Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. You could configure multiple scheduled scans. That might help you to accomplish what you're trying to do. For example, if you want to run a Threat Scan (referred to in the new v4 interface as the 'Quick scan') every time the system starts up, you can schedule it to run on reboot and you can also use the advanced options to configure it to try and run again if a scheduled scan is missed (or you can optionally disable this setting if you want to ensure that missed scans are ignored so that you don't have multiple stacked up missed scans trying to run at the same time; though I believe it will only execute one scan in that case but the Product team would have to confirm as I haven't tested it) and you can schedule an additional daily scan if you wish, set to run at a time that you are typically at your computer but later in the day so that it runs much later than your startup scan that way you get at least 2 scans per day on a typical day if that is what you are trying to accomplish (though frankly, even a single daily scan seems a bit excessive to me personally, and if I were to use the scheduler I'd probably set it to maybe once a week at most). I believe they do have logic in the scheduler to prevent multiple scans from being scheduled to run at the same time, however I don't know how it handles it if a scan is already running when a second scan is supposed to begin, but I'm guessing it would simply skip it or delay it to run it once the current scan completes if the second scan is configured to run at the next opportunity if missed.
  3. Thanks for your interest, Maurice, but, as I have explained in my very first text, the "Forgot password? (In blue)" feature does not work at least for my email address. I'm coping and pasting my original text: "But I have forgotten my password." "Anytime I click on "Forgot password?" and insert my email address I don't receive any new temporary password." "I have checked my SPAM folder, just in case, but there's no email with any data from Malwarebytes." "I have clicked so many times that I have been banned for one hour." Thanks again, Juan
  4. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  5. Hello All I recently installed the latest MBAM, Malwarebytes 3, and I clicked "Scan Now". All the fields would be empty, like in the attached picture. I've tried installing and running Malwarebytes support tool, restarting, reinstalling, and a bunch of other common troubleshooting tips. I'm running Windows 10.
  6. If that doesn't work and you still wish to disable it then let us know and we can likely assist you with that, but either way it doesn't appear to be malware or anything malicious so it's up to you.
  7. Greetings, It appears that the block is coming from a software called BSD Application Updater made by a company called Bootstrap Software Development. Based on your description it sounds like it is from one of their applications running in the background and likely executing some kind of update check or telemetry check-in on a regular schedule. I located the following information from their website which describes a couple of different ways to disable the application updater if you wish to:
  8. Thanks. I did a bit of research on the IPs that were blocked and the ports they were trying to connect to and they are associated with some known vulnerabilities and exploits/attacks so I would suggest going ahead and making sure that your system is clean by reading and following the instructions in this topic and then creating a new topic in our malware removal area including the requested logs and information by clicking here and one of our malware removal specialists will assist you in checking your system and clearing it of any threats that might be present. I hope that I am just being overly cautious, but it's best to play it safe and go ahead and get the system checked to make sure. If there is anything else we might assist you with please let us know. Thanks
  9. Hi @DSperber - Can you please attach the following file? C:\ProgramData\Malwarebytes\MBAMService\Logs\MBAMService.log
  10. Today
  11. Hi, I can check for any remnant items that may still be around. I need to see the logs from the Farbar program.
  12. ***This is an automated reply*** Hi, Thanks for posting in the Malwarebytes 3 Help forum. If you are having technical issues with our Windows product, please do the following: If you are having licensing issues, please do the following: Thanks in advance for your patience. -The Malwarebytes Forum Team
  13. I use Malware Bytes Premium 3.8.3.My computer runs Windows 10 Pro and uses Eset 12.2.23.0 for AV. Beginning on 09/18/2019 I began receiving a "Website blocked" Type Outbound, Category Trojan to 52.3.64.241:57801 every 1.5 hours. I have attached the text notification from MalwareBytes. I have run AV scans in admin mode and Malwarebytes scans with everything coming back clean. 52.3.64.241 comes back as registered to Amazon but the domain is listed as ws.bootstrapdevelopment.com. I am unsure of next steps and if I should be concerned. bootstrap.txt
  14. Greetings, Thank you for your feedback. Regarding Scan Scheduler "Quick": I agree that scanning on an hourly basis is far too frequent and does not make sense under any scenario. I have my current "quick" scan being tested at 1 hour and can become somewhat annoying at times. Perhaps an alternate solution would be: (1) "Repeat" -> Start up (2) below this option "Repeat" -> Start up + 4 Hours (3) below this option "Repeat" Weekly etc.. (4) Is it possible given cost effectiveness (Cost/Benefit considerations) to develop an algorithm to warn the user that there is a conflict within the schedules (Custom / Normal / Quick). This could give the user time to adjust the "Scan Scheduler" to fit within the acceptable parameters of Malwarebytes. If the user still does not take care of the problem, then a possible "error" message with the consequence of at least one of the "Type" schedules not functioning. Regarding "tray icon and context menu" - sounds good.
  15. Kevin, Sorry it took longer this time. I ran RogueKiller and it deleted four things. The log is attached. After that, I let my computer sit for a while without chrome open, and during that time I did not see any of these cloud1.pw popups. Some time after re-opening chrome, I did get one again. Malwarebytes did not show any website blocks. roguekiller log.txt
  16. Thank you so much for the comeback! MUCH appreciated!!!!!!!! I have followed “Setting Rendering Options for Best Performance.” In fact, I was able to max out everything & still got 30+ frames, depending on where I was flying. Flying over a densely populated area like Los Angeles reduced frame rates, but that is expected—I’m asking the computer to do a lot more work over LAX than if I’m flying over Nebraska. FYI: my 27” iMac has 32GB of RAM & the Radeon Pro 580 w 8192 MB, all running on High Sierra. I had Mal-bytes when I had X-P on my Dell gaming tower, & I could run a scan of my own design—targeting specific files / folders. Is there a way to do this on the version we’re using now? That seems to be what I need to do. However.... Seems that if Mal-bytes has scanned this program, wherever it is located, & I’m still having a problem, then that would seem to say that I have a corrupted file somewhere inside that folder that is taking up far too much RAM / Video RAM. PITA tho it may be, perhaps the best solution, short of being able to scan just this folder / program, would be to uninstall & reinstall. Answer to the “can I scan just this folder / program” question would be most helpful. Thanks, again, for your input!!!!!!!!!!!!!!!!! Michael
  17. I am downloading malware but when I run it I get this message? What can I do to get passed this? Both buttons take me to Windows security but not sure what to do there.
  18. please help solve the problem. I will provide any logs
  19. Thanks to 1PW, exile360 I downloaded 6.047 ... taking a guess that this was the last XP supported version. Ha! She found 75 items. Nothing in the high risk class, but I rewarded the old girl by allowing her to clean out almost all the suggestions ✌️ Thanks Porthos That was exactly what happened. I guess the level of concern rose, when I tried to run ADWcleaner, and found that it wouldn't run. Best wishes...
  20. Hello @Johnwesley and Please run the following steps and post back the logs as an attachment when ready. STEP 01 If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. If you don't have Malwarebytes 3 installed yet please download it from here and install it. Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button. Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply. If Malwarebytes won't run then please skip to the next step and let me know on your next reply. STEP 02 Please download AdwCleaner by Malwarebytes and save the file to your Desktop. Right-click on the program and select Run as Administrator to start the tool. Accept the Terms of use. Wait until the database is updated. Click Scan Now. When finished, please click Clean & Repair. Your PC should reboot now if any items were found. After reboot, a log file will be opened. Copy its content into your next reply. RESTART THE COMPUTER Before running Step 3 STEP 03 Please download the Farbar Recovery Scan Tool and save it to your desktop. Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit Double-click to run it. When the tool opens, click Yes to disclaimer. Press the Scan button. It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply. The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a checkmark here. Please attach the Additions.txt log to your reply as well. Thanks Ron
  21. I'm performing an in-place Windows 7 -> Windows 10 upgrade for a friend. A ways into the preliminary "getting ready" steps there is a popup from Malwarebytes claiming that a ransomware thread has been blocked. Unfortunately, this is a SetupHost.exe file from the Win10 upgrade, so the upgrade simply stops. The file is quarantined. I have restored the file, and added an exclusion for it. I hope this time the upgrade gets past this obstacle. -Ransomware Details- File: 1 Malware.Ransom.Agent.Generic, C:\$WINDOWS.~BT\Sources\SetupHost.exe, Quarantined, [0], [392685],0.0.0 False-Ransomware.txt
  22. Yes Kevin it helps, thank you, Just to clarify, a system image will backup the entire drive? all users and pictures, documents, etc? and would I need to purchase a windows 7 home premium installation disk to do the repair install?
  23. Hello, sorry i can´t find not the Log by me. I have only the combofix.exe, No a file this the name Colobox ( i hve renamned it) and a folder, this the Name combofix, but the folder is empty, on C:. MAM
  24. Those sites are common, It is usually just a browser lock. It can be mitigated just as you did by ending the browser process. They usually use scare tactics to get you to call "Microsoft" to fix an issue that does not exist on your computer. Those sites do not "infect" the computer unless you call the phone number and allow the scammers access to your computer.
  25. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-09-2019 01 Ran by NatesPC (21-09-2019 23:44:45) Running from C:\Users\trApwhore\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\TempState\Downloads Windows 10 Pro Version 1903 18362.356 (X64) (2019-09-16 10:38:25) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2463636829-2393173763-3756376473-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-2463636829-2393173763-3756376473-503 - Limited - Enabled) Guest (S-1-5-21-2463636829-2393173763-3756376473-501 - Limited - Enabled) NatesPC (S-1-5-21-2463636829-2393173763-3756376473-1004 - Administrator - Enabled) => C:\Users\trApwhore WDAGUtilityAccount (S-1-5-21-2463636829-2393173763-3756376473-504 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2463636829-2393173763-3756376473-1004\...\uTorrent) (Version: 3.5.5.45341 - BitTorrent Inc.) AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.16 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{D8561EEF-2B90-4BDB-B197-16E96924E6AA}) (Version: 1.7.29.0115 - Advanced Micro Devices, Inc.) Hidden AMD_Chipset_Drivers (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 1.7.29.0115 - Advanced Micro Devices, Inc.) Apex Legends (HKLM-x32\...\{D7FBF176-382D-484E-863A-DFD1124A2A1C}) (Version: 1.0.2.0 - Electronic Arts, Inc.) ASUS Aac_NBDT HAL (HKLM\...\{01D3B7AA-D078-4506-B460-60877FCDDBD6}) (Version: 2.3.4.0 - ASUSTek COMPUTER INC.) Hidden ASUS Aac_NBDT HAL (HKLM-x32\...\{e8758547-b06a-4534-a291-d9062d2a6bf6}) (Version: 2.3.4.0 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Display Component (HKLM\...\{AFD1CF98-FE97-434C-A095-9F27C5BEA53C}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Display Component (HKLM-x32\...\{b8af8e27-5c72-412c-bab7-dc6430e70f1b}) (Version: 1.1.23 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA Extension Card HAL (HKLM\...\{2C39FF80-1BB2-42C5-A58D-DC90EFF048F6}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Extension Card HAL (HKLM-x32\...\{e46f527f-1e64-4554-abc1-115f3429c25c}) (Version: 1.0.16 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM\...\{A3C4120D-8096-4307-91A2-FFE37EBD5A3D}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Headset Component (HKLM-x32\...\{7f23d3ea-a821-4293-b7f7-34383bf06437}) (Version: 1.2.4 - ASUSTek COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM\...\{D800D836-DE15-4B00-8273-521F022CD837}) (Version: 1.0.50 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Motherboard HAL (HKLM-x32\...\{12b6811a-dcdb-43c1-b3e4-80aef31134c5}) (Version: 1.0.50 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Odd Component (HKLM\...\{B5E322FB-C191-463E-BDDD-4F22290EDFDB}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden ASUS AURA Odd Component (HKLM-x32\...\{277875e0-972c-4705-b09c-ca5acf5b2f7c}) (Version: 1.0.8 - ASUSTeK COMPUTER INC.) Hidden ASUS Aura SDK (HKLM\...\{CF8E6E00-9C03-4440-81C0-21FACB921A6B}) (Version: 3.03.38 - ASUSTek COMPUTER INC.) Hidden ASUS AURA VGA Component (HKLM\...\{71BB96A6-EAC4-45AE-A17D-D3ED43FF1D14}) (Version: 0.0.2.0 - ASUSTek COMPUTER INC. ) Hidden ASUS AURA VGA Component (HKLM-x32\...\{55c3ae30-56f9-48ea-a96d-1fad2739e1a2}) (Version: 0.0.2.0 - ASUSTek COMPUTER INC. ) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{3507c756-a80f-4b0e-8475-975d8b432176}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden ASUS GLCKIO2 Driver (HKLM-x32\...\{5960FD0F-BB3B-49AF-B175-F77DC91E995A}) (Version: 1.0.20 - ASUSTeK Computer Inc.) Hidden ASUS Keyboard HAL (HKLM\...\{0FA0CDEE-5DC8-421E-A97D-C74FA6E66FC3}) (Version: 1.0.37 - ASUSTek COMPUTER INC.) Hidden ASUS Keyboard HAL (HKLM-x32\...\{ae71a627-f426-4c18-afc9-b379b0e88f97}) (Version: 1.0.37 - ASUSTek COMPUTER INC.) Hidden ASUS MB Peripheral Products (HKLM\...\{BFED9861-7D96-4528-89F1-B090ABBF11A7}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden ASUS MB Peripheral Products (HKLM-x32\...\{a3a1beb0-9f5b-4b4e-8cfa-ef25842faf55}) (Version: 1.0.30 - ASUSTeK Computer Inc.) Hidden ASUS Mouse HAL (HKLM\...\{1838F91B-D481-45AA-B92F-071C62D0A19A}) (Version: 1.0.39 - ASUSTek COMPUTER INC.) Hidden ASUS Mouse HAL (HKLM-x32\...\{d25743f5-a12e-4fa8-a426-6ee9c7b2ef9c}) (Version: 1.0.39 - ASUSTek COMPUTER INC.) Hidden ASUS MousePad HAL (HKLM\...\{723B40A4-5BF2-4DC6-834A-2ADF75F3CF7E}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden ASUS MousePad HAL (HKLM-x32\...\{3fb92594-5d14-44b6-aa83-5e9823daa7e8}) (Version: 1.0.1.1 - ASUSTek COMPUTER INC.) Hidden AURA (HKLM-x32\...\{5899CD4F-8764-4303-A0D9-C60A62CFC24F}) (Version: 1.07.71 - ASUSTeK Computer Inc.) AURA DRAM Component (HKLM\...\{3881F403-B6B7-4D2F-BDAC-7901EB677F52}) (Version: 1.0.30 - ASUS) Hidden AURA DRAM Component (HKLM-x32\...\{e6f373bb-3881-463c-bd1a-3c948b067041}) (Version: 1.0.30 - ASUS) Hidden AURA Service (HKLM-x32\...\{0E536061-3B55-4D45-BF58-0BDA261C94B0}) (Version: 3.03.56 - ASUSTeK Computer Inc.) Hidden AURA Service (HKLM-x32\...\{fae81274-d8ce-4fcf-a8c8-2c1d949df742}) (Version: 3.03.56 - ASUSTeK Computer Inc.) Balanced (HKLM-x32\...\{0EA45DD4-A825-420C-AFED-C659EFE3B84F}) (Version: 4.00.0000 - Advanced Micro Devices, Inc.) Hidden Battlefield™ V (HKLM-x32\...\{e26b382f-e945-4f70-9318-121b683f1d61}) (Version: 1.0.61.51714 - Electronic Arts) Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.51.0 - Bethesda Softworks) Corsair AURA DRAM Component (HKLM\...\{376E0869-A4F1-4DC7-A1FD-EBF3AFFEB832}) (Version: 1.0.12 - CORSAIR COMPONENTS INC.) Hidden Corsair AURA DRAM Component (HKLM-x32\...\{7f2fddab-1f7d-4301-b534-6723e6315fe1}) (Version: 1.0.12 - CORSAIR COMPONENTS INC.) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.11.0.0940 - Disc Soft Ltd) ENE IO Driver (HKLM-x32\...\{D0512FFD-6194-4D2E-967E-25B82A3322FF}) (Version: 2.0.8 - ENE TECHNOLOGY INC.) Hidden ENE RGB HAL (HKLM\...\{87316426-A33E-41E9-942B-968E928A9A47}) (Version: 1.00.10 - Ene Tech.) Hidden ENE RGB HAL (HKLM-x32\...\{de9f7705-d509-49a2-90f2-29a80ff3b785}) (Version: 1.00.10 - Ene Tech.) Hidden ENE_EHD_M2_HAL (HKLM\...\{1CD178C9-BB49-4E59-9DA6-3C152E2A9844}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden ENE_EHD_M2_HAL (HKLM-x32\...\{fe81cfd3-9db4-409d-b0f9-26707d1423c6}) (Version: 1.00.01 - ENE TECHNOLOGY INC.) Hidden Epic Games Launcher (HKLM-x32\...\{5B340CD5-07E3-41AA-9117-0A0EC863E454}) (Version: 1.1.220.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden GALAX GAMER RGB (HKLM\...\{06A16AA8-BBA7-4362-962E-16651962D87C}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Hidden GALAX GAMER RGB (HKLM-x32\...\{1257fdeb-ffa3-4e17-9d4b-189075ea3656}) (Version: 1.00.02 - Galaxy Microsystems Ltd.) Intel(R) Network Connections 24.2.0.0 (HKLM\...\PROSetDX) (Version: 24.2.0.0 - Intel) Kingston AURA DRAM Component (HKLM\...\{6D2D2DAF-BFE4-45A6-BF40-8A9F7FF54F42}) (Version: 1.0.15 - KINGSTON COMPONENTS INC.) Hidden Kingston AURA DRAM Component (HKLM-x32\...\{83d4c398-3b93-4ab0-95f0-6091b0a2f601}) (Version: 1.0.15 - KINGSTON COMPONENTS INC.) Hidden Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Malwarebytes version 3.8.3.2965 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.8.3.2965 - Malwarebytes) Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.14.26429 (HKLM-x32\...\{80586c77-db42-44bb-bfc8-7aebbb220c00}) (Version: 14.14.26429.4 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM-x32\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation) Mozilla Firefox 69.0 (x64 en-US) (HKLM\...\Mozilla Firefox 69.0 (x64 en-US)) (Version: 69.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 69.0 - Mozilla) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation) NVIDIA Graphics Driver 436.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.30 - NVIDIA Corporation) NVIDIA HD Audio Driver 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA PhysX System Software 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Patriot Viper RGB (HKLM\...\{E42E13B0-071E-49C1-B1CC-58198E82F302}) (Version: 1.00.06 - Patriot Memory) Hidden Patriot Viper RGB (HKLM-x32\...\{72d8889e-2136-423e-b16f-aa8db820adad}) (Version: 1.00.06 - Patriot Memory) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8468 - Realtek Semiconductor Corp.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN) WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH) Packages: ========= HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_100.1.581.0_x64__v10z8vjag6ke6 [2019-09-03] (HP Inc.) Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-31] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-08-31] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\microsoft.advertising.xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-08-31] (Microsoft Corporation) [MS Ad] MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-10] (Microsoft Corporation) [MS Ad] NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.955.0_x64__56jybvy8sckqj [2019-08-31] (NVIDIA Corp.) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{4410DC33-BC7C-496B-AA84-4AEA3EEE75F7}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileCoAuthLib64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File CustomCLSID: HKU\S-1-5-21-2463636829-2393173763-3756376473-1004_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll => No File ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-08-31] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2019-08-31] (AVB Disc Soft, SIA -> Disc Soft Ltd) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_22f76d3b12d7bde2\nvshext.dll [2019-09-06] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1_S-1-5-21-2463636829-2393173763-3756376473-1004: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ContextMenuHandlers4_S-1-5-21-2463636829-2393173763-3756376473-1004: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ContextMenuHandlers5_S-1-5-21-2463636829-2393173763-3756376473-1004: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Users\trApwhore\AppData\Local\Microsoft\OneDrive\19.152.0801.0008\amd64\FileSyncShell64.dll -> No File ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2019-08-31 03:02 - 2019-08-31 03:00 - 006065152 _____ () [File not signed] C:\Program Files (x86)\ASUS\AsusFanControlService\2.00.76\libprotobufd.dll 2019-06-19 09:43 - 2019-06-19 09:43 - 000207872 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\AacHal_x86.dll 2018-03-20 14:34 - 2018-03-20 14:34 - 000265728 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE RGB HAL\x86\SB_SMBUS_SDK.dll 2019-06-28 10:51 - 2019-06-28 10:51 - 000184832 _____ () [File not signed] C:\Program Files\ENE\Aac_ENE_EHD_M2_HAL\AacHal_x86.dll 2018-09-20 09:39 - 2018-09-20 09:39 - 000156672 _____ () [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\AacHal_x86.dll 2019-03-07 13:48 - 2019-03-07 13:48 - 000156672 _____ () [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\AacHal_x86.dll 2019-05-06 16:07 - 2019-05-06 16:07 - 002831360 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\LightingService\log4cxx.dll 2018-09-20 09:08 - 2018-09-20 09:08 - 000053760 _____ (MS) [File not signed] C:\Program Files\Galaxy\Aac_GALAX GAMER RGB\MsIo32_Galax.dll 2019-03-07 13:35 - 2019-03-07 13:35 - 000053248 _____ (MS) [File not signed] C:\Program Files\Patriot\Aac_Patriot Viper RGB\MsIo32_Patriot.dll 2019-06-28 16:23 - 2019-06-28 16:23 - 000428544 _____ (TODO: <Company name>) [File not signed] C:\Program Files\ASUS\Aac_Keyboard\AacKbHal_x86.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2019-08-31 03:08 - 2019-08-31 03:06 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2463636829-2393173763-3756376473-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\trApwhore\OneDrive\Pictures\Wallpapers\STRIX_QHD_2560x1440_511.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == If an entry is included in the fixlist, it will be removed. HKLM\...\StartupApproved\Run32: => "ASUS Ai Charger" HKLM\...\StartupApproved\Run32: => "RamCache II " HKU\S-1-5-21-2463636829-2393173763-3756376473-1004\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-2463636829-2393173763-3756376473-1004\...\StartupApproved\Run: => "DAEMON Tools Lite Automount" HKU\S-1-5-21-2463636829-2393173763-3756376473-1004\...\StartupApproved\Run: => "EpicGamesLauncher" HKU\S-1-5-21-2463636829-2393173763-3756376473-1004\...\StartupApproved\Run: => "Speech Recognition" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [TCP Query User{D3F3FF23-D571-4172-B5B3-C949DDEC11C2}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (NVIDIA GameStream Server -> Respawn Entertainment) [File not signed] FirewallRules: [UDP Query User{7B583567-7396-466B-8CF3-442B70B9256F}C:\program files (x86)\origin games\apex\r5apex.exe] => (Allow) C:\program files (x86)\origin games\apex\r5apex.exe (NVIDIA GameStream Server -> Respawn Entertainment) [File not signed] FirewallRules: [TCP Query User{FCCD5A5C-0487-447F-8CFE-AB1F5416EFBD}A:\origin games\battlefield v\bfv.exe] => (Allow) A:\origin games\battlefield v\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [UDP Query User{D264691A-CB09-4B7C-A386-3CA2957AA235}A:\origin games\battlefield v\bfv.exe] => (Allow) A:\origin games\battlefield v\bfv.exe (Electronic Arts, Inc. -> EA Digital Illusions CE AB) FirewallRules: [TCP Query User{045E6245-7BAB-4690-90D3-714F560C1855}C:\users\trapwhore\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\trapwhore\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [UDP Query User{B8EE5E58-C980-4F1C-A100-948DBA931346}C:\users\trapwhore\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\trapwhore\appdata\roaming\utorrent\utorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{F192E228-F589-4637-9722-FEF2D712F065}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{2FBC4329-88AB-4F6B-A617-354B041579C8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{3AA4D021-D62E-432A-9420-4A89446669A0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{A9B86F91-44F6-4B61-ABD6-18CDFF490DCF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{1ED6BD15-FB91-4F7A-A604-DA676416C8F3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed] FirewallRules: [{194DBC21-B3A2-437F-BD84-1057B28A7608}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe (Psyonix, Inc) [File not signed] ==================== Restore Points ========================= 16-09-2019 07:15:27 Windows Update 19-09-2019 09:10:49 Installed ASUS Ai Charger 21-09-2019 18:38:58 Asus Sonic Studio 3 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (09/21/2019 11:42:40 PM) (Source: VSS) (EventID: 8194) (User: ) Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. . This is often caused by incorrect security settings in either the writer or requestor process. Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {37e0a02d-9e53-4606-8749-764c14d1ddcd} Error: (09/21/2019 06:41:14 PM) (Source: VSS) (EventID: 13) (User: ) Description: Volume Shadow Copy Service information: The COM Server with CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} and name CEventSystem cannot be started. [0x8007045b, A system shutdown is in progress. ] Error: (09/21/2019 06:11:33 PM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. Error: (09/21/2019 06:03:43 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Origin.exe, version: 10.5.47.29954, time stamp: 0x5d6ff09f Faulting module name: libcurl.dll_unloaded, version: 7.59.0.0, time stamp: 0x5ab4389f Exception code: 0xc0000005 Fault offset: 0x000350a4 Faulting process id: 0x22f8 Faulting application start time: 0x01d570e189c5d9e5 Faulting application path: C:\Program Files (x86)\Origin\Origin.exe Faulting module path: libcurl.dll Report Id: b42e8093-c4d3-4ca0-a648-070809b1354b Faulting package full name: Faulting package-relative application ID: Error: (09/21/2019 06:03:40 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: Origin.exe, version: 10.5.47.29954, time stamp: 0x5d6ff09f Faulting module name: MSVCR120.dll_unloaded, version: 12.0.21005.1, time stamp: 0x524f7ce6 Exception code: 0xc00001a5 Fault offset: 0x0001a0d5 Faulting process id: 0x22f8 Faulting application start time: 0x01d570e189c5d9e5 Faulting application path: C:\Program Files (x86)\Origin\Origin.exe Faulting module path: MSVCR120.dll Report Id: f0b5364d-a556-488d-a0b5-37cec11d2601 Faulting package full name: Faulting package-relative application ID: Error: (09/16/2019 10:39:32 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: HxOutlook.exe, version: 16.0.11901.20180, time stamp: 0x5d3c154a Faulting module name: Office.UI.Xaml.Hx.Mail.dll, version: 16.0.11901.20184, time stamp: 0x5d3cc832 Exception code: 0xc0000005 Fault offset: 0x0000000000199dbd Faulting process id: 0x18e0 Faulting application start time: 0x01d56cb44eb8264b Faulting application path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\HxOutlook.exe Faulting module path: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Hx.Mail.dll Report Id: 798320c5-8265-4f54-a79c-48c63a75eb52 Faulting package full name: microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe Faulting package-relative application ID: microsoft.windowslive.mail Error: (09/16/2019 09:02:10 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: DESKTOP-484E7DC) Description: Unable to open the Server service performance object. The first four bytes (DWORD) of the Data section contains the status code. Error: (09/16/2019 04:15:04 AM) (Source: SecurityCenter) (EventID: 17) (User: ) Description: Security Center failed to validate caller with error %1. System errors: ============= Error: (09/21/2019 11:35:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The AppVClient service terminated with the following service-specific error: There is no MTS object context Error: (09/21/2019 11:35:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The shpamsvc service terminated with the following error: Catastrophic failure Error: (09/21/2019 11:35:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AsSysCtrlService service failed to start due to the following error: The system cannot find the file specified. Error: (09/21/2019 11:35:06 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The UevAgentService service terminated with the following service-specific error: The storage control blocks were destroyed. Error: (09/21/2019 11:34:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Modules Installer service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. Error: (09/21/2019 11:34:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Disc Soft Lite Bus Service service terminated unexpectedly. It has done this 1 time(s). Error: (09/21/2019 11:34:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The NVIDIA LocalSystem Container service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. Error: (09/21/2019 11:34:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The LightingService service terminated unexpectedly. It has done this 1 time(s). Windows Defender: =================================== Date: 2019-09-21 23:17:34.744 Description: Controlled Folder Access blocked C:\Program Files (x86)\RamCache II\Uninstall.exe from making changes to memory. Detection time: 2019-09-22T06:17:34.743Z Path: \Device\HarddiskVolume4 Process Name: C:\Program Files (x86)\RamCache II\Uninstall.exe Security intelligence Version: 1.301.1974.0 Engine Version: 1.1.16300.1 Product Version: 4.18.1908.7 Date: 2019-09-21 22:44:42.803 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {F89E9F86-1A6F-46E3-B873-1536D0778CBF} Scan Type: Antimalware Scan Parameters: Quick Scan Date: 2019-09-21 18:52:00.403 Description: C:\Program Files (x86)\Overwolf\0.134.0.26\OWCleanup.exe has been blocked from modifying %userprofile%\Desktop by Controlled Folder Access. Detection time: 2019-09-22T01:52:00.402Z Path: %userprofile%\Desktop Process Name: C:\Program Files (x86)\Overwolf\0.134.0.26\OWCleanup.exe Security intelligence Version: 1.301.1896.0 Engine Version: 1.1.16300.1 Product Version: 4.18.1908.7 Date: 2019-09-21 18:40:38.851 Description: C:\ProgramData\Caphyon\Advanced Installer\{CF8E6767-AF00-47A9-9F68-C583556BE3D9}\setup.exe has been blocked from modifying %common_desktop%\ by Controlled Folder Access. Detection time: 2019-09-22T01:40:38.851Z Path: %common_desktop%\ Process Name: C:\ProgramData\Caphyon\Advanced Installer\{CF8E6767-AF00-47A9-9F68-C583556BE3D9}\setup.exe Security intelligence Version: 1.301.1896.0 Engine Version: 1.1.16300.1 Product Version: 4.18.1908.7 Date: 2019-09-21 18:36:57.580 Description: Windows Defender Antivirus scan has been stopped before completion. Scan ID: {C747A59C-8A3F-4516-AD4D-3705E94E9813} Scan Type: Antimalware Scan Parameters: Full Scan Date: 2019-09-16 18:16:15.749 Description: Windows Defender Antivirus has encountered an error trying to update security intelligence. New security intelligence Version: Previous security intelligence Version: 1.301.1445.0 Update Source: Microsoft Update Server Security intelligence Type: AntiVirus Update Type: Full Current Engine Version: Previous Engine Version: 1.1.16300.1 Error code: 0x80240438 Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. CodeIntegrity: =================================== Date: 2019-09-21 23:41:34.619 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-09-21 23:38:08.023 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-09-21 23:36:50.455 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-09-21 23:36:49.345 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-09-21 23:36:38.391 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-09-21 23:36:37.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-09-21 23:36:34.599 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. Date: 2019-09-21 23:36:34.312 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe) attempted to load \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements. ==================== Memory info =========================== BIOS: American Megatrends Inc. 2605 08/06/2019 Motherboard: ASUSTeK COMPUTER INC. ROG STRIX B450-F GAMING Processor: AMD Ryzen 5 2600X Six-Core Processor Percentage of memory in use: 22% Total physical RAM: 16314.71 MB Available physical RAM: 12634.6 MB Total Virtual: 18746.71 MB Available Virtual: 13194.7 MB ==================== Drives ================================ Drive a: (HDD) (Fixed) (Total:465.76 GB) (Free:333.24 GB) NTFS Drive 😄 () (Fixed) (Total:222.21 GB) (Free:29.12 GB) NTFS \\?\Volume{ea8e6346-9ae7-4621-806d-355b06093f7b}\ (Recovery) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS \\?\Volume{0b4f2328-8e0a-4437-9aa8-58a298faf0e8}\ () (Fixed) (Total:0.81 GB) (Free:0.38 GB) NTFS \\?\Volume{9488dfbb-5358-4c63-b60e-650e39efeb8d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (Size: 465.8 GB) (Disk ID: D2790CAD) Partition: GPT. ==================== End of Addition.txt ============================
  1. Load more activity
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.