C-ECC5-4834-867D-D13583F359CB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

23-02-2019 14:58:59 Windows Update
24-02-2019 22:37:31 Windows Update
28-02-2019 05:56:01 Windows Update

==================== Faulty Device Manager Devices =============

Name: X5XSEx_Pr143
Description: X5XSEx_Pr143
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: X5XSEx_Pr143
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/01/2019 05:08:45 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SDScan.exe version 2.7.64.191 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1bf4

Start Time: 01d4cfefd067afbe

Termination Time: 190

Application Path: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

Report Id:

Error: (02/28/2019 08:32:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19267 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 19c

Start Time: 01d4cf6231f5039d

Termination Time: 54

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (02/24/2019 04:49:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19267 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1c8c

Start Time: 01d4cc8aa903c4f4

Termination Time: 6

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (02/24/2019 04:02:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.19267, time stamp: 0x5c4b95a4
Faulting module name: KERNELBASE.dll, version: 6.1.7601.24354, time stamp: 0x5c356365
Exception code: 0xc0000005
Fault offset: 0x0003612f
Faulting process id: 0xf68
Faulting application start time: 0x01d4cc4624a25ece
Faulting application path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Faulting module path: C:\Windows\syswow64\KERNELBASE.dll
Report Id: 6f69a267-3877-11e9-a0b0-78acc0ab88c9

Error: (02/19/2019 10:42:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19267 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1900

Start Time: 01d4c8cd48abab4d

Termination Time: 80

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (02/19/2019 09:24:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AdblockPlusEngine.exe, version: 1.6.0.0, time stamp: 0x586bc0f5
Faulting module name: AdblockPlusEngine.exe, version: 1.6.0.0, time stamp: 0x586bc0f5
Exception code: 0x40000015
Fault offset: 0x00000000002cbaee
Faulting process id: 0x660
Faulting application start time: 0x01d4c8bd0b3644ec
Faulting application path: C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
Faulting module path: C:\Program Files\Adblock Plus for IE\AdblockPlusEngine.exe
Report Id: ad9c5b38-34b6-11e9-96c4-78acc0ab88c9

Error: (02/18/2019 07:59:21 AM) (Source: HPSupportSolutionsFrameworkService) (EventID: 0) (User: )
Description: Service cannot be started. The service process could not connect to the service controller

Error: (02/17/2019 04:40:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.19267 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 111c

Start Time: 01d4c6cb0e3a06c0

Termination Time: 4500

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:


System errors:
=============
Error: (03/01/2019 08:39:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx_Pr143 service failed to start due to the following error:
The system cannot find the path specified.

Error: (03/01/2019 08:39:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (03/01/2019 08:39:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (03/01/2019 08:39:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AODDriver4.1 service failed to start due to the following error:
The system cannot find the file specified.

Error: (03/01/2019 08:39:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:37:44 PM on ‎3/‎1/‎2019 was unexpected.

Error: (03/01/2019 12:06:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The X5XSEx_Pr143 service failed to start due to the following error:
The system cannot find the path specified.

Error: (03/01/2019 12:06:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (03/01/2019 12:06:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.


Windows Defender:
===================================
Date: 2016-01-14 14:25:06.926
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?link...threatid=17559
Name:MonitoringTool:Win32/TotalSpy
ID:17559
Severity:Severe
Category:Monitoring Software
Path Found:file:C:\Program Files (x86)\FK_Monitor\service.exe;processid:872,Proce ssStart:130972728286255228;regkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe;runkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2015-12-29 12:08:05.389
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?link...threatid=17559
Name:MonitoringTool:Win32/TotalSpy
ID:17559
Severity:Severe
Category:Monitoring Software
Path Found:file:C:\Program Files (x86)\FK_Monitor\service.exe;processid:3992,Proc essStart:130958821948117540;regkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe;runkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:

Date: 2015-12-29 03:35:52.455
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?link...threatid=17559
Name:MonitoringTool:Win32/TotalSpy
ID:17559
Severity:Severe
Category:Monitoring Software
Path Found:file:C:\Program Files (x86)\FK_Monitor\service.exe;processid:3044,Proc essStart:130952885708360678;regkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe;runkey:HKCU@S-1-5-21-1214944576-273379327-1179527443-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN \\service.exe
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe

Date: 2015-12-29 02:53:23.369
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?link...threatid=17559
Name:MonitoringTool:Win32/TotalSpy
ID:17559
Severity:Severe
Category:Monitoring Software
Path Found:file:C:\Program Files (x86)\FK_Monitor\service.exe;processid:3044,Proc essStart:130952885708360678
Detection Type:Concrete
Detection Source:System
Status:Unknown
Process Name:C:\Windows\System32\svchost.exe

Date: 2016-05-12 03:42:06.789
Description:
%1 engine has been terminated due to an unexpected error.
Failure Type:%5
Exception code:%6
Resource:%3

Date: 2012-02-04 14:31:21.303
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2011-09-16 12:52:29.082
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

==================== Memory info ===========================

Processor: AMD Athlon(tm) II X4 640 Processor
Percentage of memory in use: 95%
Total physical RAM: 3839.29 MB
Available physical RAM: 182.59 MB
Total Virtual: 9595.43 MB
Available Virtual: 4307.13 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.5 GB) (Free:9.61 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.91 GB) (Free:1.53 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (MAD_MAX_FURY_ROAD) (CDROM) (Total:7.67 GB) (Free:0 GB) UDF

\\?\Volume{7a04a5c1-5d3d-11e0-9091-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 931.5 GB) (Disk ID: 49087E48)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================